Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RiViRhF7WTpStNpq-UlBDjC1APY.roa
File: RiViRhF7WTpStNpq-UlBDjC1APY.roa (raw, json)
Hash identifier: 42kopeVs5i5xhw0yuRn9Qp0ia2ZDs2YZkiqxIs26BxA=
Subject key identifier: 46:25:62:46:11:7B:59:3A:52:B4:DA:6A:F9:49:41:0E:30:B5:00:F6
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E8052A1F474C985FFD1D5B4ED54307
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RiViRhF7WTpStNpq-UlBDjC1APY.roa
Signing time: Mon 02 Jan 2023 05:15:31 +0000
ROA not before: Mon 02 Jan 2023 05:15:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211495
IP address blocks: 2a10:2f00:16c::/48 maxlen: 48
2a0e:b107:10c0::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 23 Jan 2023 10:50:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e8:05:2a:1f:47:4c:98:5f:fd:1d:5b:4e:d5:43:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=46256246117b593a52b4da6af949410e30b500f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:50:a6:a7:24:00:d4:44:09:fd:20:a5:20:13:
b9:fb:c6:a4:5b:35:37:e9:a7:c2:37:d2:64:c1:3e:
51:a0:62:ee:e0:a2:1c:66:d6:54:37:14:f1:0b:1b:
75:4c:ca:8d:87:a6:79:6e:87:2f:6b:c9:05:0e:fc:
92:f7:8e:7a:f3:15:62:b6:55:90:15:d4:ed:72:0e:
e9:df:36:dd:5d:f4:da:ea:0d:78:9b:0c:16:47:51:
a6:f3:4c:72:a2:32:6c:8c:4b:72:39:2f:bf:fe:ee:
7f:63:a0:2c:d4:a3:13:05:c8:83:df:19:54:f6:a5:
82:bb:36:69:16:52:1d:bf:32:71:9e:a6:fc:23:dc:
82:d6:92:fd:58:a6:c4:1c:4c:9a:0e:4f:a7:0e:cf:
ac:b1:b3:5e:d9:5b:8b:83:6b:9a:a5:7b:7c:d0:6c:
24:cc:ab:a1:10:3b:9b:b5:a9:50:82:23:f0:77:22:
65:93:ad:18:aa:76:2e:5f:81:71:c4:bc:82:7f:d3:
83:8d:e0:d2:92:6f:2b:1b:3b:1f:e3:84:4d:9d:cf:
9c:05:16:35:32:ca:93:fe:cb:96:9e:e5:9b:95:22:
ea:d8:fa:88:f9:45:a2:2b:57:42:6e:fa:56:cf:0f:
25:d5:ce:b9:3a:72:dd:e5:29:83:2d:ce:a5:6b:bb:
6a:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:25:62:46:11:7B:59:3A:52:B4:DA:6A:F9:49:41:0E:30:B5:00:F6
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RiViRhF7WTpStNpq-UlBDjC1APY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:10c0::/44
2a10:2f00:16c::/48
Signature Algorithm: sha256WithRSAEncryption
5e:0a:70:30:eb:27:67:ff:b3:e9:bb:7f:85:65:01:b4:84:4d:
dc:a6:03:c9:e3:52:a5:e6:78:e3:07:d4:02:79:92:e2:ff:98:
53:77:48:6d:4b:99:c1:99:39:7c:3e:cf:58:59:04:5d:b6:c5:
78:d6:e2:b5:cc:b5:2c:03:73:f8:45:48:e1:88:f9:b0:af:43:
a2:3c:c8:b2:13:ff:24:da:27:a4:75:1d:75:7e:cd:f7:0e:db:
1c:1c:b0:ad:1e:d2:b8:e8:91:ae:1d:60:07:63:20:89:e6:e3:
11:21:9a:6e:77:90:cc:19:cc:46:a8:1b:6b:63:33:0e:e0:59:
96:94:6f:85:e5:e2:18:bf:e1:37:92:8c:76:1f:c1:4e:c2:71:
25:9c:2b:a7:d4:ab:3b:7b:af:ef:70:b7:be:b5:b6:9a:74:e8:
d9:35:c9:87:0f:95:d8:ee:0a:06:7d:fe:5c:2e:9b:75:c5:95:
c2:d0:56:38:a2:65:59:7e:49:ab:ac:7d:7b:9e:26:c0:62:10:
69:bf:22:78:58:92:af:27:e5:89:2a:02:6f:f6:1e:af:78:10:
1b:e3:db:a6:50:84:6f:ec:8c:f2:c0:2d:fc:d5:c8:eb:19:15:
5a:b1:6f:3d:01:28:b6:98:45:a5:c0:ed:26:9b:87:1f:c5:01:
5d:9d:d0:ce
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw6AUqH0dMmF/9HVtO1UMHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjI1NjI0NjExN2I1OTNhNTJiNGRhNmFmOTQ5NDEwZTMwYjUwMGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVCmpyQA1EQJ/SClIBO5+8akWzU3
6afCN9JkwT5RoGLu4KIcZtZUNxTxCxt1TMqNh6Z5bocva8kFDvyS94568xVitlWQ
FdTtcg7p3zbdXfTa6g14mwwWR1Gm80xyojJsjEtyOS+//u5/Y6As1KMTBciD3xlU
9qWCuzZpFlIdvzJxnqb8I9yC1pL9WKbEHEyaDk+nDs+ssbNe2VuLg2uapXt80Gwk
zKuhEDubtalQgiPwdyJlk60YqnYuX4FxxLyCf9ODjeDSkm8rGzsf44RNnc+cBRY1
MsqT/suWnuWblSLq2PqI+UWiK1dCbvpWzw8l1c65OnLd5SmDLc6la7tqCQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEYlYkYRe1k6UrTaavlJQQ4wtQD2MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUmlWaVJoRjdXVHBTdE5wcS1VbEJEakMxQVBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6xBxDA
AwcAKhAvAAFsMA0GCSqGSIb3DQEBCwUAA4IBAQBeCnAw6ydn/7Ppu3+FZQG0hE3c
pgPJ41Kl5njjB9QCeZLi/5hTd0htS5nBmTl8Ps9YWQRdtsV41uK1zLUsA3P4RUjh
iPmwr0OiPMiyE/8k2iekdR11fs33DtscHLCtHtK46JGuHWAHYyCJ5uMRIZpud5DM
GcxGqBtrYzMO4FmWlG+F5eIYv+E3kox2H8FOwnElnCun1Ks7e6/vcLe+tbaadOjZ
NcmHD5XY7goGff5cLpt1xZXC0FY4omVZfkmrrH17nibAYhBpvyJ4WJKvJ+WJKgJv
9h6veBAb49umUIRv7IzywC381cjrGRVasW89ASi2mEWlwO0mm4cfxQFdndDO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:31 2024 by rpki-client on console-fra.rpki-client.org