Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RxxFc6tcxkjcfJnPfTnIYi5Z7jI.roa
File: RxxFc6tcxkjcfJnPfTnIYi5Z7jI.roa (raw, json)
Hash identifier: 2fbvhuCO3ozUEyYD+RDfLYn75vS4DlY9R71NXOFov6Q=
Subject key identifier: 47:1C:45:73:AB:5C:C6:48:DC:7C:99:CF:7D:39:C8:62:2E:59:EE:32
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0187CE8F7A8AEE7FF46CBF0E0DA4E73CF483
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RxxFc6tcxkjcfJnPfTnIYi5Z7jI.roa
Signing time: Sat 29 Apr 2023 19:48:42 +0000
ROA not before: Sat 29 Apr 2023 19:48:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208328
IP address blocks: 2a0e:97c0:640::/44 maxlen: 48
2a0e:97c0:643::/48 maxlen: 48
2a0e:97c0:644::/48 maxlen: 48
2a0e:97c0:642::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ce:8f:7a:8a:ee:7f:f4:6c:bf:0e:0d:a4:e7:3c:f4:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 29 19:48:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=471c4573ab5cc648dc7c99cf7d39c8622e59ee32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:20:89:c1:04:98:28:68:dc:40:db:5f:9d:2d:
27:8e:d3:ed:d7:fe:48:fc:b8:15:6f:b1:4c:bb:87:
99:7a:f8:b0:e9:ed:b1:7f:58:7a:06:cb:ee:e7:5f:
86:0e:b7:48:73:47:d6:0e:e0:44:a3:c5:06:11:6e:
47:32:e4:77:6d:87:1a:0b:2c:a5:bf:ef:11:92:3d:
0b:f7:8e:f2:11:32:72:2b:68:a2:91:63:02:55:ec:
02:5e:d9:63:d8:06:48:09:ef:cd:70:1f:33:4d:c9:
44:9d:55:17:d9:05:ba:52:8d:16:08:22:95:f9:9a:
9e:68:13:6d:2b:c4:6b:02:f3:aa:e8:64:82:66:71:
57:19:b8:92:2c:33:4b:6f:f6:60:65:c6:86:58:b7:
51:1a:38:71:74:02:37:bb:28:cf:e6:20:a2:97:fc:
31:3e:1d:9b:49:2f:4d:b5:61:d1:fe:1c:2e:b8:31:
25:e4:36:1e:67:bd:8d:5b:47:87:d6:b1:7a:4b:a1:
a4:32:20:35:1b:22:1c:8d:92:f6:ef:64:68:ac:ec:
97:69:72:f5:03:bf:a2:8e:66:de:11:8f:24:65:a5:
86:55:d9:d7:90:63:14:e0:a0:74:fc:19:6a:2e:da:
9b:53:fe:2f:b5:ed:20:39:ec:17:41:1c:1b:49:de:
5a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:1C:45:73:AB:5C:C6:48:DC:7C:99:CF:7D:39:C8:62:2E:59:EE:32
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RxxFc6tcxkjcfJnPfTnIYi5Z7jI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:640::/44
Signature Algorithm: sha256WithRSAEncryption
cb:d9:64:d8:dd:37:b2:d5:fe:b3:8b:fa:db:25:6d:fa:a6:2a:
1c:d2:25:0d:88:85:dc:bf:04:9a:c4:f1:c2:a8:87:70:79:68:
87:41:3a:3d:89:23:f6:1e:79:91:74:19:ba:37:15:7c:80:32:
1b:fc:2b:d6:8b:52:04:3a:67:36:b3:be:01:f2:df:a8:7f:40:
d8:5e:23:55:81:e3:c3:b7:a8:8e:76:d4:38:1b:61:b8:06:4c:
ed:a2:76:32:d4:4a:6c:2d:87:36:aa:7f:32:4a:4a:b7:14:9d:
08:5e:c0:ad:cf:70:88:fe:b8:ae:ee:bb:42:09:d4:60:fb:d4:
ff:0c:6e:8d:d2:aa:7e:f5:5d:c3:1d:c7:bd:b6:9f:29:f3:b7:
5d:95:51:78:d6:aa:34:a0:28:82:69:3a:a9:32:ca:e9:e1:2a:
19:3e:08:8f:f9:f1:fa:ed:49:bf:c3:04:b2:6b:fd:a8:32:3e:
95:83:59:fa:dd:b6:35:07:47:94:f7:2e:7d:23:13:76:e0:08:
27:21:66:72:f4:fd:a8:1f:bd:a4:b4:55:07:c0:94:24:54:4e:
64:94:51:6e:0f:2b:1e:1a:5a:57:ac:0c:f4:51:d5:85:09:6f:
68:82:d2:9b:60:0e:62:2c:7c:5a:a1:b8:75:b2:c3:fc:84:38:
9a:9d:1d:7e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYfOj3qK7n/0bL8ODaTnPPSDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNDI5MTk0ODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzFjNDU3M2FiNWNjNjQ4ZGM3Yzk5Y2Y3ZDM5Yzg2MjJlNTllZTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyCJwQSYKGjcQNtfnS0njtPt1/5I
/LgVb7FMu4eZeviw6e2xf1h6Bsvu51+GDrdIc0fWDuBEo8UGEW5HMuR3bYcaCyyl
v+8Rkj0L947yETJyK2iikWMCVewCXtlj2AZICe/NcB8zTclEnVUX2QW6Uo0WCCKV
+ZqeaBNtK8RrAvOq6GSCZnFXGbiSLDNLb/ZgZcaGWLdRGjhxdAI3uyjP5iCil/wx
Ph2bSS9NtWHR/hwuuDEl5DYeZ72NW0eH1rF6S6GkMiA1GyIcjZL272RorOyXaXL1
A7+ijmbeEY8kZaWGVdnXkGMU4KB0/BlqLtqbU/4vte0gOewXQRwbSd5aVwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEccRXOrXMZI3HyZz305yGIuWe4yMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUnh4RmM2dGN4a2pjZkpuUGZUbklZaTVaN2pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAZA
MA0GCSqGSIb3DQEBCwUAA4IBAQDL2WTY3Tey1f6zi/rbJW36pioc0iUNiIXcvwSa
xPHCqIdweWiHQTo9iSP2HnmRdBm6NxV8gDIb/CvWi1IEOmc2s74B8t+of0DYXiNV
gePDt6iOdtQ4G2G4BkztonYy1EpsLYc2qn8ySkq3FJ0IXsCtz3CI/riu7rtCCdRg
+9T/DG6N0qp+9V3DHce9tp8p87ddlVF41qo0oCiCaTqpMsrp4SoZPgiP+fH67Um/
wwSya/2oMj6Vg1n63bY1B0eU9y59IxN24AgnIWZy9P2oH72ktFUHwJQkVE5klFFu
DyseGlpXrAz0UdWFCW9ogtKbYA5iLHxaobh1ssP8hDianR1+
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:16 2023 by rpki-client on console-fra.rpki-client.org