Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SUsnCCSLnOT5ZxIp0pGx7JpII8g.roa
File: SUsnCCSLnOT5ZxIp0pGx7JpII8g.roa (raw, json)
Hash identifier: agDI8DBblGB8/z4Zf3BKd84YC0veeyoDZZ5DkKDZmfM=
Subject key identifier: 49:4B:27:08:24:8B:9C:E4:F9:67:12:29:D2:91:B1:EC:9A:48:23:C8
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018A1A4BBCD1BCD35DED870B63C1AF16C8B2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SUsnCCSLnOT5ZxIp0pGx7JpII8g.roa
Signing time: Mon 21 Aug 2023 22:51:25 +0000
ROA not before: Mon 21 Aug 2023 22:51:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216457
IP address blocks: 2a0e:b107:27ad::/48 maxlen: 48
2a10:2f00:198::/48 maxlen: 48
2a0e:b107:27ac::/48 maxlen: 48
2a0e:b107:27a9::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1a:4b:bc:d1:bc:d3:5d:ed:87:0b:63:c1:af:16:c8:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 21 22:51:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=494b2708248b9ce4f9671229d291b1ec9a4823c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:39:e3:1f:2a:56:20:01:52:b8:99:cb:26:c8:
44:7a:da:cd:a1:7e:e9:72:86:ac:45:44:90:3a:43:
2c:57:f5:a3:f2:db:16:20:d3:6b:97:8c:11:66:b1:
2a:c8:43:ae:e3:84:d2:fb:32:94:0b:cc:13:1d:c3:
f7:fb:5e:0a:97:d5:a9:f2:16:2a:45:e1:44:06:70:
51:06:7c:c4:07:c9:39:70:55:ca:e7:0f:34:1a:89:
18:56:f0:d7:8e:7a:74:70:04:5f:60:96:d3:dc:11:
a6:32:07:d9:c9:bd:a6:bb:88:45:17:3c:58:c9:8b:
dd:e6:78:c8:21:40:af:06:4e:d6:94:bf:f7:e0:3d:
fe:e2:55:f3:59:4e:94:96:f7:7a:53:ea:97:1f:1d:
56:3b:9e:dd:47:10:3a:b2:42:14:40:9c:66:b4:0d:
57:6f:51:fe:35:27:a1:33:5c:e5:8b:5e:94:db:29:
14:0d:73:b0:73:a2:d0:3a:d9:88:e2:02:3a:9d:d0:
7c:4f:99:ee:22:66:ef:94:2c:49:55:9a:48:d3:d5:
5b:fd:78:5e:1f:ac:cf:9c:7c:6c:ab:46:17:91:58:
e8:e5:5d:b7:cf:ff:20:b6:d0:70:6e:ff:4c:e7:0f:
9e:1a:2c:c7:8e:0f:b5:3d:d7:7a:8b:d1:f1:42:b4:
3a:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:4B:27:08:24:8B:9C:E4:F9:67:12:29:D2:91:B1:EC:9A:48:23:C8
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SUsnCCSLnOT5ZxIp0pGx7JpII8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:27a9::/48
2a0e:b107:27ac::/47
2a10:2f00:198::/48
Signature Algorithm: sha256WithRSAEncryption
16:68:86:8a:3c:8a:82:85:0f:57:39:ef:4e:6d:f1:ed:66:11:
71:05:26:ac:b7:29:b5:17:ea:99:4c:12:86:8b:bc:94:f0:23:
f4:80:55:e4:65:90:cd:1d:6c:54:b6:0a:ad:ef:ed:b8:30:89:
40:53:ef:a9:e9:05:9c:da:d5:8d:0f:6d:18:2c:0b:7c:ef:34:
5e:a0:ec:f7:32:17:2e:cf:52:32:b4:93:fa:99:02:38:ca:2e:
17:51:2d:41:42:fc:67:ec:43:85:4b:b1:19:20:dc:6c:d6:dd:
e1:37:c2:4d:83:8c:6d:f9:46:19:b2:96:cc:23:05:1a:5a:3a:
e6:09:10:02:56:f6:8d:bf:8d:bb:c2:17:f0:48:f8:99:ad:53:
43:c3:9a:cb:44:27:ff:82:f7:8a:28:00:90:5c:04:56:e4:18:
70:49:17:f0:70:d1:84:d8:1d:ef:a0:a2:2c:b0:dc:d8:3d:cf:
ab:15:f0:fe:2d:48:2d:8b:c1:bf:a3:e5:b8:50:02:79:af:ec:
e9:a6:c9:8a:d7:a7:52:a4:67:39:3f:40:d2:ec:4b:28:aa:7e:
da:75:fb:59:fb:c7:9a:4b:32:10:b7:61:cc:0f:a7:2d:67:13:
13:68:35:59:09:95:0e:12:f8:2f:7b:87:3f:77:00:83:3c:06:
c9:55:76:15
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYoaS7zRvNNd7YcLY8GvFsiyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwODIxMjI1MTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTRiMjcwODI0OGI5Y2U0Zjk2NzEyMjlkMjkxYjFlYzlhNDgyM2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDnjHypWIAFSuJnLJshEetrNoX7p
coasRUSQOkMsV/Wj8tsWINNrl4wRZrEqyEOu44TS+zKUC8wTHcP3+14Kl9Wp8hYq
ReFEBnBRBnzEB8k5cFXK5w80GokYVvDXjnp0cARfYJbT3BGmMgfZyb2mu4hFFzxY
yYvd5njIIUCvBk7WlL/34D3+4lXzWU6Ulvd6U+qXHx1WO57dRxA6skIUQJxmtA1X
b1H+NSehM1zli16U2ykUDXOwc6LQOtmI4gI6ndB8T5nuImbvlCxJVZpI09Vb/Xhe
H6zPnHxsq0YXkVjo5V23z/8gttBwbv9M5w+eGizHjg+1Pdd6i9HxQrQ6vQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFElLJwgki5zk+WcSKdKRseyaSCPIMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvU1VzbkNDU0xuT1Q1WnhJcDBwR3g3SnBJSThnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKg6xByep
AwcBKg6xByesAwcAKhAvAAGYMA0GCSqGSIb3DQEBCwUAA4IBAQAWaIaKPIqChQ9X
Oe9ObfHtZhFxBSastym1F+qZTBKGi7yU8CP0gFXkZZDNHWxUtgqt7+24MIlAU++p
6QWc2tWND20YLAt87zReoOz3Mhcuz1IytJP6mQI4yi4XUS1BQvxn7EOFS7EZINxs
1t3hN8JNg4xt+UYZspbMIwUaWjrmCRACVvaNv427whfwSPiZrVNDw5rLRCf/gveK
KACQXARW5BhwSRfwcNGE2B3voKIssNzYPc+rFfD+LUgti8G/o+W4UAJ5r+zppsmK
16dSpGc5P0DS7Esoqn7adftZ+8eaSzIQt2HMD6ctZxMTaDVZCZUOEvgve4c/dwCD
PAbJVXYV
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:50 2024 by rpki-client on console-ams.rpki-client.org