Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TVT4qUQxBiUFk6k8mwgzi4AW5G8.roa
File: TVT4qUQxBiUFk6k8mwgzi4AW5G8.roa (raw, json)
Hash identifier: yvpbqno7ECU+d1DfpueL862oJL/eUsJbn+1Nya7r5eE=
Subject key identifier: 4D:54:F8:A9:44:31:06:25:05:93:A9:3C:9B:08:33:8B:80:16:E4:6F
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7DCC1CC796C16106E7BC5DD0C917E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TVT4qUQxBiUFk6k8mwgzi4AW5G8.roa
Signing time: Mon 02 Jan 2023 05:15:21 +0000
ROA not before: Mon 02 Jan 2023 05:15:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209225
IP address blocks: 2a10:cc40:102::/48 maxlen: 48
2a10:cc40:100::/44 maxlen: 48
2a10:cc40:100::/48 maxlen: 48
2a10:2f00:17e::/48 maxlen: 48
2a10:cc40:101::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:dc:c1:cc:79:6c:16:10:6e:7b:c5:dd:0c:91:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d54f8a9443106250593a93c9b08338b8016e46f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ce:8b:de:b7:a7:f0:6d:89:70:e9:02:ae:8b:
1a:e2:e1:c6:2b:7c:af:28:cc:50:14:76:5c:cc:14:
05:c6:0e:6d:39:c7:f5:89:ed:2b:f7:5d:90:25:6e:
e4:a4:22:eb:3c:d0:55:bb:0d:a0:22:ca:24:9c:d6:
9d:db:cb:ef:92:2f:79:bc:bb:4b:c4:d4:ca:1e:94:
91:bf:9b:74:fe:e8:70:b0:37:68:18:87:e6:f5:04:
d2:3e:b3:9a:8f:b8:db:ae:69:76:28:60:4a:ab:20:
5b:19:55:80:3f:10:02:32:52:3a:d8:84:36:a1:bd:
4b:52:79:b7:c2:6c:8b:dc:8d:7b:21:d4:ee:8a:c4:
09:95:b6:7e:55:74:95:fc:9c:52:6f:5d:1a:12:27:
d0:85:05:e3:af:ee:91:21:6d:45:8e:81:37:c5:ab:
91:77:0b:9e:81:69:51:75:07:29:b2:fa:2f:38:a9:
09:0a:20:37:fa:2f:17:5a:49:95:62:77:88:cf:32:
92:59:f9:ba:ed:27:ee:bb:82:e1:e1:cb:34:5f:82:
4f:25:38:f6:7d:ba:0a:2f:84:04:28:10:a1:ba:aa:
2a:da:a7:72:f6:f5:b1:8d:8c:3b:00:7f:67:3c:ab:
3d:26:70:04:f9:e1:79:6f:35:f2:2a:03:e2:93:04:
55:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:54:F8:A9:44:31:06:25:05:93:A9:3C:9B:08:33:8B:80:16:E4:6F
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TVT4qUQxBiUFk6k8mwgzi4AW5G8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:2f00:17e::/48
2a10:cc40:100::/44
Signature Algorithm: sha256WithRSAEncryption
03:0b:5b:25:7c:ea:3f:d5:38:c2:70:f7:5f:a9:31:af:d6:7d:
e8:2b:78:ab:93:cc:f4:e7:a9:e4:9d:f4:28:85:e9:2c:bc:93:
b9:7e:56:ab:6c:08:a7:07:6b:cc:d9:d6:07:11:c4:c1:a3:7c:
3d:87:8e:ab:16:05:bc:08:1a:5f:a9:a5:6c:0b:16:87:c6:57:
57:5b:a1:31:25:7f:8a:7c:b1:38:36:03:fc:cd:cf:40:cf:72:
52:f8:95:7e:e4:e2:12:72:af:a6:f4:6b:e9:7e:06:ad:a0:38:
6c:e3:3b:33:6f:1d:93:72:cb:04:68:22:8b:ff:7f:7e:e0:16:
20:18:2c:3e:41:f4:4c:84:3c:d7:a9:b5:c4:45:ba:bd:d4:80:
5c:ef:0f:32:b2:87:ba:1e:92:26:5d:7d:98:42:71:00:88:19:
d3:42:52:ce:12:f5:a9:5e:3e:c9:b3:4b:ff:38:7d:c8:e0:0c:
21:71:e8:97:2f:51:df:76:f4:a0:ca:a9:16:51:dc:55:22:83:
89:cf:5f:d0:97:11:d8:e2:a7:ef:c3:a9:39:42:9a:f1:1c:4a:
0f:61:ad:58:3f:e5:6b:a3:92:e6:e3:c4:72:de:a4:d4:f2:bb:
7e:89:73:81:fb:42:95:95:62:02:ae:8b:e6:e4:0b:ed:17:30:
1a:43:81:c5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw59zBzHlsFhBue8XdDJF+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDU0ZjhhOTQ0MzEwNjI1MDU5M2E5M2M5YjA4MzM4YjgwMTZlNDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhM6L3ren8G2JcOkCrosa4uHGK3yv
KMxQFHZczBQFxg5tOcf1ie0r912QJW7kpCLrPNBVuw2gIsoknNad28vvki95vLtL
xNTKHpSRv5t0/uhwsDdoGIfm9QTSPrOaj7jbrml2KGBKqyBbGVWAPxACMlI62IQ2
ob1LUnm3wmyL3I17IdTuisQJlbZ+VXSV/JxSb10aEifQhQXjr+6RIW1FjoE3xauR
dwuegWlRdQcpsvovOKkJCiA3+i8XWkmVYneIzzKSWfm67Sfuu4Lh4cs0X4JPJTj2
fboKL4QEKBChuqoq2qdy9vWxjYw7AH9nPKs9JnAE+eF5bzXyKgPikwRV+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE1U+KlEMQYlBZOpPJsIM4uAFuRvMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVFZUNHFVUXhCaVVGazZrOG13Z3ppNEFXNUc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhAvAAF+
AwcEKhDMQAEAMA0GCSqGSIb3DQEBCwUAA4IBAQADC1slfOo/1TjCcPdfqTGv1n3o
K3irk8z056nknfQoheksvJO5flarbAinB2vM2dYHEcTBo3w9h46rFgW8CBpfqaVs
CxaHxldXW6ExJX+KfLE4NgP8zc9Az3JS+JV+5OIScq+m9GvpfgatoDhs4zszbx2T
cssEaCKL/39+4BYgGCw+QfRMhDzXqbXERbq91IBc7w8ysoe6HpImXX2YQnEAiBnT
QlLOEvWpXj7Js0v/OH3I4AwhceiXL1HfdvSgyqkWUdxVIoOJz1/QlxHY4qfvw6k5
QprxHEoPYa1YP+Vro5Lm48Ry3qTU8rt+iXOB+0KVlWICrovm5AvtFzAaQ4HF
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:16 2023 by rpki-client on console-fra.rpki-client.org