Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TapRLdkygBCxS1S56RP1ZpKTMJA.roa
File: TapRLdkygBCxS1S56RP1ZpKTMJA.roa (raw, json)
Hash identifier: XjnFAovCTvf/YipKzga8OAGWsC4IfbXwhow7Wq0vnO0=
Subject key identifier: 4D:AA:51:2D:D9:32:80:10:B1:4B:54:B9:E9:13:F5:66:92:93:30:90
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E79D05D4461031B391840F5862CF22
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TapRLdkygBCxS1S56RP1ZpKTMJA.roa
Signing time: Mon 02 Jan 2023 05:15:05 +0000
ROA not before: Mon 02 Jan 2023 05:15:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 149690
IP address blocks: 2a0e:97c0:374::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:9d:05:d4:46:10:31:b3:91:84:0f:58:62:cf:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4daa512dd9328010b14b54b9e913f56692933090
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:08:8f:02:c5:f7:31:ea:b5:cd:01:7a:1c:b3:
25:37:c9:6b:6f:6c:f9:86:18:23:0d:8e:d7:9b:65:
7a:64:1a:f6:11:1f:19:df:3b:db:e5:2e:ef:75:01:
a1:13:06:22:89:67:68:39:8f:bf:01:f0:f8:01:c3:
44:77:d3:5f:6e:78:dc:26:11:2e:7b:ac:4a:15:ad:
62:ee:fb:88:06:c2:07:1c:51:1b:32:1b:4b:48:96:
42:4b:e3:e3:d6:b5:04:15:22:5a:ea:43:9b:ce:3c:
9f:13:d8:0e:5c:31:00:8b:fb:cd:83:2b:e4:14:35:
d0:14:9e:70:5b:76:e4:66:71:fe:58:ca:d4:0c:51:
16:b3:cf:08:28:47:d2:a9:f8:95:5f:98:56:d3:15:
46:76:10:96:32:20:4a:35:13:c9:d7:2b:1f:f3:88:
f9:6d:98:af:3d:4d:23:c6:52:7a:3f:38:d9:33:33:
0d:d2:37:e0:22:ea:ca:11:43:98:9c:de:3f:52:80:
3a:83:40:21:12:d9:be:69:17:58:86:c6:71:e9:5e:
72:23:33:a6:95:bd:41:7a:a5:12:ff:03:4d:64:12:
6b:25:0a:5f:73:d1:72:a3:11:16:be:e6:83:e3:1c:
5e:19:6b:6e:5e:da:9f:26:21:ec:17:6b:4d:c0:bf:
6c:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:AA:51:2D:D9:32:80:10:B1:4B:54:B9:E9:13:F5:66:92:93:30:90
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TapRLdkygBCxS1S56RP1ZpKTMJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:374::/48
Signature Algorithm: sha256WithRSAEncryption
33:fa:86:8a:2a:70:f6:1b:76:99:53:8c:62:d4:d7:2c:d6:e1:
71:c4:e1:5a:89:22:c7:b6:75:f6:32:6f:c3:e0:7e:e8:9b:d0:
42:b1:c9:10:e4:00:92:a6:e3:2d:50:4e:22:51:95:c1:3f:ab:
e2:2a:f5:cb:3b:43:6e:44:20:7a:5f:23:b4:56:b3:fa:81:e8:
f2:78:3d:92:28:f9:9f:f1:6f:2a:56:05:8b:bd:6a:c9:cf:4d:
13:59:a7:72:cb:8d:b0:43:57:92:40:8e:55:59:b9:17:27:b3:
22:4f:d1:30:8a:21:35:6e:0d:cc:34:0f:65:8f:1a:a5:8c:52:
f2:36:20:62:69:b5:f7:e8:9c:92:0a:c1:6d:ed:5b:4d:a0:0d:
4c:24:90:be:8a:c0:24:28:24:fe:22:4c:5f:06:b5:dd:5f:dd:
9a:70:20:2a:aa:7b:38:ab:00:4f:f8:f5:f4:5e:04:cb:76:29:
f1:3d:6c:1b:08:f4:63:e6:91:8e:c5:95:50:f4:7b:49:f5:8b:
74:94:bf:d1:6a:0e:ae:27:04:0e:3a:5d:0a:02:5c:34:ab:91:
95:32:36:e6:92:23:3e:43:b5:34:79:ff:11:45:4c:68:0a:2c:
93:dc:42:2b:cc:07:d0:6f:7a:9f:90:88:3d:0d:10:9c:81:7a:
2f:6c:a2:40
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw550F1EYQMbORhA9YYs8iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGFhNTEyZGQ5MzI4MDEwYjE0YjU0YjllOTEzZjU2NjkyOTMzMDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQiPAsX3Meq1zQF6HLMlN8lrb2z5
hhgjDY7Xm2V6ZBr2ER8Z3zvb5S7vdQGhEwYiiWdoOY+/AfD4AcNEd9NfbnjcJhEu
e6xKFa1i7vuIBsIHHFEbMhtLSJZCS+Pj1rUEFSJa6kObzjyfE9gOXDEAi/vNgyvk
FDXQFJ5wW3bkZnH+WMrUDFEWs88IKEfSqfiVX5hW0xVGdhCWMiBKNRPJ1ysf84j5
bZivPU0jxlJ6PzjZMzMN0jfgIurKEUOYnN4/UoA6g0AhEtm+aRdYhsZx6V5yIzOm
lb1BeqUS/wNNZBJrJQpfc9FyoxEWvuaD4xxeGWtuXtqfJiHsF2tNwL9sAwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE2qUS3ZMoAQsUtUuekT9WaSkzCQMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVGFwUkxka3lnQkN4UzFTNTZSUDFacEtUTUpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6XwAN0
MA0GCSqGSIb3DQEBCwUAA4IBAQAz+oaKKnD2G3aZU4xi1Ncs1uFxxOFaiSLHtnX2
Mm/D4H7om9BCsckQ5ACSpuMtUE4iUZXBP6viKvXLO0NuRCB6XyO0VrP6gejyeD2S
KPmf8W8qVgWLvWrJz00TWadyy42wQ1eSQI5VWbkXJ7MiT9EwiiE1bg3MNA9ljxql
jFLyNiBiabX36JySCsFt7VtNoA1MJJC+isAkKCT+IkxfBrXdX92acCAqqns4qwBP
+PX0XgTLdinxPWwbCPRj5pGOxZVQ9HtJ9Yt0lL/Rag6uJwQOOl0KAlw0q5GVMjbm
kiM+Q7U0ef8RRUxoCiyT3EIrzAfQb3qfkIg9DRCcgXovbKJA
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:16 2023 by rpki-client on console-fra.rpki-client.org