Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/U3RE8dI-78zyJiTY85bWNIeCZvI.roa
File: U3RE8dI-78zyJiTY85bWNIeCZvI.roa (raw, json)
Hash identifier: /JLYP8iCpqi58mJZJNrYfCmEzwB+fPV8AClqgQrX5s4=
Subject key identifier: 53:74:44:F1:D2:3E:EF:CC:F2:26:24:D8:F3:96:D6:34:87:82:66:F2
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48AD3B419A885A6481F630B5F0ED729
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/U3RE8dI-78zyJiTY85bWNIeCZvI.roa
Signing time: Tue 24 Jan 2023 16:09:41 +0000
ROA not before: Tue 24 Jan 2023 16:09:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204307
IP address blocks: 2a0e:b107:ac0::/48 maxlen: 48
2a0e:b107:ac2::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:d3:b4:19:a8:85:a6:48:1f:63:0b:5f:0e:d7:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=537444f1d23eefccf22624d8f396d634878266f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:1a:47:b3:ce:8f:59:92:ea:1c:39:38:43:32:
8b:d2:2a:a7:35:91:15:4c:15:e5:d2:8f:f8:12:cc:
bf:9a:65:59:3b:76:4c:f1:f7:c9:21:e7:07:ed:b3:
1d:28:d2:dc:6e:9b:fa:8b:4f:f3:e1:93:c4:a2:cf:
e1:57:dc:ba:97:ad:87:ce:75:e5:18:1a:78:f2:c3:
d3:8d:87:fc:ee:26:9a:c3:b5:39:dc:c4:86:57:40:
6a:a3:9c:e3:e7:a9:ff:18:ef:17:ff:8e:2f:e3:8e:
49:1f:6d:99:14:8c:3a:43:da:f9:26:e3:1b:4e:f4:
51:cb:f0:76:33:8e:6e:27:6e:38:ac:2a:a5:3d:b5:
61:fc:7f:39:e4:6f:24:03:6e:5c:20:7c:75:17:ee:
22:c1:ae:37:c7:d3:ff:35:2c:63:a0:df:7b:e4:c0:
ad:74:00:44:79:6e:93:fc:1c:dd:9c:56:dc:cf:29:
de:06:3c:67:2c:dc:8a:92:9a:15:19:23:98:ff:96:
4f:fb:ab:c8:68:dd:c9:49:d1:95:73:f1:d4:1f:ab:
00:79:79:a4:5e:9b:8b:d9:44:bb:c6:2b:59:fd:89:
c3:57:ed:06:45:20:24:65:8f:94:95:2f:94:86:76:
18:60:9b:b8:1c:c7:76:0a:08:ca:eb:4a:ec:44:10:
a3:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:74:44:F1:D2:3E:EF:CC:F2:26:24:D8:F3:96:D6:34:87:82:66:F2
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/U3RE8dI-78zyJiTY85bWNIeCZvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:ac0::/48
2a0e:b107:ac2::/48
Signature Algorithm: sha256WithRSAEncryption
90:f1:81:f5:70:c4:27:91:2c:0e:68:55:53:70:91:9d:58:ee:
b8:c0:db:7f:4f:6b:7d:92:a5:21:48:32:69:5f:f8:a7:59:c4:
03:50:ae:fb:88:f7:52:bd:30:fb:4c:21:e5:59:f9:42:2d:6d:
ca:9b:cb:7b:d7:c7:49:af:d5:e0:18:32:ec:12:c4:41:fc:e7:
b5:4a:dc:a0:fd:3a:d3:cf:e9:74:59:25:1b:b2:5b:ea:ff:6e:
c4:55:4d:7f:da:cc:05:dc:00:b2:fd:00:a1:02:ba:e5:ab:26:
a1:87:f0:97:23:b7:b9:8b:3f:8e:bf:21:35:8f:8f:47:11:65:
8d:92:da:7a:da:08:a3:7e:7f:a5:d0:2f:02:36:50:23:bd:f9:
84:b8:2c:75:4a:d1:10:7d:c3:3a:75:43:4d:10:40:3f:e6:c8:
88:40:c2:6e:7b:55:f9:93:c3:e5:4e:a0:f7:38:4c:cc:b7:79:
6c:c0:6d:9e:de:27:84:66:8a:59:d2:f2:90:ce:ac:71:4a:08:
20:8f:70:d6:0a:a0:3a:f6:74:ef:63:e3:1b:21:03:bc:d6:8f:
df:91:b5:8c:42:58:4a:5e:c6:da:f0:f6:e1:b2:6a:4c:78:eb:
09:c6:f8:5b:05:fa:29:8f:bd:05:9e:23:a6:dd:cc:03:a3:90:
4c:83:6e:02
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXkitO0GaiFpkgfYwtfDtcpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mzc0NDRmMWQyM2VlZmNjZjIyNjI0ZDhmMzk2ZDYzNDg3ODI2NmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhpHs86PWZLqHDk4QzKL0iqnNZEV
TBXl0o/4Esy/mmVZO3ZM8ffJIecH7bMdKNLcbpv6i0/z4ZPEos/hV9y6l62HznXl
GBp48sPTjYf87iaaw7U53MSGV0Bqo5zj56n/GO8X/44v445JH22ZFIw6Q9r5JuMb
TvRRy/B2M45uJ244rCqlPbVh/H855G8kA25cIHx1F+4iwa43x9P/NSxjoN975MCt
dABEeW6T/BzdnFbczyneBjxnLNyKkpoVGSOY/5ZP+6vIaN3JSdGVc/HUH6sAeXmk
XpuL2US7xitZ/YnDV+0GRSAkZY+UlS+UhnYYYJu4HMd2CgjK60rsRBCjgwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFN0RPHSPu/M8iYk2POW1jSHgmbyMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVTNSRThkSS03OHp5SmlUWTg1YldOSWVDWnZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6xBwrA
AwcAKg6xBwrCMA0GCSqGSIb3DQEBCwUAA4IBAQCQ8YH1cMQnkSwOaFVTcJGdWO64
wNt/T2t9kqUhSDJpX/inWcQDUK77iPdSvTD7TCHlWflCLW3Km8t718dJr9XgGDLs
EsRB/Oe1Styg/TrTz+l0WSUbslvq/27EVU1/2swF3ACy/QChArrlqyahh/CXI7e5
iz+OvyE1j49HEWWNktp62gijfn+l0C8CNlAjvfmEuCx1StEQfcM6dUNNEEA/5siI
QMJue1X5k8PlTqD3OEzMt3lswG2e3ieEZopZ0vKQzqxxSgggj3DWCqA69nTvY+Mb
IQO81o/fkbWMQlhKXsba8PbhsmpMeOsJxvhbBfopj70FniOm3cwDo5BMg24C
-----END CERTIFICATE-----
Generated at Tue Nov 7 15:12:13 2023 by rpki-client on console-ams.rpki-client.org