Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/U4ZQiaAkMCsSKwAKwjzzYzFI100.roa
File: U4ZQiaAkMCsSKwAKwjzzYzFI100.roa (raw, json)
Hash identifier: VpjONzhRB9WVFdF8kueAx4znyNJ+rZmcLPBW5+F8YXc=
Subject key identifier: 53:86:50:89:A0:24:30:2B:12:2B:00:0A:C2:3C:F3:63:31:48:D7:4D
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0186163B99B98401A0ED21E0CED77927E998
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/U4ZQiaAkMCsSKwAKwjzzYzFI100.roa
Signing time: Fri 03 Feb 2023 07:44:10 +0000
ROA not before: Fri 03 Feb 2023 07:44:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208529
IP address blocks: 2a0e:b107:2b0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:16:3b:99:b9:84:01:a0:ed:21:e0:ce:d7:79:27:e9:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 3 07:44:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53865089a024302b122b000ac23cf3633148d74d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ad:ed:c4:50:74:47:bd:71:60:08:c6:17:80:
c5:91:b0:ba:2a:d2:6e:06:3c:13:14:23:27:11:cc:
03:d6:00:95:ae:40:e4:a4:53:8e:9a:0d:fc:ff:1e:
9d:2d:89:7f:10:3a:5c:62:66:1e:b2:6a:c8:73:01:
61:ea:46:47:81:19:10:a7:88:e3:fd:aa:0d:e7:2a:
4c:32:04:0b:f6:e5:b2:2f:75:18:9a:c0:d7:98:b4:
7c:21:5b:b3:e5:3c:1e:91:e6:24:dc:d4:bd:db:df:
4d:61:22:98:88:d3:ce:72:bd:05:34:48:e6:14:6f:
41:3e:29:4c:07:13:3e:57:34:8a:48:d1:9c:4b:10:
ef:40:1e:34:26:91:37:0d:41:00:25:4a:de:3a:64:
51:5f:c4:44:4a:1c:0a:be:dc:32:c6:61:71:97:63:
10:82:d4:ce:a4:1d:19:10:99:14:ac:02:f0:6e:87:
11:b3:56:5e:2f:83:02:b6:1c:9b:8b:46:d9:eb:84:
40:b2:58:6c:6a:16:69:61:c2:65:d6:17:9d:80:e7:
7e:a6:b3:75:82:38:aa:fd:06:0b:0c:78:82:a7:1e:
9e:2e:66:b9:16:e3:60:26:e0:08:cb:c2:99:4f:6d:
05:b0:2d:f1:6c:2f:da:21:b6:d3:dd:b3:19:59:85:
4b:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:86:50:89:A0:24:30:2B:12:2B:00:0A:C2:3C:F3:63:31:48:D7:4D
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/U4ZQiaAkMCsSKwAKwjzzYzFI100.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:2b0::/48
Signature Algorithm: sha256WithRSAEncryption
59:df:03:bd:1d:7f:54:3e:dd:b1:a8:58:03:5a:12:8f:57:a5:
a6:38:3f:13:0d:0c:e8:01:bb:a1:5f:37:2c:9b:91:9c:28:60:
e3:7c:7c:0e:0d:5f:35:cd:bd:41:a8:18:69:13:ea:84:3b:97:
63:a9:3a:4f:e6:35:de:45:f6:1d:b9:74:34:0d:3e:e8:74:54:
51:e3:01:fe:cf:0c:16:e2:c2:18:c1:dd:52:9b:a4:01:63:fa:
f7:7c:98:ad:4b:a9:5a:ff:8d:87:53:aa:9e:ef:35:0e:39:95:
76:79:2a:43:55:f5:5b:b6:0a:6b:30:22:cb:7b:d9:07:2a:d0:
e7:47:c2:2e:a9:e2:0f:5c:0d:f9:e7:86:31:e3:bc:e4:e2:c7:
bd:b5:bc:05:60:bf:80:ff:70:65:07:39:0a:8c:17:06:c9:ea:
08:20:a2:c6:a2:ad:10:76:31:e4:14:13:a1:c1:90:2c:7f:da:
09:2e:6d:bc:47:86:2a:01:79:89:2d:5a:96:bd:76:6f:17:c1:
74:46:4e:07:d2:b2:9f:92:fd:a2:ff:98:4a:3a:c7:80:17:35:
aa:ae:fb:71:06:ad:a0:50:1d:fb:0b:21:2a:95:4b:60:61:89:
c2:20:c7:37:d4:f2:f6:c3:01:5b:83:39:82:86:0c:d2:dc:0e:
d2:9f:ad:1d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYYWO5m5hAGg7SHgztd5J+mYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMjAzMDc0NDEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mzg2NTA4OWEwMjQzMDJiMTIyYjAwMGFjMjNjZjM2MzMxNDhkNzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmq3txFB0R71xYAjGF4DFkbC6KtJu
BjwTFCMnEcwD1gCVrkDkpFOOmg38/x6dLYl/EDpcYmYesmrIcwFh6kZHgRkQp4jj
/aoN5ypMMgQL9uWyL3UYmsDXmLR8IVuz5TwekeYk3NS9299NYSKYiNPOcr0FNEjm
FG9BPilMBxM+VzSKSNGcSxDvQB40JpE3DUEAJUreOmRRX8REShwKvtwyxmFxl2MQ
gtTOpB0ZEJkUrALwbocRs1ZeL4MCthybi0bZ64RAslhsahZpYcJl1hedgOd+prN1
gjiq/QYLDHiCpx6eLma5FuNgJuAIy8KZT20FsC3xbC/aIbbT3bMZWYVLhwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFOGUImgJDArEisACsI882MxSNdNMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVTRaUWlhQWtNQ3NTS3dBS3dqenpZekZJMTAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBwKw
MA0GCSqGSIb3DQEBCwUAA4IBAQBZ3wO9HX9UPt2xqFgDWhKPV6WmOD8TDQzoAbuh
Xzcsm5GcKGDjfHwODV81zb1BqBhpE+qEO5djqTpP5jXeRfYduXQ0DT7odFRR4wH+
zwwW4sIYwd1Sm6QBY/r3fJitS6la/42HU6qe7zUOOZV2eSpDVfVbtgprMCLLe9kH
KtDnR8IuqeIPXA3554Yx47zk4se9tbwFYL+A/3BlBzkKjBcGyeoIIKLGoq0QdjHk
FBOhwZAsf9oJLm28R4YqAXmJLVqWvXZvF8F0Rk4H0rKfkv2i/5hKOseAFzWqrvtx
Bq2gUB37CyEqlUtgYYnCIMc31PL2wwFbgzmChgzS3A7Sn60d
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:31 2024 by rpki-client on console-fra.rpki-client.org