Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VD8yFEa6_-SmAIP6FATDqlya3aU.roa
File: VD8yFEa6_-SmAIP6FATDqlya3aU.roa (raw, json)
Hash identifier: 5qQ8I1InrjSeKrtQyp65G+rMZkxAy0sC6BOhUa05Xcw=
Subject key identifier: 54:3F:32:14:46:BA:FF:E4:A6:00:83:FA:14:04:C3:AA:5C:9A:DD:A5
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185DE40B29A7E778D484F8A9C2D42F27390
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VD8yFEa6_-SmAIP6FATDqlya3aU.roa
Signing time: Mon 23 Jan 2023 10:51:00 +0000
ROA not before: Mon 23 Jan 2023 10:51:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211840
IP address blocks: 2a0e:97c0:1ba::/47 maxlen: 48
2a0e:97c0:1bd::/48 maxlen: 48
2a0e:97c0:1b0::/48 maxlen: 48
2a0e:97c0:1bc::/48 maxlen: 48
2a0e:97c0:1b2::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:de:40:b2:9a:7e:77:8d:48:4f:8a:9c:2d:42:f2:73:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 23 10:51:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=543f321446baffe4a60083fa1404c3aa5c9adda5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f0:98:4b:4a:43:16:a3:9e:52:68:9a:16:eb:
e3:ac:2a:a0:7f:bf:ba:61:3e:50:2c:6e:6a:ad:b2:
a5:22:24:ec:3a:a7:1d:49:32:1c:9d:bf:a1:42:55:
d6:d7:d3:07:a8:34:38:31:25:07:c1:60:79:5e:ce:
e0:14:2b:b8:b0:a8:5e:22:10:de:0b:c3:49:aa:67:
32:83:92:25:f0:4d:0c:ce:1c:58:40:93:c3:d3:d6:
a8:6a:4c:85:b5:55:36:56:98:10:11:e1:6a:a8:bd:
23:5a:f8:12:82:22:dd:6c:fe:d8:76:c7:77:4c:36:
c6:83:f3:29:cc:58:a3:e8:7e:94:89:0e:37:15:ab:
be:2e:4c:ad:3d:a2:65:22:bb:6b:bb:ca:1d:e5:ec:
f4:51:5e:9f:a5:a7:55:d8:e9:a4:c2:8e:18:9b:65:
80:9d:e8:92:16:ac:68:d6:9f:fb:3a:7a:db:82:88:
90:91:d8:6a:c9:4c:8c:9f:bb:81:3b:8d:35:df:c1:
96:75:46:97:85:2a:77:cd:94:0c:08:88:09:85:df:
6c:b1:07:1a:9d:8c:c6:bd:1b:ac:5f:df:00:c9:ab:
e4:96:3e:c3:6e:5a:36:92:1e:d0:0f:da:b6:3e:12:
b9:84:6f:c9:62:01:93:05:51:6c:3c:82:d8:47:df:
5d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:3F:32:14:46:BA:FF:E4:A6:00:83:FA:14:04:C3:AA:5C:9A:DD:A5
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VD8yFEa6_-SmAIP6FATDqlya3aU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:1b0::/48
2a0e:97c0:1b2::/48
2a0e:97c0:1ba::-2a0e:97c0:1bd:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
19:a1:d1:2a:72:fb:66:c7:59:8e:37:34:ac:fd:95:15:03:32:
bf:1a:0d:bf:49:04:0f:d4:64:b3:b8:f4:83:a6:78:d9:cf:4a:
70:f7:8c:84:23:18:c1:c3:7e:0d:24:f2:ba:f0:3c:11:0e:f2:
05:30:d0:c5:7b:7d:62:3e:5f:60:65:95:35:5e:3c:3f:44:65:
c0:29:54:78:02:87:c3:f4:8d:9b:ab:69:af:fa:c2:a7:ec:66:
d9:4a:70:f6:aa:46:b2:63:35:8e:21:bd:08:77:bf:eb:c1:73:
10:56:37:0c:fc:fb:c9:a4:83:50:f9:a2:a0:76:a0:a7:91:10:
51:6e:46:fe:49:0c:38:f4:2f:a4:1c:9d:35:49:aa:c2:63:44:
78:6f:79:63:7a:77:19:35:c1:c0:c5:a7:a2:f8:7a:57:f8:f3:
49:eb:7d:78:fa:94:0d:79:a8:8e:c9:9f:47:54:1f:73:67:cd:
d6:e3:e5:ad:63:45:70:00:ac:d7:2e:d9:0b:91:4c:ea:1f:37:
db:9f:67:37:04:41:3d:ba:7f:d1:72:ee:39:a6:eb:3d:4d:ed:
1b:8e:e8:d0:8d:f0:f4:ad:f0:3b:fa:e1:5a:10:ac:54:e1:70:
63:f1:43:3c:04:a3:3c:e4:01:b7:99:94:c7:67:af:9e:c7:3b:
fe:19:d0:21
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYXeQLKafneNSE+KnC1C8nOQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTIzMTA1MTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDNmMzIxNDQ2YmFmZmU0YTYwMDgzZmExNDA0YzNhYTVjOWFkZGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/CYS0pDFqOeUmiaFuvjrCqgf7+6
YT5QLG5qrbKlIiTsOqcdSTIcnb+hQlXW19MHqDQ4MSUHwWB5Xs7gFCu4sKheIhDe
C8NJqmcyg5Il8E0MzhxYQJPD09aoakyFtVU2VpgQEeFqqL0jWvgSgiLdbP7Ydsd3
TDbGg/MpzFij6H6UiQ43Fau+LkytPaJlIrtru8od5ez0UV6fpadV2Omkwo4Ym2WA
neiSFqxo1p/7OnrbgoiQkdhqyUyMn7uBO40138GWdUaXhSp3zZQMCIgJhd9ssQca
nYzGvRusX98Ayavklj7Dblo2kh7QD9q2PhK5hG/JYgGTBVFsPILYR99dMwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFFQ/MhRGuv/kpgCD+hQEw6pcmt2lMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVkQ4eUZFYTZfLVNtQUlQNkZBVERxbHlhM2FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAwcAKg6XwAGw
AwcAKg6XwAGyMBIDBwEqDpfAAboDBwEqDpfAAbwwDQYJKoZIhvcNAQELBQADggEB
ABmh0Spy+2bHWY43NKz9lRUDMr8aDb9JBA/UZLO49IOmeNnPSnD3jIQjGMHDfg0k
8rrwPBEO8gUw0MV7fWI+X2BllTVePD9EZcApVHgCh8P0jZuraa/6wqfsZtlKcPaq
RrJjNY4hvQh3v+vBcxBWNwz8+8mkg1D5oqB2oKeREFFuRv5JDDj0L6QcnTVJqsJj
RHhveWN6dxk1wcDFp6L4elf480nrfXj6lA15qI7Jn0dUH3Nnzdbj5a1jRXAArNcu
2QuRTOofN9ufZzcEQT26f9Fy7jmm6z1N7RuO6NCN8PSt8Dv64VoQrFThcGPxQzwE
ozzkAbeZlMdnr57HO/4Z0CE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:16 2023 by rpki-client on console-fra.rpki-client.org