Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VRPXqkadmbdH-yGAL4Iv8zFiO5w.roa
File: VRPXqkadmbdH-yGAL4Iv8zFiO5w.roa (raw, json)
Hash identifier: pNg5D6IyVosJ4+VZ1gRxZGA4Cjr7gWBWZHGneN5e3R4=
Subject key identifier: 55:13:D7:AA:46:9D:99:B7:47:FB:21:80:2F:82:2F:F3:31:62:3B:9C
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0189888E5E15964D5D483257834F9F428A10
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VRPXqkadmbdH-yGAL4Iv8zFiO5w.roa
Signing time: Mon 24 Jul 2023 15:39:38 +0000
ROA not before: Mon 24 Jul 2023 15:39:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197634
IP address blocks: 2a0e:b107:2750::/48 maxlen: 48
2a0e:97c0:ce0::/44 maxlen: 48
2a0e:97c0:ce0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:88:8e:5e:15:96:4d:5d:48:32:57:83:4f:9f:42:8a:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 24 15:39:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5513d7aa469d99b747fb21802f822ff331623b9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:a9:66:bf:b0:ce:c0:72:05:e8:46:6c:e9:66:
6d:76:3f:6f:96:54:f4:37:f7:06:47:82:f0:bd:65:
8a:13:67:e3:14:bb:24:5e:97:87:c9:33:82:cc:95:
39:2b:31:c6:e8:f9:9d:97:a0:61:a0:73:c7:e4:ce:
7b:42:c2:7b:5f:37:fe:c6:39:9f:f1:e2:48:ef:cb:
e4:ae:51:d0:c5:1f:78:09:9a:95:d7:cb:f0:3c:a4:
d5:e8:c7:9d:71:71:c7:ba:76:c7:c8:0d:49:5d:a9:
90:3e:0e:1c:d6:6d:f4:5b:bf:59:13:3c:b2:43:ad:
f5:4a:fe:d2:d5:dd:c4:ca:68:6b:8a:96:5c:23:7c:
4a:a0:11:0b:5e:56:b4:e4:29:5d:d0:51:bb:85:16:
19:26:cc:58:6a:b3:44:19:10:75:a4:ad:38:0b:48:
cc:4b:b0:53:b3:fb:bf:6e:cc:00:cf:8b:fd:29:c2:
e7:f1:e3:21:e2:31:c9:32:8a:97:8d:ee:fe:d3:73:
fe:6a:a1:42:2d:80:b3:f2:e4:02:d1:9a:66:c0:99:
56:0a:4a:d6:04:24:d5:c3:28:07:72:9f:ba:e9:c6:
9c:81:ca:50:23:61:35:cd:d8:4d:c6:8c:b8:35:e9:
17:40:16:58:80:d6:a8:49:fa:b6:2d:a4:94:a2:6b:
fb:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:13:D7:AA:46:9D:99:B7:47:FB:21:80:2F:82:2F:F3:31:62:3B:9C
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VRPXqkadmbdH-yGAL4Iv8zFiO5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:ce0::/44
2a0e:b107:2750::/48
Signature Algorithm: sha256WithRSAEncryption
52:4e:8c:c5:74:79:67:96:e8:6b:64:d4:81:54:1f:29:e1:31:
1b:af:ca:d4:74:41:8d:84:95:01:e0:2a:27:68:35:b0:98:45:
a2:a8:15:f0:88:8d:f8:9e:c6:70:fb:47:b3:55:fb:21:45:3b:
82:15:d2:04:a2:aa:b2:9a:07:1b:2e:ef:d8:be:93:80:71:15:
4d:98:0c:d6:60:36:51:73:6e:76:60:8b:d4:09:a7:17:71:a9:
6f:ca:47:f6:cb:7c:19:fc:fe:58:9c:81:9f:84:d3:c2:fd:32:
c1:7b:94:9b:30:d6:36:bf:d7:e5:46:f4:3c:d0:7e:96:ac:fb:
32:a6:dd:e9:db:7c:67:f6:ac:17:7b:6c:8c:88:16:95:c9:c4:
a6:99:f5:bc:a1:0e:62:92:2a:d3:67:f1:cf:41:e8:00:07:7a:
77:63:41:20:4d:30:d8:20:23:2d:e6:69:86:c2:ac:13:5b:ab:
04:66:b4:c6:18:e4:49:40:b5:d1:bc:13:39:65:0c:e7:04:a6:
a2:d5:13:a4:31:2e:19:60:dd:89:06:83:8d:53:44:9f:d5:69:
b3:51:fa:16:07:7d:a1:ec:3a:9a:5a:1b:f1:19:c0:97:f8:2b:
b2:8a:e8:73:0e:79:03:62:ba:3e:fc:cc:4b:e2:53:86:79:ba:
31:f9:86:72
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYmIjl4Vlk1dSDJXg0+fQooQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNzI0MTUzOTM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTEzZDdhYTQ2OWQ5OWI3NDdmYjIxODAyZjgyMmZmMzMxNjIzYjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqlmv7DOwHIF6EZs6WZtdj9vllT0
N/cGR4LwvWWKE2fjFLskXpeHyTOCzJU5KzHG6Pmdl6BhoHPH5M57QsJ7Xzf+xjmf
8eJI78vkrlHQxR94CZqV18vwPKTV6MedcXHHunbHyA1JXamQPg4c1m30W79ZEzyy
Q631Sv7S1d3EymhripZcI3xKoBELXla05Cld0FG7hRYZJsxYarNEGRB1pK04C0jM
S7BTs/u/bswAz4v9KcLn8eMh4jHJMoqXje7+03P+aqFCLYCz8uQC0ZpmwJlWCkrW
BCTVwygHcp+66cacgcpQI2E1zdhNxoy4NekXQBZYgNaoSfq2LaSUomv7MwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFUT16pGnZm3R/shgC+CL/MxYjucMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVlJQWHFrYWRtYmRILXlHQUw0SXY4ekZpTzV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6XwAzg
AwcAKg6xBydQMA0GCSqGSIb3DQEBCwUAA4IBAQBSTozFdHlnluhrZNSBVB8p4TEb
r8rUdEGNhJUB4ConaDWwmEWiqBXwiI34nsZw+0ezVfshRTuCFdIEoqqymgcbLu/Y
vpOAcRVNmAzWYDZRc252YIvUCacXcalvykf2y3wZ/P5YnIGfhNPC/TLBe5SbMNY2
v9flRvQ80H6WrPsypt3p23xn9qwXe2yMiBaVycSmmfW8oQ5ikirTZ/HPQegAB3p3
Y0EgTTDYICMt5mmGwqwTW6sEZrTGGORJQLXRvBM5ZQznBKai1ROkMS4ZYN2JBoON
U0Sf1WmzUfoWB32h7DqaWhvxGcCX+CuyiuhzDnkDYro+/MxL4lOGebox+YZy
-----END CERTIFICATE-----
Generated at Tue Jul 25 14:04:41 2023 by rpki-client on console-fra.rpki-client.org