Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/WIzfXJzMkXiz964DaOiyH_c-clY.roa
File: WIzfXJzMkXiz964DaOiyH_c-clY.roa (raw, json)
Hash identifier: gD1qkuOP6BO9R61zJBX80uJydr7fjTG1vF19N0M+HEs=
Subject key identifier: 58:8C:DF:5C:9C:CC:91:78:B3:F7:AE:03:68:E8:B2:1F:F7:3E:72:56
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01899E312297235C15216E4215F20FA14EE2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/WIzfXJzMkXiz964DaOiyH_c-clY.roa
Signing time: Fri 28 Jul 2023 20:29:27 +0000
ROA not before: Fri 28 Jul 2023 20:29:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51939
IP address blocks: 2a0e:97c0:5c0::/44 maxlen: 48
2a0e:97c0:5c3::/48 maxlen: 48
2a0e:97c0:5c1::/48 maxlen: 48
2a0e:97c0:5ca::/48 maxlen: 48
2a0e:97c0:5c2::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:9e:31:22:97:23:5c:15:21:6e:42:15:f2:0f:a1:4e:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 28 20:29:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=588cdf5c9ccc9178b3f7ae0368e8b21ff73e7256
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:88:22:80:04:84:3a:7b:4b:31:19:d2:07:4d:
35:5b:6d:77:db:6c:b1:c5:ee:ad:aa:de:e1:45:42:
1b:4f:ce:bb:64:49:17:be:34:35:b4:b1:be:da:bb:
05:71:5b:34:ef:77:b7:3a:52:31:72:fa:f4:a5:f0:
ff:49:0e:7f:d4:d7:c5:58:af:d2:c4:ed:ed:cb:4b:
a4:e9:17:6f:fc:01:30:80:d2:97:f0:a4:84:3e:72:
be:74:f2:3d:95:45:29:75:d9:65:0c:36:af:4d:61:
7e:69:d0:70:d0:f1:ff:64:28:44:b9:d5:34:ab:99:
f4:44:6e:2c:41:ff:0e:a4:b9:40:d7:ce:b9:80:90:
d9:10:08:81:25:ea:98:47:3e:94:fc:87:7e:c5:2d:
29:4c:d9:76:52:35:9c:31:3f:82:6f:be:d3:34:0b:
40:91:cb:40:49:85:01:02:fd:80:10:a5:15:2d:4c:
61:cc:9f:4c:66:56:26:61:a0:ed:e6:be:7e:fe:37:
aa:7c:7e:5b:2e:8e:5c:ad:38:0e:5a:41:3f:94:49:
19:77:f9:90:f1:3b:99:75:eb:e5:f7:15:f7:0a:43:
8b:20:df:5e:54:7f:8e:ec:bf:51:c5:6f:fa:ee:f7:
5b:23:0b:11:82:95:b1:7f:e1:38:c6:36:5a:0d:bf:
90:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:8C:DF:5C:9C:CC:91:78:B3:F7:AE:03:68:E8:B2:1F:F7:3E:72:56
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/WIzfXJzMkXiz964DaOiyH_c-clY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:5c0::/44
Signature Algorithm: sha256WithRSAEncryption
1f:83:0c:23:5c:83:5f:2a:88:40:35:4f:c7:1b:b2:64:e0:ae:
d9:6f:29:51:7c:40:38:b4:71:31:e3:4e:7e:83:f6:24:de:10:
80:17:da:40:f7:f6:d7:51:22:e4:3c:7c:c6:d0:21:18:a8:20:
09:b5:ef:63:74:52:18:5f:c4:94:40:26:fb:80:6d:af:c2:70:
18:a2:e0:09:bb:e4:07:2c:34:4e:47:ec:63:06:15:86:b0:07:
0b:13:5d:be:70:2e:2c:fe:d9:7c:fa:77:97:5f:f5:90:0e:31:
3d:17:34:0f:d0:4a:9c:1e:b0:6e:d0:64:06:8e:69:71:64:23:
f1:52:56:04:2f:8a:a8:8b:24:1d:8a:90:32:87:2e:af:d2:2d:
dd:35:d3:74:e8:68:fe:9b:11:d3:9b:e4:26:8c:6e:7c:99:8b:
1e:a3:3b:91:1d:05:39:50:e3:5f:ce:4a:ed:42:18:fa:de:2e:
d4:68:bc:cf:c5:6b:de:3f:39:d7:a2:85:ed:ce:87:2a:2c:8b:
ad:87:96:4b:f6:a6:34:6e:18:96:20:c8:f7:8c:19:5f:26:f9:
2b:48:bf:60:d5:0c:c9:38:00:e9:b5:64:24:8b:ed:87:20:db:
32:5d:f8:37:d1:53:b5:c1:80:fa:88:bf:52:77:3c:39:4f:28:
64:7f:3a:90
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYmeMSKXI1wVIW5CFfIPoU7iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNzI4MjAyOTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODhjZGY1YzljY2M5MTc4YjNmN2FlMDM2OGU4YjIxZmY3M2U3MjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYgigASEOntLMRnSB001W21322yx
xe6tqt7hRUIbT867ZEkXvjQ1tLG+2rsFcVs073e3OlIxcvr0pfD/SQ5/1NfFWK/S
xO3ty0uk6Rdv/AEwgNKX8KSEPnK+dPI9lUUpddllDDavTWF+adBw0PH/ZChEudU0
q5n0RG4sQf8OpLlA1865gJDZEAiBJeqYRz6U/Id+xS0pTNl2UjWcMT+Cb77TNAtA
kctASYUBAv2AEKUVLUxhzJ9MZlYmYaDt5r5+/jeqfH5bLo5crTgOWkE/lEkZd/mQ
8TuZdevl9xX3CkOLIN9eVH+O7L9RxW/67vdbIwsRgpWxf+E4xjZaDb+Q8QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFiM31yczJF4s/euA2josh/3PnJWMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvV0l6ZlhKek1rWGl6OTY0RGFPaXlIX2MtY2xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAXA
MA0GCSqGSIb3DQEBCwUAA4IBAQAfgwwjXINfKohANU/HG7Jk4K7ZbylRfEA4tHEx
405+g/Yk3hCAF9pA9/bXUSLkPHzG0CEYqCAJte9jdFIYX8SUQCb7gG2vwnAYouAJ
u+QHLDROR+xjBhWGsAcLE12+cC4s/tl8+neXX/WQDjE9FzQP0EqcHrBu0GQGjmlx
ZCPxUlYEL4qoiyQdipAyhy6v0i3dNdN06Gj+mxHTm+QmjG58mYseozuRHQU5UONf
zkrtQhj63i7UaLzPxWvePznXooXtzocqLIuth5ZL9qY0bhiWIMj3jBlfJvkrSL9g
1QzJOADptWQki+2HINsyXfg30VO1wYD6iL9Sdzw5TyhkfzqQ
-----END CERTIFICATE-----
Generated at Sat Nov 18 03:32:50 2023 by rpki-client on console-fra.rpki-client.org