Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/WQi833mYm17Vgk24mZeopgPfC38.roa
File: WQi833mYm17Vgk24mZeopgPfC38.roa (raw, json)
Hash identifier: wXO4piu/RkpKmn5v4UUKhFMDP8V6eYTxT53G/67JoqU=
Subject key identifier: 59:08:BC:DF:79:98:9B:5E:D5:82:4D:B8:99:97:A8:A6:03:DF:0B:7F
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E641405B201529C488EFACF653922D40
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/WQi833mYm17Vgk24mZeopgPfC38.roa
Signing time: Wed 25 Jan 2023 00:08:33 +0000
ROA not before: Wed 25 Jan 2023 00:08:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200160
IP address blocks: 2a0e:b107:900::/44 maxlen: 48
2a0e:b107:bb0::/44 maxlen: 48
2a0e:b107:666::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e6:41:40:5b:20:15:29:c4:88:ef:ac:f6:53:92:2d:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 25 00:08:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5908bcdf79989b5ed5824db89997a8a603df0b7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:bb:1a:0d:ee:e9:1a:6d:64:f2:32:5b:c2:c0:
83:97:17:c4:96:79:c5:6e:31:99:49:62:4e:d7:cb:
7f:31:06:99:b7:4b:c7:3f:a3:13:ed:4c:06:f9:22:
7b:cd:83:9e:cc:a6:f6:83:3d:b6:d1:0e:1c:a9:d5:
86:61:ae:88:62:bf:23:c5:af:6b:b5:4d:e1:6a:e3:
b4:ed:5f:a4:7f:f8:f8:3a:2d:e4:42:8b:c8:24:43:
ed:34:f3:80:f7:80:d4:4c:df:c3:94:63:a0:1f:c4:
7d:96:6a:ad:0d:68:d8:f3:0d:18:28:42:3c:25:85:
16:c9:c3:a5:60:7f:c1:4f:47:ec:52:df:87:48:9d:
d1:8a:4d:8c:d8:23:18:fe:78:18:2a:ae:fe:38:a3:
29:ad:76:14:01:a3:1c:97:38:c3:cc:e6:19:41:fb:
a7:0f:5f:c4:a8:59:fb:fa:55:67:c5:51:15:d0:97:
b7:96:01:e6:b4:a6:aa:5b:7c:f7:95:e1:f0:8f:22:
58:cf:48:d5:06:71:d5:f1:e3:15:83:92:5b:cb:ab:
9e:24:0b:75:96:31:e1:d0:0b:29:95:b4:21:c5:97:
98:1b:96:43:26:97:02:20:dc:f5:28:5a:60:f6:14:
2a:aa:b2:c7:17:3f:a5:1b:12:4d:51:4d:42:0f:0f:
7e:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:08:BC:DF:79:98:9B:5E:D5:82:4D:B8:99:97:A8:A6:03:DF:0B:7F
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/WQi833mYm17Vgk24mZeopgPfC38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:666::/48
2a0e:b107:900::/44
2a0e:b107:bb0::/44
Signature Algorithm: sha256WithRSAEncryption
42:e1:44:28:36:f8:04:5b:4b:0d:60:4e:da:41:ce:f7:cc:cd:
ec:37:57:2b:e7:fc:a7:19:b4:bc:52:51:36:49:a4:f7:fe:1d:
f1:17:0a:54:12:80:12:fb:98:0f:c1:65:f4:8b:6d:8a:f3:5c:
fb:b8:ea:88:ef:5f:1d:da:27:00:f0:fd:14:14:77:fa:b2:0d:
92:35:89:89:94:79:0b:e6:94:a8:9f:f0:89:da:af:99:50:2b:
4b:c2:10:3f:27:c9:ea:15:d9:5b:99:0c:47:02:c8:88:9d:e5:
18:bd:70:0a:fd:55:dd:23:f1:5a:d0:ca:f5:99:88:1c:84:c0:
6e:d5:bb:2b:1d:3d:6e:86:65:75:85:2c:72:2c:4e:22:21:ee:
eb:62:9a:22:11:41:17:e8:07:65:e2:fd:e8:dd:78:92:55:51:
8c:ec:11:50:ff:69:bb:1f:69:57:da:fb:28:1f:ff:09:a5:08:
5c:59:e2:25:5e:d0:60:d6:bb:d7:15:bb:55:d8:f7:12:81:17:
d5:66:61:f5:f2:b2:f8:82:39:11:ed:d2:97:62:41:74:db:2b:
4b:3a:ed:f5:c0:ae:f7:48:95:a3:0d:14:3c:99:8b:92:9f:f5:
77:aa:00:65:08:95:47:4b:b9:f4:7a:2d:9e:6b:39:3f:cc:a8:
7f:b4:25:8e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYXmQUBbIBUpxIjvrPZTki1AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI1MDAwODMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTA4YmNkZjc5OTg5YjVlZDU4MjRkYjg5OTk3YThhNjAzZGYwYjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7saDe7pGm1k8jJbwsCDlxfElnnF
bjGZSWJO18t/MQaZt0vHP6MT7UwG+SJ7zYOezKb2gz220Q4cqdWGYa6IYr8jxa9r
tU3hauO07V+kf/j4Oi3kQovIJEPtNPOA94DUTN/DlGOgH8R9lmqtDWjY8w0YKEI8
JYUWycOlYH/BT0fsUt+HSJ3Rik2M2CMY/ngYKq7+OKMprXYUAaMclzjDzOYZQfun
D1/EqFn7+lVnxVEV0Je3lgHmtKaqW3z3leHwjyJYz0jVBnHV8eMVg5Jby6ueJAt1
ljHh0AsplbQhxZeYG5ZDJpcCINz1KFpg9hQqqrLHFz+lGxJNUU1CDw9+MQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFkIvN95mJte1YJNuJmXqKYD3wt/MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvV1FpODMzbVltMTdWZ2syNG1aZW9wZ1BmQzM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKg6xBwZm
AwcEKg6xBwkAAwcEKg6xBwuwMA0GCSqGSIb3DQEBCwUAA4IBAQBC4UQoNvgEW0sN
YE7aQc73zM3sN1cr5/ynGbS8UlE2SaT3/h3xFwpUEoAS+5gPwWX0i22K81z7uOqI
718d2icA8P0UFHf6sg2SNYmJlHkL5pSon/CJ2q+ZUCtLwhA/J8nqFdlbmQxHAsiI
neUYvXAK/VXdI/Fa0Mr1mYgchMBu1bsrHT1uhmV1hSxyLE4iIe7rYpoiEUEX6Adl
4v3o3XiSVVGM7BFQ/2m7H2lX2vsoH/8JpQhcWeIlXtBg1rvXFbtV2PcSgRfVZmH1
8rL4gjkR7dKXYkF02ytLOu31wK73SJWjDRQ8mYuSn/V3qgBlCJVHS7n0ei2eazk/
zKh/tCWO
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:16 2023 by rpki-client on console-fra.rpki-client.org