Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/WTcjvxW21krHPAnBim3t9fQxAyM.roa
File: WTcjvxW21krHPAnBim3t9fQxAyM.roa (raw, json)
Hash identifier: WZMX0RgvoF05xH2XNWAineYiV7lEqBND2OY1c/KI5ZI=
Subject key identifier: 59:37:23:BF:15:B6:D6:4A:C7:3C:09:C1:8A:6D:ED:F5:F4:31:03:23
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018C24AB1A869E644FD7F411B14374972398
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/WTcjvxW21krHPAnBim3t9fQxAyM.roa
Signing time: Fri 01 Dec 2023 09:17:22 +0000
ROA not before: Fri 01 Dec 2023 09:17:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212516
IP address blocks: 2a0e:97c0:64c::/48 maxlen: 48
2a0e:97c0:b77::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:24:ab:1a:86:9e:64:4f:d7:f4:11:b1:43:74:97:23:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 1 09:17:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=593723bf15b6d64ac73c09c18a6dedf5f4310323
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:de:c7:2f:40:19:b1:75:b0:69:f9:68:37:d6:
f5:5f:e8:c9:c6:a0:0c:29:0a:a9:12:3c:24:25:74:
1d:ee:bc:bb:e2:67:bf:15:db:55:9b:30:20:6a:b7:
ac:fc:82:97:0a:db:9b:04:8d:e2:51:d4:be:3f:dc:
2a:7e:d9:d1:78:50:c6:6e:54:8a:bc:ab:1c:20:bb:
5e:74:c6:ea:84:93:da:5d:bb:60:fc:74:9d:db:ae:
1c:d1:cc:13:eb:f2:f5:ed:af:d6:8d:d1:65:69:1b:
44:d2:85:a7:de:4b:62:14:2b:40:fd:37:2b:3d:08:
54:ff:fd:0a:20:38:0f:b1:93:f2:12:45:26:fe:a1:
c4:bd:cd:e9:5e:1a:1f:48:a6:0e:26:2a:f5:31:25:
d9:64:7d:98:28:d1:8b:8a:aa:7d:ac:4d:39:ce:f4:
9c:ba:73:70:15:79:7f:51:9d:12:ef:ab:61:fc:e4:
86:34:cb:80:ab:c1:50:29:88:09:45:7f:0c:3b:52:
69:9d:d6:69:00:37:6e:50:8a:1c:4d:05:5a:d3:de:
52:2c:b3:87:47:11:f1:c1:fe:a3:33:18:c3:94:3a:
30:40:4d:75:85:10:bc:9a:fe:cc:ab:f0:22:77:87:
85:e8:9a:92:1d:20:13:69:8f:0c:e3:40:9f:51:ba:
ee:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:37:23:BF:15:B6:D6:4A:C7:3C:09:C1:8A:6D:ED:F5:F4:31:03:23
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/WTcjvxW21krHPAnBim3t9fQxAyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:64c::/48
2a0e:97c0:b77::/48
Signature Algorithm: sha256WithRSAEncryption
64:c4:d4:96:8f:9d:2f:2f:e7:bc:58:cc:b8:c4:b8:dd:a3:43:
ce:f1:89:a4:47:4d:45:ec:20:d2:a3:fa:9a:c2:7b:5c:1b:5c:
db:17:b1:18:d2:fe:2c:83:38:42:48:89:d5:10:0a:a7:79:7c:
b5:a8:62:de:35:61:b8:ac:37:21:6d:8c:06:3d:79:6b:b0:76:
19:da:74:57:94:68:5d:92:23:b1:46:d3:48:6f:3e:8d:f8:5e:
8c:d2:1e:5a:ab:74:b4:65:99:da:d4:15:42:ac:ed:35:ce:c6:
ab:8b:a5:36:96:ad:7c:9b:0f:5c:9e:ab:91:07:7a:9a:c8:dd:
3c:10:ff:60:47:5a:96:28:dc:37:95:46:7e:14:fd:25:61:ff:
ad:96:db:84:3d:b2:fe:77:a3:f8:14:fe:3b:51:15:6d:d4:b8:
b1:91:39:e1:69:28:67:b7:bd:53:58:f4:1b:4a:2f:48:6b:48:
83:eb:67:b4:a7:e9:87:f4:ea:6b:0b:ad:da:46:5c:dc:c9:3e:
d1:3b:39:2f:c8:28:84:20:81:32:e9:0b:a9:42:be:7a:57:b2:
d6:d1:be:b7:98:d5:0c:ba:74:a2:72:27:21:56:a0:09:99:c4:
2e:bf:25:15:ac:a1:03:66:ed:80:67:c0:1f:14:8d:88:d0:75:
63:cb:4f:7c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYwkqxqGnmRP1/QRsUN0lyOYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMjAxMDkxNzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTM3MjNiZjE1YjZkNjRhYzczYzA5YzE4YTZkZWRmNWY0MzEwMzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo97HL0AZsXWwafloN9b1X+jJxqAM
KQqpEjwkJXQd7ry74me/FdtVmzAgares/IKXCtubBI3iUdS+P9wqftnReFDGblSK
vKscILtedMbqhJPaXbtg/HSd264c0cwT6/L17a/WjdFlaRtE0oWn3ktiFCtA/Tcr
PQhU//0KIDgPsZPyEkUm/qHEvc3pXhofSKYOJir1MSXZZH2YKNGLiqp9rE05zvSc
unNwFXl/UZ0S76th/OSGNMuAq8FQKYgJRX8MO1JpndZpADduUIocTQVa095SLLOH
RxHxwf6jMxjDlDowQE11hRC8mv7Mq/Aid4eF6JqSHSATaY8M40CfUbruPwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFk3I78VttZKxzwJwYpt7fX0MQMjMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvV1RjanZ4VzIxa3JIUEFuQmltM3Q5ZlF4QXlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6XwAZM
AwcAKg6XwAt3MA0GCSqGSIb3DQEBCwUAA4IBAQBkxNSWj50vL+e8WMy4xLjdo0PO
8YmkR01F7CDSo/qawntcG1zbF7EY0v4sgzhCSInVEAqneXy1qGLeNWG4rDchbYwG
PXlrsHYZ2nRXlGhdkiOxRtNIbz6N+F6M0h5aq3S0ZZna1BVCrO01zsari6U2lq18
mw9cnquRB3qayN08EP9gR1qWKNw3lUZ+FP0lYf+tltuEPbL+d6P4FP47URVt1Lix
kTnhaShnt71TWPQbSi9Ia0iD62e0p+mH9OprC63aRlzcyT7ROzkvyCiEIIEy6Qup
Qr56V7LW0b63mNUMunSicichVqAJmcQuvyUVrKEDZu2AZ8AfFI2I0HVjy098
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:51 2024 by rpki-client on console-ams.rpki-client.org