Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/W_7nGfs1dbu7PmOZQVhK1nw4a90.roa
File: W_7nGfs1dbu7PmOZQVhK1nw4a90.roa (raw, json)
Hash identifier: d/q9bHxk5j2f4dbRuVSJQOP4JyXQkgJpxWbRdodlDo8=
Subject key identifier: 5B:FE:E7:19:FB:35:75:BB:BB:3E:63:99:41:58:4A:D6:7C:38:6B:DD
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01874BE7CC52EDCE88C1534B7E0EB1B437E4
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/W_7nGfs1dbu7PmOZQVhK1nw4a90.roa
Signing time: Tue 04 Apr 2023 10:54:54 +0000
ROA not before: Tue 04 Apr 2023 10:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211509
IP address blocks: 2a0e:b107:1180::/48 maxlen: 48
2a0e:b107:1184::/48 maxlen: 48
2a0e:b107:1181::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4b:e7:cc:52:ed:ce:88:c1:53:4b:7e:0e:b1:b4:37:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 4 10:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5bfee719fb3575bbbb3e639941584ad67c386bdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:25:2d:3a:51:e3:ce:33:f5:3b:44:1a:47:1f:
16:f0:b7:82:60:07:db:ff:30:f2:4b:7a:2a:2c:2b:
ff:a5:bb:e3:5c:9f:9e:8d:2f:44:0a:82:15:75:e4:
81:a2:1c:e2:25:bc:8e:6d:66:df:e6:8a:df:b3:32:
63:cd:f3:c6:5d:82:2b:b1:d6:8e:b8:f2:8a:6e:4b:
ff:66:11:90:56:57:67:f6:db:31:a2:6c:cd:82:90:
a6:6c:91:2f:50:5d:8b:10:2b:e7:1a:d1:e3:da:11:
2f:54:d5:6a:17:78:2b:7d:93:8f:40:8e:af:00:39:
01:75:86:f1:62:17:a9:66:59:53:23:f4:ca:03:5a:
d8:4d:38:44:44:4b:f7:dd:a2:97:9b:d6:6a:21:a9:
b8:ae:2a:fe:a4:96:e2:09:1d:a9:cd:78:dc:9a:46:
ff:b0:f1:91:e5:e1:94:23:78:8f:69:aa:08:af:3f:
1b:b2:98:da:68:7c:de:57:53:af:8f:54:83:a7:b5:
81:10:c6:67:68:8e:06:38:1d:40:9a:04:8b:d2:5e:
7d:01:b4:a1:2d:80:b1:22:b9:e9:9e:c5:a1:7f:14:
94:8c:7e:2f:7b:2c:07:91:68:b3:24:4a:03:ca:04:
7f:73:89:b5:ae:60:25:77:59:0f:f9:35:1b:58:e0:
e9:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:FE:E7:19:FB:35:75:BB:BB:3E:63:99:41:58:4A:D6:7C:38:6B:DD
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/W_7nGfs1dbu7PmOZQVhK1nw4a90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1180::/47
2a0e:b107:1184::/48
Signature Algorithm: sha256WithRSAEncryption
b6:5b:06:4b:0e:5d:f2:4f:b9:65:32:29:29:45:04:e6:9d:d4:
3d:2b:9b:51:f3:61:4c:4e:0e:24:81:6e:46:ea:9c:b0:49:25:
b6:72:5d:b8:23:3d:a5:84:68:77:d8:72:cf:6e:1d:b6:7a:86:
40:45:67:66:af:a0:8c:cb:6c:88:db:52:ab:4b:05:fc:c2:70:
e5:66:d7:5c:2c:9f:c4:a4:fe:42:14:53:e6:55:d3:92:72:73:
f4:7c:dd:88:d1:5f:cb:86:a6:81:2f:5e:48:5a:9d:97:e7:e8:
85:60:bd:b9:bb:1c:f0:e0:00:5d:cc:4a:f4:ec:1a:c7:a9:c2:
21:12:8d:41:fa:d3:a2:ce:23:2a:ea:91:af:8d:6a:c3:48:05:
68:fe:1d:20:bf:92:18:02:36:25:7d:eb:ec:f1:6d:2a:fc:e2:
e5:b1:c7:f8:05:01:4e:b5:08:77:d0:0a:8d:43:1c:63:a7:64:
a3:ed:ac:91:56:96:38:fd:c8:c3:ea:5e:f5:7f:0e:b6:90:70:
d3:af:cd:27:d3:ee:f5:32:75:ab:76:36:9b:ce:3a:d3:83:db:
2d:fd:da:ff:f9:47:13:6a:b8:c4:7f:e1:8f:6f:ad:bf:9d:fc:
6b:cd:69:b9:9e:52:d2:a1:3a:5e:7f:94:1f:82:b3:e9:b7:cc:
d3:70:c3:da
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYdL58xS7c6IwVNLfg6xtDfkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNDA0MTA1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmZlZTcxOWZiMzU3NWJiYmIzZTYzOTk0MTU4NGFkNjdjMzg2YmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyUtOlHjzjP1O0QaRx8W8LeCYAfb
/zDyS3oqLCv/pbvjXJ+ejS9ECoIVdeSBohziJbyObWbf5orfszJjzfPGXYIrsdaO
uPKKbkv/ZhGQVldn9tsxomzNgpCmbJEvUF2LECvnGtHj2hEvVNVqF3grfZOPQI6v
ADkBdYbxYhepZllTI/TKA1rYTThEREv33aKXm9ZqIam4rir+pJbiCR2pzXjcmkb/
sPGR5eGUI3iPaaoIrz8bspjaaHzeV1Ovj1SDp7WBEMZnaI4GOB1AmgSL0l59AbSh
LYCxIrnpnsWhfxSUjH4veywHkWizJEoDygR/c4m1rmAld1kP+TUbWODprQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFv+5xn7NXW7uz5jmUFYStZ8OGvdMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvV183bkdmczFkYnU3UG1PWlFWaEsxbnc0YTkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcBKg6xBxGA
AwcAKg6xBxGEMA0GCSqGSIb3DQEBCwUAA4IBAQC2WwZLDl3yT7llMikpRQTmndQ9
K5tR82FMTg4kgW5G6pywSSW2cl24Iz2lhGh32HLPbh22eoZARWdmr6CMy2yI21Kr
SwX8wnDlZtdcLJ/EpP5CFFPmVdOScnP0fN2I0V/LhqaBL15IWp2X5+iFYL25uxzw
4ABdzEr07BrHqcIhEo1B+tOiziMq6pGvjWrDSAVo/h0gv5IYAjYlfevs8W0q/OLl
scf4BQFOtQh30AqNQxxjp2Sj7ayRVpY4/cjD6l71fw62kHDTr80n0+71MnWrdjab
zjrTg9st/dr/+UcTarjEf+GPb62/nfxrzWm5nlLSoTpef5QfgrPpt8zTcMPa
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:31 2024 by rpki-client on console-fra.rpki-client.org