Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Wesqr274LSTiI9JjEGvZqL1qd_s.roa
File: Wesqr274LSTiI9JjEGvZqL1qd_s.roa (raw, json)
Hash identifier: gAqj6r5iyqYcEt7XG6nbN/AWSNzCaZqlWyHgmkbwLPM=
Subject key identifier: 59:EB:2A:AF:6E:F8:2D:24:E2:23:D2:63:10:6B:D9:A8:BD:6A:77:FB
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC786073A51227970DE08EE130B7F53C8
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Wesqr274LSTiI9JjEGvZqL1qd_s.roa
Signing time: Tue 02 Jan 2024 00:14:58 +0000
ROA not before: Tue 02 Jan 2024 00:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197634
IP address blocks: 2a0e:97c0:ce0::/44 maxlen: 48
2a0e:97c0:ce0::/48 maxlen: 48
2a0e:97c0:ce1::/48 maxlen: 48
2a0e:97c0:ce2::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:86:07:3a:51:22:79:70:de:08:ee:13:0b:7f:53:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 00:14:58 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=59eb2aaf6ef82d24e223d263106bd9a8bd6a77fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3e:fe:95:c2:78:79:d1:da:99:32:17:c3:67:
11:27:7c:ce:34:b6:fe:93:65:1a:ec:68:da:b1:e4:
12:20:7f:a3:7b:04:62:d4:8a:ee:94:d0:54:c5:07:
4c:17:ac:c5:58:b8:2e:dc:d7:9a:93:dd:fa:56:96:
43:46:44:c1:c2:c2:6f:18:b5:d2:3e:fe:b8:02:35:
3f:1a:e8:8f:e8:ac:a0:df:68:ca:67:2d:f0:a8:cf:
2a:fa:80:36:5e:6e:7f:25:4c:ba:05:20:ae:e8:ca:
2e:32:9d:6f:07:7b:5e:3a:b7:b5:b5:47:a3:b5:43:
4f:4c:ae:38:b9:10:cf:ec:cd:61:fc:38:e0:92:ba:
dc:8e:4c:fc:6d:e6:19:4a:8b:9d:ea:96:5e:0e:9a:
25:90:8b:9b:8a:69:07:48:a3:f5:fb:4b:90:a0:ee:
91:71:45:1f:1b:4d:3f:fb:7e:a5:c1:34:3e:9d:88:
65:a0:98:84:72:71:9b:ba:2a:ea:19:5f:7e:8b:0a:
b9:5a:50:ad:8e:30:f5:8d:a2:c3:d0:d1:81:92:bb:
75:32:76:35:60:3e:28:a0:03:76:04:36:65:91:e2:
15:7c:e4:d4:05:ab:78:b2:9c:99:59:c0:65:ae:6b:
63:fa:f3:63:3b:6d:47:27:50:85:2a:ef:12:1b:4a:
15:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:EB:2A:AF:6E:F8:2D:24:E2:23:D2:63:10:6B:D9:A8:BD:6A:77:FB
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Wesqr274LSTiI9JjEGvZqL1qd_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:ce0::/44
Signature Algorithm: sha256WithRSAEncryption
0d:83:66:c0:98:d5:ec:a0:5a:70:ed:b0:ed:0c:63:fa:99:41:
b0:49:0c:36:1b:84:eb:73:1a:96:e2:ad:b5:d3:30:79:9f:5f:
9d:75:8b:84:14:85:63:77:b5:53:1d:77:5e:cc:e4:68:2e:46:
f3:f4:39:96:90:7d:4b:a9:48:98:1f:d8:d3:a0:3c:68:75:e0:
4d:25:80:71:27:e4:2e:eb:4f:8b:ac:31:4a:51:14:51:5e:a3:
05:f4:61:a8:4c:a6:ea:85:20:be:64:93:f3:e5:91:06:05:90:
8c:b9:f9:c9:b8:8c:bc:c8:6e:d6:52:3e:ae:62:fd:50:c2:3f:
bf:3f:24:67:d9:96:30:42:7e:67:4b:27:9e:f3:10:4d:75:30:
15:4f:8b:1c:4f:05:62:b5:80:13:4e:35:59:f4:25:0c:9e:f5:
be:77:7a:a1:41:26:62:85:3f:cb:c2:5f:ef:0c:c5:c3:1d:20:
54:a0:cb:12:ae:c5:f5:20:d1:91:05:c2:a6:65:e3:7d:3b:35:
51:1b:a8:ab:a7:95:ce:10:0f:0f:17:5f:71:da:d4:35:cd:c8:
e8:29:a3:0e:39:10:1b:9c:30:1b:bb:97:fe:a1:16:58:49:f2:
bb:cb:d2:fb:4b:42:58:66:5d:c0:ee:c5:43:3b:a9:0f:38:f7:
89:2a:21:b8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzHhgc6USJ5cN4I7hMLf1PIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMDAxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWViMmFhZjZlZjgyZDI0ZTIyM2QyNjMxMDZiZDlhOGJkNmE3N2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoT7+lcJ4edHamTIXw2cRJ3zONLb+
k2Ua7GjaseQSIH+jewRi1IrulNBUxQdMF6zFWLgu3Neak936VpZDRkTBwsJvGLXS
Pv64AjU/GuiP6Kyg32jKZy3wqM8q+oA2Xm5/JUy6BSCu6MouMp1vB3teOre1tUej
tUNPTK44uRDP7M1h/Djgkrrcjkz8beYZSoud6pZeDpolkIubimkHSKP1+0uQoO6R
cUUfG00/+36lwTQ+nYhloJiEcnGbuirqGV9+iwq5WlCtjjD1jaLD0NGBkrt1MnY1
YD4ooAN2BDZlkeIVfOTUBat4spyZWcBlrmtj+vNjO21HJ1CFKu8SG0oV/QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFnrKq9u+C0k4iPSYxBr2ai9anf7MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvV2VzcXIyNzRMU1RpSTlKakVHdlpxTDFxZF9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAzg
MA0GCSqGSIb3DQEBCwUAA4IBAQANg2bAmNXsoFpw7bDtDGP6mUGwSQw2G4TrcxqW
4q210zB5n1+ddYuEFIVjd7VTHXdezORoLkbz9DmWkH1LqUiYH9jToDxodeBNJYBx
J+Qu60+LrDFKURRRXqMF9GGoTKbqhSC+ZJPz5ZEGBZCMufnJuIy8yG7WUj6uYv1Q
wj+/PyRn2ZYwQn5nSyee8xBNdTAVT4scTwVitYATTjVZ9CUMnvW+d3qhQSZihT/L
wl/vDMXDHSBUoMsSrsX1INGRBcKmZeN9OzVRG6irp5XOEA8PF19x2tQ1zcjoKaMO
ORAbnDAbu5f+oRZYSfK7y9L7S0JYZl3A7sVDO6kPOPeJKiG4
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:51 2024 by rpki-client on console-ams.rpki-client.org