Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XFnu0lUX3DHcnhHxlRA7NJzFCQI.roa
File: XFnu0lUX3DHcnhHxlRA7NJzFCQI.roa (raw, json)
Hash identifier: Ff6OW412m06Kk39Hkl97eH4zmAGQ4dEt2a3dyEyD0e8=
Subject key identifier: 5C:59:EE:D2:55:17:DC:31:DC:9E:11:F1:95:10:3B:34:9C:C5:09:02
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E81DCC4C8882A57F92945F394193AD
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XFnu0lUX3DHcnhHxlRA7NJzFCQI.roa
Signing time: Mon 02 Jan 2023 05:15:38 +0000
ROA not before: Mon 02 Jan 2023 05:15:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212793
IP address blocks: 2a10:2f01:2d0::/44 maxlen: 48
2a10:2f01:350::/44 maxlen: 48
2a10:2f00:147::/48 maxlen: 48
2a0f:e401:130::/44 maxlen: 48
2a10:2f01:2d1::/48 maxlen: 48
2a0e:b107:88f::/48 maxlen: 48
2a10:2f01:354::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e8:1d:cc:4c:88:82:a5:7f:92:94:5f:39:41:93:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c59eed25517dc31dc9e11f195103b349cc50902
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:32:6b:3e:38:26:8d:ce:46:c0:ae:0e:8e:0c:
fd:ae:06:02:4c:97:f5:1c:19:60:03:46:fa:47:3c:
dd:7b:a8:c1:d5:0c:52:2a:22:2e:24:0d:9f:68:8b:
87:a7:ac:6d:f4:25:41:15:4e:6c:dd:9a:4b:a4:c7:
9c:a9:99:12:3b:3d:c4:19:6d:72:30:43:df:39:c9:
76:82:b4:39:e2:1e:fd:43:27:29:47:0f:73:2e:fb:
16:ab:ff:43:f8:d1:15:ce:52:b2:5e:4d:e3:a9:a1:
87:63:6f:6e:e4:fa:b4:e2:09:23:1e:a5:18:0b:12:
dd:4d:a4:24:8c:07:0b:02:2c:0e:81:66:52:b6:00:
88:f0:71:d8:a9:f1:2c:82:a1:87:7b:40:16:96:81:
23:80:2d:da:25:55:90:e4:19:49:3f:6a:7b:44:d7:
cd:41:4c:3a:f9:ba:09:84:b0:f1:ec:1d:62:5e:26:
18:7f:06:f8:b6:4d:16:66:a7:94:a8:6b:ca:d6:80:
3c:e2:6b:c5:22:c1:61:8b:96:ea:de:a1:0a:23:7b:
ef:29:3c:85:99:cf:53:45:d5:ac:b6:ae:9d:b7:78:
f3:05:86:23:cf:b8:a6:ff:81:e3:93:de:e2:b0:1f:
f8:3c:fc:d7:33:d9:1b:0b:f7:fa:cf:d7:24:15:ea:
cd:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:59:EE:D2:55:17:DC:31:DC:9E:11:F1:95:10:3B:34:9C:C5:09:02
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XFnu0lUX3DHcnhHxlRA7NJzFCQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:88f::/48
2a0f:e401:130::/44
2a10:2f00:147::/48
2a10:2f01:2d0::/44
2a10:2f01:350::/44
Signature Algorithm: sha256WithRSAEncryption
c8:29:1c:cb:c6:b3:8d:fe:46:62:10:6e:2a:c9:3c:cf:d1:6d:
ab:40:d5:ce:a9:af:47:8f:ce:a4:60:b0:7e:b0:31:6d:f0:fe:
a8:12:3a:52:2f:a8:73:29:a8:f2:5b:23:2f:de:b2:e2:da:c3:
a2:2b:c2:6b:39:bf:9f:93:e5:6e:55:58:7e:0c:dd:bc:e4:4f:
8c:27:f5:93:cb:07:6c:97:6d:88:e6:64:79:49:cf:8f:ca:ba:
75:55:e5:3c:f2:01:85:37:41:49:e6:9d:56:06:94:6d:19:e0:
56:28:3a:fa:ec:83:c3:85:74:a6:df:98:d0:c0:91:18:78:ed:
7d:a8:ad:f6:3a:7b:99:e3:76:44:f8:17:a0:a4:51:8f:c5:d5:
a5:ff:4c:d1:d1:63:ba:61:05:5d:0e:e7:ff:58:85:03:81:af:
66:b9:69:26:36:94:8a:40:32:7f:bc:e1:34:bb:8d:5b:9e:fa:
3d:6d:39:32:25:fc:8c:92:30:18:b6:ad:97:d2:c9:5e:39:bb:
3a:98:e5:55:69:d6:08:7b:76:45:f2:77:58:f1:eb:d1:c2:d7:
33:c0:b6:49:ec:b7:25:9b:1d:43:c8:e9:48:4c:d7:1a:19:52:
35:41:80:99:25:f1:61:e9:b7:8f:b5:22:6e:55:06:26:b0:4a:
6f:71:ce:5a
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVw6B3MTIiCpX+SlF85QZOtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzU5ZWVkMjU1MTdkYzMxZGM5ZTExZjE5NTEwM2IzNDljYzUwOTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTJrPjgmjc5GwK4Ojgz9rgYCTJf1
HBlgA0b6Rzzde6jB1QxSKiIuJA2faIuHp6xt9CVBFU5s3ZpLpMecqZkSOz3EGW1y
MEPfOcl2grQ54h79QycpRw9zLvsWq/9D+NEVzlKyXk3jqaGHY29u5Pq04gkjHqUY
CxLdTaQkjAcLAiwOgWZStgCI8HHYqfEsgqGHe0AWloEjgC3aJVWQ5BlJP2p7RNfN
QUw6+boJhLDx7B1iXiYYfwb4tk0WZqeUqGvK1oA84mvFIsFhi5bq3qEKI3vvKTyF
mc9TRdWstq6dt3jzBYYjz7im/4Hjk97isB/4PPzXM9kbC/f6z9ckFerN1wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFFxZ7tJVF9wx3J4R8ZUQOzScxQkCMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWEZudTBsVVgzREhjbmhIeGxSQTdOSnpGQ1FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAAjAtAwcAKg6xBwiP
AwcEKg/kAQEwAwcAKhAvAAFHAwcEKhAvAQLQAwcEKhAvAQNQMA0GCSqGSIb3DQEB
CwUAA4IBAQDIKRzLxrON/kZiEG4qyTzP0W2rQNXOqa9Hj86kYLB+sDFt8P6oEjpS
L6hzKajyWyMv3rLi2sOiK8JrOb+fk+VuVVh+DN285E+MJ/WTywdsl22I5mR5Sc+P
yrp1VeU88gGFN0FJ5p1WBpRtGeBWKDr67IPDhXSm35jQwJEYeO19qK32OnuZ43ZE
+BegpFGPxdWl/0zR0WO6YQVdDuf/WIUDga9muWkmNpSKQDJ/vOE0u41bnvo9bTky
JfyMkjAYtq2X0sleObs6mOVVadYIe3ZF8ndY8evRwtczwLZJ7Lclmx1DyOlITNca
GVI1QYCZJfFh6bePtSJuVQYmsEpvcc5a
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:16 2023 by rpki-client on console-fra.rpki-client.org