Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XMH6qdnIaxHz84QLauPnKmKkNjA.roa
File: XMH6qdnIaxHz84QLauPnKmKkNjA.roa (raw, json)
Hash identifier: YkaEYDZuLkenvDvQM3/RmqalHU2ABTIRwzUjiI2bIyc=
Subject key identifier: 5C:C1:FA:A9:D9:C8:6B:11:F3:F3:84:0B:6A:E3:E7:2A:62:A4:36:30
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0187ECE29A1588C20EEFDB67F67190D5CE69
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XMH6qdnIaxHz84QLauPnKmKkNjA.roa
Signing time: Fri 05 May 2023 17:08:06 +0000
ROA not before: Fri 05 May 2023 17:08:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198747
IP address blocks: 2a0e:97c0:38f::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ec:e2:9a:15:88:c2:0e:ef:db:67:f6:71:90:d5:ce:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 5 17:08:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cc1faa9d9c86b11f3f3840b6ae3e72a62a43630
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:56:ab:fd:6e:6f:50:94:9a:36:69:44:5a:c1:
9f:39:af:0f:27:de:50:03:88:60:68:48:cd:29:8a:
95:e4:c1:f6:c8:ce:75:5e:3a:ec:5b:89:1f:06:4d:
87:62:de:26:5b:78:89:cb:f2:24:24:74:4f:4c:94:
d1:f1:8b:f8:19:34:3c:45:97:c7:3d:d2:c5:23:f8:
05:8a:15:98:51:1c:da:99:9b:8a:03:5e:ea:e8:7a:
aa:d4:56:fa:6b:d6:46:5d:19:16:9a:41:3a:53:79:
3e:47:46:2c:bd:7f:63:98:28:37:94:d7:f2:f5:c4:
44:1f:5d:be:41:ed:c0:b2:d8:68:c9:d8:23:ed:90:
7e:c8:1e:45:78:ba:14:2a:f0:bd:c0:46:ef:fa:65:
db:c2:2c:06:ac:a6:85:21:8f:3a:35:cb:5f:c4:0b:
96:3e:90:8f:bb:88:14:a2:8d:7d:a8:8d:f4:9a:d3:
de:9a:47:d3:df:45:03:bb:04:23:52:b2:93:ea:2c:
ab:a0:cb:1c:0b:1e:31:44:2b:19:f5:7e:06:90:6b:
bd:a7:f5:28:a5:aa:18:36:50:36:73:0b:d8:04:dd:
92:eb:ed:73:da:d4:7e:e3:d4:68:c7:fc:94:7d:32:
c9:b5:24:b8:50:12:c9:c6:53:af:ca:89:25:9f:25:
8c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:C1:FA:A9:D9:C8:6B:11:F3:F3:84:0B:6A:E3:E7:2A:62:A4:36:30
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XMH6qdnIaxHz84QLauPnKmKkNjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:38f::/48
Signature Algorithm: sha256WithRSAEncryption
76:34:84:dc:d2:d9:cc:c2:bd:06:7a:48:a3:a1:5e:bd:40:43:
4c:cc:a0:eb:97:b1:dc:72:5a:70:9f:87:fa:d9:bf:07:d7:3b:
46:50:da:cd:03:a3:35:47:9f:ef:b5:b7:05:4d:d9:b3:96:7d:
62:83:d4:fe:48:4a:48:31:63:c5:a5:c6:f3:fa:e3:d6:a4:ed:
c5:3f:d0:40:b8:45:16:e4:66:34:cf:16:34:d1:16:54:9d:9c:
87:88:c7:c6:52:e5:a1:f5:3d:18:7a:60:d7:5c:52:d2:ae:97:
ef:74:34:fa:32:ee:8c:f9:ff:11:c0:49:c8:69:b3:53:04:ec:
50:8c:b0:47:a7:cf:96:14:23:b3:09:6b:69:f9:91:63:65:3f:
6b:38:bd:88:8d:df:d8:df:a6:80:52:b9:d1:00:d3:b7:82:a1:
02:ab:fe:75:73:97:52:c0:10:d8:0d:85:52:bf:f3:b7:0d:47:
00:1d:f7:a1:0b:d7:de:7a:bd:b7:15:d2:db:50:e8:43:fb:aa:
9f:1a:81:28:86:7d:54:00:f0:87:2f:5a:ba:9e:04:3a:14:d1:
45:02:cb:7e:9d:ae:76:16:58:fd:ad:76:25:29:05:f7:a8:ed:
d5:44:fc:63:54:fe:f7:74:2e:30:e9:16:01:59:65:f8:89:66:
67:e6:b0:70
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYfs4poViMIO79tn9nGQ1c5pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNTA1MTcwODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2MxZmFhOWQ5Yzg2YjExZjNmMzg0MGI2YWUzZTcyYTYyYTQzNjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFar/W5vUJSaNmlEWsGfOa8PJ95Q
A4hgaEjNKYqV5MH2yM51XjrsW4kfBk2HYt4mW3iJy/IkJHRPTJTR8Yv4GTQ8RZfH
PdLFI/gFihWYURzamZuKA17q6Hqq1Fb6a9ZGXRkWmkE6U3k+R0YsvX9jmCg3lNfy
9cREH12+Qe3Asthoydgj7ZB+yB5FeLoUKvC9wEbv+mXbwiwGrKaFIY86NctfxAuW
PpCPu4gUoo19qI30mtPemkfT30UDuwQjUrKT6iyroMscCx4xRCsZ9X4GkGu9p/Uo
paoYNlA2cwvYBN2S6+1z2tR+49Rox/yUfTLJtSS4UBLJxlOvyoklnyWM8wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFzB+qnZyGsR8/OEC2rj5ypipDYwMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWE1INnFkbklheEh6ODRRTGF1UG5LbUtrTmpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6XwAOP
MA0GCSqGSIb3DQEBCwUAA4IBAQB2NITc0tnMwr0GekijoV69QENMzKDrl7Hcclpw
n4f62b8H1ztGUNrNA6M1R5/vtbcFTdmzln1ig9T+SEpIMWPFpcbz+uPWpO3FP9BA
uEUW5GY0zxY00RZUnZyHiMfGUuWh9T0YemDXXFLSrpfvdDT6Mu6M+f8RwEnIabNT
BOxQjLBHp8+WFCOzCWtp+ZFjZT9rOL2Ijd/Y36aAUrnRANO3gqECq/51c5dSwBDY
DYVSv/O3DUcAHfehC9feer23FdLbUOhD+6qfGoEohn1UAPCHL1q6ngQ6FNFFAst+
na52Flj9rXYlKQX3qO3VRPxjVP73dC4w6RYBWWX4iWZn5rBw
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:51 2024 by rpki-client on console-ams.rpki-client.org