Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XPmo8VF41zzipXfjhZHP1Wdv_mw.roa
File: XPmo8VF41zzipXfjhZHP1Wdv_mw.roa (raw, json)
Hash identifier: aieIpX26HcB8EDl+IuVn6vs717kxxxqTMlPqZdYdwPw=
Subject key identifier: 5C:F9:A8:F1:51:78:D7:3C:E2:A5:77:E3:85:91:CF:D5:67:6F:FE:6C
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48AF5744B2EED63B5F386DDBA2BFBD0
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XPmo8VF41zzipXfjhZHP1Wdv_mw.roa
Signing time: Tue 24 Jan 2023 16:09:50 +0000
ROA not before: Tue 24 Jan 2023 16:09:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211350
IP address blocks: 2a0e:97c0:1c8::/48 maxlen: 48
2a0e:97c0:1c0::/45 maxlen: 48
2a0e:b107:1668::/45 maxlen: 48
2a0e:b107:1660::/45 maxlen: 48
2a0e:b107:1670::/45 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:f5:74:4b:2e:ed:63:b5:f3:86:dd:ba:2b:fb:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cf9a8f15178d73ce2a577e38591cfd5676ffe6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:2e:3a:37:bc:81:72:6f:00:16:e7:a0:4f:0a:
ea:b4:5f:c6:08:e9:f1:42:61:68:46:28:5f:02:e6:
9c:7c:86:e8:d2:8b:32:cc:d9:fa:3b:a7:8b:f5:fe:
c5:f3:c7:02:aa:e6:b0:a3:78:d7:31:7d:28:fa:3f:
8e:1b:b8:1f:da:78:95:dc:7a:da:02:26:55:0d:b4:
aa:19:c9:a9:9b:fb:88:2d:af:a4:80:57:7c:19:39:
91:77:b6:26:d9:5c:c3:5b:9c:84:d2:63:80:5a:f1:
3d:20:4a:d5:86:31:7a:81:74:da:f9:4c:71:4f:a2:
81:6d:8e:c1:7e:94:32:a0:eb:54:29:d1:cb:dd:e4:
f8:a1:f8:39:f8:c6:99:6d:65:c0:28:7e:b0:32:d0:
0a:59:22:c3:46:9a:87:0d:7c:12:55:63:a4:de:0d:
4f:1c:db:8d:ca:ed:6e:7e:a6:44:0e:af:3d:af:99:
47:92:3f:03:ab:92:ec:45:d7:80:2c:d1:9f:ff:c9:
15:5e:9e:ff:fb:19:f2:84:3c:70:70:84:73:51:ef:
ad:80:d3:79:30:a6:2e:12:b8:c6:a7:04:3e:a7:63:
98:4d:2e:bb:82:a8:27:62:a6:50:8d:e2:69:75:23:
22:62:0d:2b:59:5e:af:7d:b5:d4:fb:ca:2d:18:b1:
f5:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:F9:A8:F1:51:78:D7:3C:E2:A5:77:E3:85:91:CF:D5:67:6F:FE:6C
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XPmo8VF41zzipXfjhZHP1Wdv_mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:1c0::-2a0e:97c0:1c8:ffff:ffff:ffff:ffff:ffff
2a0e:b107:1660::-2a0e:b107:1677:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4b:4b:80:a0:8a:ed:0f:dd:98:2f:08:6d:8c:5a:27:bc:24:c5:
cd:b0:18:03:3d:0f:89:6e:e8:d1:33:55:e4:4a:2f:f4:c1:f9:
f2:a6:cd:ad:89:9b:8e:b2:df:de:26:b2:af:78:b7:db:57:d3:
95:9a:08:58:43:97:fe:1a:07:7b:33:4a:12:b5:cc:b2:5f:9e:
0b:b3:b6:67:93:8d:0e:1a:33:55:07:bd:3f:95:42:e7:94:df:
da:af:68:cc:5b:37:08:83:1c:a8:17:12:b7:c4:2e:e3:84:89:
d9:91:39:5a:f8:1e:d6:15:65:b4:62:d3:8e:59:6d:c4:36:6d:
c5:50:8b:fe:04:67:1c:51:b3:50:ef:78:f3:6b:e5:09:7c:36:
94:b9:e1:28:1f:0e:01:a7:1a:f0:02:71:37:43:ff:ed:39:17:
35:43:ea:d1:8b:33:0b:61:d5:81:6a:98:7b:0b:d0:e1:e3:b5:
5e:4e:b0:12:e5:fa:50:83:80:39:6c:f6:5f:27:50:2a:dc:5a:
fd:40:85:b2:ae:8e:3a:11:0d:a3:38:dc:db:b1:7a:8f:db:b7:
30:4f:01:63:eb:94:1d:72:37:b8:52:7c:14:40:9c:90:6e:1b:
c0:01:be:70:ba:f5:0c:1a:75:92:43:f5:fb:74:ce:0b:22:a5:
1e:1c:52:9f
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYXkivV0Sy7tY7Xzht26K/vQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2Y5YThmMTUxNzhkNzNjZTJhNTc3ZTM4NTkxY2ZkNTY3NmZmZTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqy46N7yBcm8AFuegTwrqtF/GCOnx
QmFoRihfAuacfIbo0osyzNn6O6eL9f7F88cCquawo3jXMX0o+j+OG7gf2niV3Hra
AiZVDbSqGcmpm/uILa+kgFd8GTmRd7Ym2VzDW5yE0mOAWvE9IErVhjF6gXTa+Uxx
T6KBbY7BfpQyoOtUKdHL3eT4ofg5+MaZbWXAKH6wMtAKWSLDRpqHDXwSVWOk3g1P
HNuNyu1ufqZEDq89r5lHkj8Dq5LsRdeALNGf/8kVXp7/+xnyhDxwcIRzUe+tgNN5
MKYuErjGpwQ+p2OYTS67gqgnYqZQjeJpdSMiYg0rWV6vfbXU+8otGLH1GQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFFz5qPFReNc84qV344WRz9Vnb/5sMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWFBtbzhWRjQxenppcFhmamhaSFAxV2R2X213LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAAjAoMBIDBwYqDpfA
AcADBwAqDpfAAcgwEgMHBSoOsQcWYAMHAyoOsQcWcDANBgkqhkiG9w0BAQsFAAOC
AQEAS0uAoIrtD92YLwhtjFonvCTFzbAYAz0PiW7o0TNV5Eov9MH58qbNrYmbjrLf
3iayr3i321fTlZoIWEOX/hoHezNKErXMsl+eC7O2Z5ONDhozVQe9P5VC55Tf2q9o
zFs3CIMcqBcSt8Qu44SJ2ZE5Wvge1hVltGLTjlltxDZtxVCL/gRnHFGzUO9482vl
CXw2lLnhKB8OAaca8AJxN0P/7TkXNUPq0YszC2HVgWqYewvQ4eO1Xk6wEuX6UIOA
OWz2XydQKtxa/UCFsq6OOhENozjc27F6j9u3ME8BY+uUHXI3uFJ8FECckG4bwAG+
cLr1DBp1kkP1+3TOCyKlHhxSnw==
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:32 2024 by rpki-client on console-fra.rpki-client.org