Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XnXQ9cq5tTS9iJIv1JhkWVsqXI8.roa
File: XnXQ9cq5tTS9iJIv1JhkWVsqXI8.roa (raw, json)
Hash identifier: B7QRGI29QaaRcw7fyuD91EUXgdpt98uIKqtZqy7UzDc=
Subject key identifier: 5E:75:D0:F5:CA:B9:B5:34:BD:88:92:2F:D4:98:64:59:5B:2A:5C:8F
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48ABCD450B30801BF895C305BB8B5F2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XnXQ9cq5tTS9iJIv1JhkWVsqXI8.roa
Signing time: Tue 24 Jan 2023 16:09:35 +0000
ROA not before: Tue 24 Jan 2023 16:09:35 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39753
IP address blocks: 2a10:2f01:100::/40 maxlen: 48
2a0e:b107:24::/46 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:bc:d4:50:b3:08:01:bf:89:5c:30:5b:b8:b5:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:35 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e75d0f5cab9b534bd88922fd49864595b2a5c8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:af:de:f0:3f:cf:83:a2:44:2c:eb:3b:e2:32:
e0:76:3a:0c:3f:9d:4f:cc:db:e0:c3:ea:c5:03:c7:
7b:8a:99:90:47:74:38:2d:a9:ac:5d:9e:ed:74:f0:
db:2c:d5:9f:4b:12:1f:6b:59:8a:c6:76:bc:66:c5:
d8:83:7c:dc:16:89:55:1e:7a:ed:c1:38:c7:a4:0e:
9d:ad:b8:43:f1:3f:ad:d4:38:6c:9c:b7:73:0d:bb:
87:34:38:20:5f:ff:7c:cc:67:0c:b9:62:36:0a:a1:
14:95:0d:32:ce:cb:1d:76:c2:a0:f6:8a:51:19:4b:
61:be:08:11:4a:a8:8f:1b:85:a0:40:53:8a:06:ff:
0f:4b:48:68:bc:12:f6:5b:02:e3:c3:91:9c:6b:e6:
41:02:b4:34:14:f3:e4:43:7e:fd:6c:4c:f4:d6:fd:
ee:d1:30:a2:d1:43:b5:21:77:ec:e2:89:a6:49:ca:
58:9e:58:66:9a:f6:40:14:52:7d:62:8a:5f:a5:12:
fd:c9:80:44:2d:1b:62:b0:51:ab:f4:e2:e8:ed:d4:
d6:4e:19:6d:dc:12:93:0a:d2:49:eb:b6:14:94:c2:
ea:b5:3f:ab:b0:e3:12:c3:a5:04:ac:20:e3:23:01:
e6:36:6d:3c:0f:64:54:34:7c:70:9a:2b:a2:5d:cd:
1a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:75:D0:F5:CA:B9:B5:34:BD:88:92:2F:D4:98:64:59:5B:2A:5C:8F
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XnXQ9cq5tTS9iJIv1JhkWVsqXI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:24::/46
2a10:2f01:100::/40
Signature Algorithm: sha256WithRSAEncryption
5e:02:49:f9:48:1a:64:1a:e2:c6:2e:84:90:01:07:7e:e6:71:
12:ab:6e:eb:f9:16:8a:47:88:60:2f:ee:29:c5:cd:d8:18:61:
aa:c2:a4:e7:4e:e4:0b:3a:40:6c:48:f0:3a:fb:40:a6:49:4b:
91:93:fa:1d:59:41:98:5b:d4:83:7a:63:6d:3a:c7:0a:4d:82:
92:2d:f8:7b:e1:03:20:de:07:5f:30:90:3a:d1:43:e7:b5:2d:
d6:64:2b:50:af:00:5c:25:20:4b:0a:24:05:49:97:49:b0:ed:
66:3a:5a:8c:41:ee:12:8c:d1:07:21:b0:ae:19:f4:35:98:aa:
47:19:d8:24:9b:d2:49:42:7b:55:a9:a0:79:45:a8:d3:a9:75:
31:09:e3:9b:3b:bd:75:19:01:24:04:58:2f:1e:cd:11:49:1b:
19:9d:ce:f4:23:69:00:bc:9e:68:23:e6:53:06:2a:37:50:e1:
62:9f:68:7d:57:17:db:e7:bb:ba:c0:a5:6c:87:44:84:b8:d9:
57:95:37:d6:7e:0f:9d:1c:83:9e:d4:85:fc:2a:17:42:aa:c7:
9a:91:6c:22:35:82:7e:c4:36:e6:06:c7:95:c3:98:78:87:db:
16:a4:5c:0c:f9:69:75:3c:ac:5c:73:2d:b5:5f:5c:d1:e0:dd:
91:68:39:14
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYXkirzUULMIAb+JXDBbuLXyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTc1ZDBmNWNhYjliNTM0YmQ4ODkyMmZkNDk4NjQ1OTViMmE1YzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7K/e8D/Pg6JELOs74jLgdjoMP51P
zNvgw+rFA8d7ipmQR3Q4LamsXZ7tdPDbLNWfSxIfa1mKxna8ZsXYg3zcFolVHnrt
wTjHpA6drbhD8T+t1DhsnLdzDbuHNDggX/98zGcMuWI2CqEUlQ0yzssddsKg9opR
GUthvggRSqiPG4WgQFOKBv8PS0hovBL2WwLjw5Gca+ZBArQ0FPPkQ379bEz01v3u
0TCi0UO1IXfs4ommScpYnlhmmvZAFFJ9YopfpRL9yYBELRtisFGr9OLo7dTWThlt
3BKTCtJJ67YUlMLqtT+rsOMSw6UErCDjIwHmNm08D2RUNHxwmiuiXc0ayQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFF510PXKubU0vYiSL9SYZFlbKlyPMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWG5YUTljcTV0VFM5aUpJdjFKaGtXVnNxWEk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcCKg6xBwAk
AwYAKhAvAQEwDQYJKoZIhvcNAQELBQADggEBAF4CSflIGmQa4sYuhJABB37mcRKr
buv5FopHiGAv7inFzdgYYarCpOdO5As6QGxI8Dr7QKZJS5GT+h1ZQZhb1IN6Y206
xwpNgpIt+HvhAyDeB18wkDrRQ+e1LdZkK1CvAFwlIEsKJAVJl0mw7WY6WoxB7hKM
0QchsK4Z9DWYqkcZ2CSb0klCe1WpoHlFqNOpdTEJ45s7vXUZASQEWC8ezRFJGxmd
zvQjaQC8nmgj5lMGKjdQ4WKfaH1XF9vnu7rApWyHRIS42VeVN9Z+D50cg57Uhfwq
F0Kqx5qRbCI1gn7ENuYGx5XDmHiH2xakXAz5aXU8rFxzLbVfXNHg3ZFoORQ=
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:32 2024 by rpki-client on console-fra.rpki-client.org