Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XpBcFKMkZbNVn2Ljf4MBW3eZdLA.roa
File: XpBcFKMkZbNVn2Ljf4MBW3eZdLA.roa (raw, json)
Hash identifier: 4VPVYtVcbKWIyaPWVDywJ7+GJD4jGWuOICW6gvB7FmM=
Subject key identifier: 5E:90:5C:14:A3:24:65:B3:55:9F:62:E3:7F:83:01:5B:77:99:74:B0
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018C6462D06337171E1FFD6F240062E57687
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XpBcFKMkZbNVn2Ljf4MBW3eZdLA.roa
Signing time: Wed 13 Dec 2023 18:14:06 +0000
ROA not before: Wed 13 Dec 2023 18:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207252
IP address blocks: 2a0e:97c0:db0::/48 maxlen: 48
2a10:cc40:270::/44 maxlen: 48
2a10:cc40:270::/48 maxlen: 48
2a06:de00:400::/38 maxlen: 48
2a06:de00:400::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:64:62:d0:63:37:17:1e:1f:fd:6f:24:00:62:e5:76:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 13 18:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e905c14a32465b3559f62e37f83015b779974b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:21:2f:e3:a3:67:fe:22:d8:1b:22:a1:05:d0:
b8:ad:97:f3:55:92:aa:1e:11:0b:31:c1:b9:0d:da:
95:ee:3e:68:dc:30:2f:b0:74:d7:a9:85:a3:e8:12:
7d:d9:8b:15:00:13:0e:fb:66:84:04:ab:1b:a9:8f:
77:2f:20:c2:9a:08:05:a9:6b:40:8b:00:5f:3d:f3:
dc:18:ef:96:1f:5a:21:4a:03:86:03:31:48:8c:54:
d0:b5:8c:52:04:a7:7d:80:08:5f:dc:dc:04:d3:c6:
b1:75:d1:c0:86:96:aa:a4:e3:e8:a8:32:cd:2b:1c:
b0:80:2a:93:d5:7b:69:87:b2:e2:78:60:13:35:58:
a4:92:d9:71:5a:f6:3f:d8:0c:d4:1b:36:d8:6e:ce:
c0:ea:08:52:26:d8:24:b5:50:88:06:6d:fe:f1:85:
3e:71:92:0c:e4:56:25:a1:4f:31:57:a4:ab:fe:70:
49:ff:15:e9:64:79:d8:83:3a:c9:a5:42:00:7d:e3:
57:89:d5:b9:6b:09:fd:e2:35:88:67:45:1f:ed:55:
04:04:85:ec:eb:6a:bb:fe:43:bd:3c:00:f1:56:d9:
09:c5:b0:df:63:c6:c1:46:bc:ab:ce:71:6d:71:55:
cb:04:69:08:2f:40:bb:25:77:a6:9f:0d:fb:44:77:
4f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:90:5C:14:A3:24:65:B3:55:9F:62:E3:7F:83:01:5B:77:99:74:B0
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XpBcFKMkZbNVn2Ljf4MBW3eZdLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de00:400::/38
2a0e:97c0:db0::/48
2a10:cc40:270::/44
Signature Algorithm: sha256WithRSAEncryption
4a:6c:0d:49:44:c0:be:3b:1e:b2:48:ce:34:8b:db:db:62:e3:
16:9a:97:25:13:57:be:c6:b4:4a:ee:85:df:09:88:ac:01:0f:
d6:61:56:c1:f6:41:13:91:6c:8d:7c:32:2e:7d:97:bc:63:ac:
3e:07:d0:8a:46:32:65:3e:db:26:30:6e:a1:35:dc:7f:40:75:
a9:8c:e9:d0:f8:09:f8:8c:f4:0b:af:24:81:b1:e1:71:35:a5:
b9:af:40:36:6e:46:dc:75:0d:27:e0:3b:5f:83:8f:65:e5:1a:
b5:bc:85:f2:b9:23:ba:04:b8:d3:64:a8:d2:b5:f3:55:44:21:
42:44:c8:0b:d9:cb:2a:1a:68:ce:6f:0f:e0:7a:bc:37:6d:9a:
e9:48:5f:b0:ac:89:53:73:1c:78:bc:a6:e1:17:fb:2d:19:53:
21:6a:09:d8:5f:5a:ef:c0:0c:d1:38:e6:a8:17:92:0a:cb:f1:
4b:3f:02:29:fe:06:3e:97:07:cb:a6:8d:58:16:95:96:c0:c1:
ea:0f:c9:a8:3f:84:22:d0:ca:37:90:ba:51:d3:45:a3:ba:26:
f1:d3:88:a2:a9:43:6c:0c:7a:77:27:76:e0:aa:60:a7:41:34:
64:04:0e:e1:6c:1a:39:b0:12:9e:1d:08:02:6c:fd:46:2e:84:
7d:76:bb:d7
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYxkYtBjNxceH/1vJABi5XaHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMjEzMTgxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTkwNWMxNGEzMjQ2NWIzNTU5ZjYyZTM3ZjgzMDE1Yjc3OTk3NGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiEv46Nn/iLYGyKhBdC4rZfzVZKq
HhELMcG5DdqV7j5o3DAvsHTXqYWj6BJ92YsVABMO+2aEBKsbqY93LyDCmggFqWtA
iwBfPfPcGO+WH1ohSgOGAzFIjFTQtYxSBKd9gAhf3NwE08axddHAhpaqpOPoqDLN
KxywgCqT1Xtph7LieGATNVikktlxWvY/2AzUGzbYbs7A6ghSJtgktVCIBm3+8YU+
cZIM5FYloU8xV6Sr/nBJ/xXpZHnYgzrJpUIAfeNXidW5awn94jWIZ0Uf7VUEBIXs
62q7/kO9PADxVtkJxbDfY8bBRryrznFtcVXLBGkIL0C7JXemnw37RHdPNwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFF6QXBSjJGWzVZ9i43+DAVt3mXSwMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWHBCY0ZLTWtaYk5WbjJMamY0TUJXM2VaZExBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAAjAaAwYCKgbeAAQD
BwAqDpfADbADBwQqEMxAAnAwDQYJKoZIhvcNAQELBQADggEBAEpsDUlEwL47HrJI
zjSL29ti4xaalyUTV77GtEruhd8JiKwBD9ZhVsH2QRORbI18Mi59l7xjrD4H0IpG
MmU+2yYwbqE13H9AdamM6dD4CfiM9AuvJIGx4XE1pbmvQDZuRtx1DSfgO1+Dj2Xl
GrW8hfK5I7oEuNNkqNK181VEIUJEyAvZyyoaaM5vD+B6vDdtmulIX7CsiVNzHHi8
puEX+y0ZUyFqCdhfWu/ADNE45qgXkgrL8Us/Ain+Bj6XB8umjVgWlZbAweoPyag/
hCLQyjeQulHTRaO6JvHTiKKpQ2wMencnduCqYKdBNGQEDuFsGjmwEp4dCAJs/UYu
hH12u9c=
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:32 2024 by rpki-client on console-fra.rpki-client.org