Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XvzplFh1WQ-RbhFkO44k-RQeH90.roa
File: XvzplFh1WQ-RbhFkO44k-RQeH90.roa (raw, json)
Hash identifier: 77J1VvQqWbg3D41TJokppTYe1KsFjbzjpVWRJVdt3wE=
Subject key identifier: 5E:FC:E9:94:58:75:59:0F:91:6E:11:64:3B:8E:24:F9:14:1E:1F:DD
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7D73491B4239B4DE080BA978505BF
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XvzplFh1WQ-RbhFkO44k-RQeH90.roa
Signing time: Mon 02 Jan 2023 05:15:20 +0000
ROA not before: Mon 02 Jan 2023 05:15:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208753
IP address blocks: 2a0e:b107:380::/48 maxlen: 48
2a0e:b107:382::/48 maxlen: 48
2a0e:b107:384::/48 maxlen: 48
2a0e:b107:383::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:d7:34:91:b4:23:9b:4d:e0:80:ba:97:85:05:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5efce9945875590f916e11643b8e24f9141e1fdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d1:73:46:31:ed:e7:29:76:2e:ea:da:42:8f:
c7:c2:1e:e5:9c:08:28:e2:b8:ac:48:21:3c:23:ff:
e7:db:32:8c:d5:11:df:c3:c7:78:7a:4c:ac:c6:d5:
0a:63:6e:80:1e:03:c6:4d:0f:a6:10:1c:4d:29:a2:
c4:69:e2:0b:51:4b:84:28:32:11:27:9f:4d:69:21:
2c:aa:b2:04:99:ed:44:e0:7f:44:ae:11:1e:5d:a0:
a5:73:9a:ec:c1:43:26:fe:f4:93:6a:52:b5:8b:35:
c2:e3:99:bb:e0:d3:37:ac:83:1b:6b:88:41:32:9a:
d6:cb:1a:44:f5:f9:a6:1b:4b:23:a1:cb:16:ed:aa:
6d:2e:3a:98:1d:8e:29:16:3a:e5:56:08:12:70:6a:
27:ee:d5:d2:3a:fb:3e:ee:c8:fe:41:75:e2:8d:8c:
fa:70:c4:37:db:f7:b4:5b:8c:19:fd:f8:48:a0:07:
52:7e:97:5c:a6:2e:bc:8c:2f:a5:04:a8:f2:99:e6:
29:2a:af:38:90:49:a1:c3:39:fb:a6:14:35:d9:d4:
19:66:98:89:ba:58:66:ed:df:91:ac:70:5d:4c:30:
e0:f6:18:b8:8a:d0:53:4f:61:62:4e:b2:74:c6:ff:
cd:d2:72:c4:e4:42:83:ac:b0:91:80:9a:da:35:26:
02:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:FC:E9:94:58:75:59:0F:91:6E:11:64:3B:8E:24:F9:14:1E:1F:DD
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XvzplFh1WQ-RbhFkO44k-RQeH90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:380::/48
2a0e:b107:382::-2a0e:b107:384:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
53:0f:ec:5e:76:c9:e0:f9:e9:89:34:71:ac:06:9c:bb:11:39:
f7:79:e7:b6:77:fc:d7:3b:8d:8a:e6:5f:cf:bc:83:aa:58:2c:
37:7b:f2:67:e4:d2:55:fc:13:30:5f:f2:38:dd:9a:67:2e:67:
13:81:3a:15:47:99:c6:f0:fc:5e:df:15:ef:f9:ec:80:de:87:
1f:48:57:d0:ba:cf:16:d7:33:32:46:7c:62:cb:5d:86:fe:e9:
4a:2f:40:dd:94:cc:3c:96:65:a6:b8:ff:06:df:1b:5d:93:ec:
6a:6b:e5:bd:c8:e2:bc:a4:37:49:0d:98:c2:8e:a1:10:f5:bc:
9f:a2:54:56:d9:39:84:68:ba:a0:73:08:98:c1:cd:fa:8a:8f:
0e:41:5f:b8:7c:72:97:8b:2a:3e:34:5f:1e:d3:5b:5d:e2:1e:
72:1d:59:6b:3b:8d:e0:44:2f:40:5a:d4:f7:20:04:ad:84:52:
fb:07:b8:e0:7a:b8:4a:e3:c6:37:bd:55:15:44:6a:fe:6c:83:
5e:d9:10:aa:ae:39:d9:3b:81:34:c5:3f:25:16:e5:dc:c1:9a:
21:8a:4a:39:63:c3:3c:ee:79:54:33:a5:7d:d0:80:9b:53:69:
75:28:3c:05:9e:a6:42:df:e6:66:74:9e:46:c8:c3:9f:50:40:
40:93:c1:55
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVw59c0kbQjm03ggLqXhQW/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWZjZTk5NDU4NzU1OTBmOTE2ZTExNjQzYjhlMjRmOTE0MWUxZmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdFzRjHt5yl2LuraQo/Hwh7lnAgo
4risSCE8I//n2zKM1RHfw8d4ekysxtUKY26AHgPGTQ+mEBxNKaLEaeILUUuEKDIR
J59NaSEsqrIEme1E4H9ErhEeXaClc5rswUMm/vSTalK1izXC45m74NM3rIMba4hB
MprWyxpE9fmmG0sjocsW7aptLjqYHY4pFjrlVggScGon7tXSOvs+7sj+QXXijYz6
cMQ32/e0W4wZ/fhIoAdSfpdcpi68jC+lBKjymeYpKq84kEmhwzn7phQ12dQZZpiJ
ulhm7d+RrHBdTDDg9hi4itBTT2FiTrJ0xv/N0nLE5EKDrLCRgJraNSYCjQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFF786ZRYdVkPkW4RZDuOJPkUHh/dMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWHZ6cGxGaDFXUS1SYmhGa080NGstUlFlSDkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcAKg6xBwOA
MBIDBwEqDrEHA4IDBwAqDrEHA4QwDQYJKoZIhvcNAQELBQADggEBAFMP7F52yeD5
6Yk0cawGnLsROfd557Z3/Nc7jYrmX8+8g6pYLDd78mfk0lX8EzBf8jjdmmcuZxOB
OhVHmcbw/F7fFe/57IDehx9IV9C6zxbXMzJGfGLLXYb+6UovQN2UzDyWZaa4/wbf
G12T7Gpr5b3I4rykN0kNmMKOoRD1vJ+iVFbZOYRouqBzCJjBzfqKjw5BX7h8cpeL
Kj40Xx7TW13iHnIdWWs7jeBEL0Ba1PcgBK2EUvsHuOB6uErjxje9VRVEav5sg17Z
EKquOdk7gTTFPyUW5dzBmiGKSjljwzzueVQzpX3QgJtTaXUoPAWepkLf5mZ0nkbI
w59QQECTwVU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:17 2023 by rpki-client on console-fra.rpki-client.org