Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y9P8s1qf-f_S0YlmpMWv51PdovA.roa
File: Y9P8s1qf-f_S0YlmpMWv51PdovA.roa (raw, json)
Hash identifier: YM86FWf8hdpCfAKQ3wpiLVqGdHHree5WGDZCY5mdm/Q=
Subject key identifier: 63:D3:FC:B3:5A:9F:F9:FF:D2:D1:89:66:A4:C5:AF:E7:53:DD:A2:F0
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48AE38F6114E3F41CFF2F65C45B59C6
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y9P8s1qf-f_S0YlmpMWv51PdovA.roa
Signing time: Tue 24 Jan 2023 16:09:45 +0000
ROA not before: Tue 24 Jan 2023 16:09:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209105
IP address blocks: 2a10:2f00:17f::/48 maxlen: 48
2a0e:b102:170::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:e3:8f:61:14:e3:f4:1c:ff:2f:65:c4:5b:59:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63d3fcb35a9ff9ffd2d18966a4c5afe753dda2f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:de:94:36:96:39:93:31:dd:c7:cb:4b:06:88:
5d:85:39:57:2d:c8:25:62:c8:f5:3b:c9:f1:9e:62:
b0:d7:34:ba:c5:29:e8:a2:db:54:14:0e:84:fc:92:
be:87:5a:d7:16:62:40:86:8a:fc:b9:d5:31:d8:12:
95:7c:31:c6:b3:84:da:3a:6e:99:1c:29:37:d5:39:
6f:52:03:8e:45:6c:4e:18:95:e5:97:73:8d:bb:78:
93:6f:fe:fd:d8:3b:67:50:01:40:11:e3:2f:d2:eb:
2a:98:f8:73:97:d4:1e:fc:be:2d:9e:3b:b9:16:f8:
1c:56:57:d9:33:fb:1a:e0:ea:14:e6:82:05:91:a9:
44:66:d6:75:8d:00:7d:e4:96:55:2a:29:2b:66:a1:
ed:cf:df:14:fe:3c:63:b8:da:18:59:b3:89:8e:a0:
07:e7:0f:bc:da:f7:27:46:38:38:89:09:15:6a:a5:
7c:41:c1:73:4f:11:36:03:3a:2c:5e:80:56:41:88:
4c:63:01:a8:9b:69:a3:9e:16:15:56:89:1d:2f:4b:
04:d2:e2:ab:0a:d1:f9:5a:27:15:2f:8e:a4:2d:24:
12:b4:98:fd:ee:38:b3:53:82:6d:8f:e5:87:39:37:
e3:6c:6b:2a:4f:7f:df:14:5b:0d:a8:c0:ad:a2:ea:
d3:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:D3:FC:B3:5A:9F:F9:FF:D2:D1:89:66:A4:C5:AF:E7:53:DD:A2:F0
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y9P8s1qf-f_S0YlmpMWv51PdovA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b102:170::/44
2a10:2f00:17f::/48
Signature Algorithm: sha256WithRSAEncryption
1d:fe:90:2d:9f:a7:d3:37:3a:de:a3:27:a7:8d:2f:1f:2f:d7:
ae:e9:e8:31:e6:62:50:9f:09:7d:8c:34:f7:75:e2:91:f7:f9:
2e:81:74:b6:b7:9c:42:3b:88:db:bd:8a:76:15:61:16:b9:4b:
2d:83:b8:c8:27:1b:b3:68:d9:99:8c:5b:86:a4:a9:1b:54:b0:
2e:d9:bf:8e:97:65:ff:4c:31:da:5f:92:5f:31:0d:51:3d:07:
d2:5e:bc:a0:da:3a:94:87:31:6a:ac:d4:01:f2:8d:c4:db:86:
2f:67:8b:bc:86:ca:00:9b:ca:57:e4:c8:85:b2:dc:03:e6:fb:
e5:bf:bf:3f:56:fb:a0:78:a3:2d:67:df:34:fd:f2:ed:f4:55:
ca:7c:d0:97:8e:a1:45:04:26:17:92:a4:f1:66:27:a5:80:53:
57:6d:93:64:21:ff:8c:dc:38:25:cb:bc:ef:1e:7e:e0:d2:0f:
e2:66:0a:95:83:a0:c3:5b:48:ee:40:ae:6f:5f:d4:be:66:6e:
e6:27:87:8f:fe:f9:5d:b1:37:d2:71:64:97:bf:85:fd:8d:3e:
ba:5a:c6:bf:cb:b6:a0:10:af:51:51:b4:58:37:7b:f1:b5:94:
de:c6:57:3d:ee:8c:72:28:0e:44:3c:73:f0:7b:1a:bf:68:31:
99:a5:45:41
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXkiuOPYRTj9Bz/L2XEW1nGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2QzZmNiMzVhOWZmOWZmZDJkMTg5NjZhNGM1YWZlNzUzZGRhMmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAit6UNpY5kzHdx8tLBohdhTlXLcgl
Ysj1O8nxnmKw1zS6xSnoottUFA6E/JK+h1rXFmJAhor8udUx2BKVfDHGs4TaOm6Z
HCk31TlvUgOORWxOGJXll3ONu3iTb/792DtnUAFAEeMv0usqmPhzl9Qe/L4tnju5
FvgcVlfZM/sa4OoU5oIFkalEZtZ1jQB95JZVKikrZqHtz98U/jxjuNoYWbOJjqAH
5w+82vcnRjg4iQkVaqV8QcFzTxE2AzosXoBWQYhMYwGom2mjnhYVVokdL0sE0uKr
CtH5WicVL46kLSQStJj97jizU4Jtj+WHOTfjbGsqT3/fFFsNqMCtourT9wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGPT/LNan/n/0tGJZqTFr+dT3aLwMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWTlQOHMxcWYtZl9TMFlsbXBNV3Y1MVBkb3ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6xAgFw
AwcAKhAvAAF/MA0GCSqGSIb3DQEBCwUAA4IBAQAd/pAtn6fTNzreoyenjS8fL9eu
6egx5mJQnwl9jDT3deKR9/kugXS2t5xCO4jbvYp2FWEWuUstg7jIJxuzaNmZjFuG
pKkbVLAu2b+Ol2X/TDHaX5JfMQ1RPQfSXryg2jqUhzFqrNQB8o3E24YvZ4u8hsoA
m8pX5MiFstwD5vvlv78/VvugeKMtZ980/fLt9FXKfNCXjqFFBCYXkqTxZielgFNX
bZNkIf+M3Dgly7zvHn7g0g/iZgqVg6DDW0juQK5vX9S+Zm7mJ4eP/vldsTfScWSX
v4X9jT66Wsa/y7agEK9RUbRYN3vxtZTexlc97oxyKA5EPHPwexq/aDGZpUVB
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:51 2024 by rpki-client on console-ams.rpki-client.org