Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Z3aHvOQqPpEXDIVllzQTFNte_Jk.roa
File: Z3aHvOQqPpEXDIVllzQTFNte_Jk.roa (raw, json)
Hash identifier: FK1Tqnih2K4lSgEzQXB4gOqHkcUM+f697u/afMiNKxg=
Subject key identifier: 67:76:87:BC:E4:2A:3E:91:17:0C:85:65:97:34:13:14:DB:5E:FC:99
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48B0917BB390CBD9112073DD4AE79FF
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Z3aHvOQqPpEXDIVllzQTFNte_Jk.roa
Signing time: Tue 24 Jan 2023 16:09:55 +0000
ROA not before: Tue 24 Jan 2023 16:09:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212746
IP address blocks: 2a0e:b107:d00::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8b:09:17:bb:39:0c:bd:91:12:07:3d:d4:ae:79:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=677687bce42a3e91170c856597341314db5efc99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:55:33:2b:f0:84:99:59:a6:bd:ef:94:58:f2:
6a:8d:cd:ba:b6:c7:20:f5:75:68:79:58:db:68:98:
ab:66:9e:1f:ad:37:df:95:5d:2d:44:e7:ef:00:cb:
d6:22:90:fb:3f:e2:e6:0b:05:47:82:47:57:49:6d:
20:d5:e5:8a:09:69:56:01:d7:ff:1a:cb:0e:d8:ec:
2a:6f:ff:31:aa:f0:cb:1c:f2:1f:6d:fd:40:35:82:
43:87:3e:cd:43:f3:28:05:d3:69:c4:e8:21:6b:e7:
ee:a1:c5:9c:eb:9f:45:77:c6:38:a3:4e:16:b8:37:
13:bd:65:01:f9:0a:43:99:a0:08:58:2d:43:c3:b4:
dd:c7:43:ff:93:b5:2a:44:7a:80:02:a3:b7:58:13:
a9:cf:11:0c:92:0a:c9:9c:c7:f8:2f:11:19:4a:79:
cb:f5:12:6c:c1:24:ec:a6:1e:3f:fe:67:0e:0b:b5:
4a:8b:6d:a4:4e:72:5e:9e:1a:ea:a6:ce:1b:e3:2e:
59:93:e9:d6:d8:21:90:4b:bb:56:26:7e:d7:ed:3a:
32:46:d5:d2:20:c9:f7:36:0c:d2:14:ae:7b:1b:4a:
25:b5:19:e5:36:14:af:20:53:71:8e:e6:92:99:7e:
7e:61:aa:e2:fd:c8:6d:b7:d9:29:db:be:bd:23:09:
7a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:76:87:BC:E4:2A:3E:91:17:0C:85:65:97:34:13:14:DB:5E:FC:99
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Z3aHvOQqPpEXDIVllzQTFNte_Jk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:d00::/44
Signature Algorithm: sha256WithRSAEncryption
0a:49:21:a9:ad:5b:2c:57:e9:63:8a:43:b2:71:a2:1e:4c:5b:
22:c0:58:76:8f:83:2b:21:0c:4c:4c:50:80:66:88:73:a2:26:
1a:4a:ca:20:2d:37:e3:c8:a1:1f:e7:29:f9:73:08:c6:79:57:
2f:d3:09:35:a6:18:ea:33:1b:c9:3a:9b:ca:0e:8e:dd:41:c4:
79:14:d1:c8:10:53:ec:f5:9b:61:73:4d:ad:a9:a6:22:bb:22:
7b:f4:68:d9:d3:63:ed:24:75:fa:83:c1:6d:14:45:e5:c6:0e:
ef:2f:d7:75:e9:32:3d:66:9f:a0:dd:7e:18:1e:02:24:5f:ed:
72:f1:c6:08:bd:58:55:3f:95:63:22:e0:76:05:2a:a4:82:7f:
73:37:43:ef:13:ed:36:cc:ec:8a:90:ef:26:c8:18:4d:da:49:
89:02:0d:0e:de:a7:d3:d6:d8:be:b5:3e:35:bd:6b:f4:83:64:
41:07:98:f3:a4:00:54:11:2c:f6:0f:d6:8e:4e:ea:49:5d:52:
93:14:9c:ad:48:e8:2e:e6:42:7a:f3:8f:48:2f:33:69:3c:35:
2d:ff:06:39:f1:85:ba:23:46:b6:3b:31:17:b7:1d:10:c2:16:
71:e8:53:f6:df:55:f1:36:d6:53:59:bb:46:24:83:ae:1d:e5:
b6:16:bc:83
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXkiwkXuzkMvZESBz3Urnn/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Nzc2ODdiY2U0MmEzZTkxMTcwYzg1NjU5NzM0MTMxNGRiNWVmYzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllUzK/CEmVmmve+UWPJqjc26tscg
9XVoeVjbaJirZp4frTfflV0tROfvAMvWIpD7P+LmCwVHgkdXSW0g1eWKCWlWAdf/
GssO2Owqb/8xqvDLHPIfbf1ANYJDhz7NQ/MoBdNpxOgha+fuocWc659Fd8Y4o04W
uDcTvWUB+QpDmaAIWC1Dw7Tdx0P/k7UqRHqAAqO3WBOpzxEMkgrJnMf4LxEZSnnL
9RJswSTsph4//mcOC7VKi22kTnJenhrqps4b4y5Zk+nW2CGQS7tWJn7X7ToyRtXS
IMn3NgzSFK57G0oltRnlNhSvIFNxjuaSmX5+Yari/chtt9kp2769Iwl6AwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGd2h7zkKj6RFwyFZZc0ExTbXvyZMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWjNhSHZPUXFQcEVYRElWbGx6UVRGTnRlX0prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBw0A
MA0GCSqGSIb3DQEBCwUAA4IBAQAKSSGprVssV+ljikOycaIeTFsiwFh2j4MrIQxM
TFCAZohzoiYaSsogLTfjyKEf5yn5cwjGeVcv0wk1phjqMxvJOpvKDo7dQcR5FNHI
EFPs9Zthc02tqaYiuyJ79GjZ02PtJHX6g8FtFEXlxg7vL9d16TI9Zp+g3X4YHgIk
X+1y8cYIvVhVP5VjIuB2BSqkgn9zN0PvE+02zOyKkO8myBhN2kmJAg0O3qfT1ti+
tT41vWv0g2RBB5jzpABUESz2D9aOTupJXVKTFJytSOgu5kJ6849ILzNpPDUt/wY5
8YW6I0a2OzEXtx0QwhZx6FP231XxNtZTWbtGJIOuHeW2FryD
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:51 2024 by rpki-client on console-ams.rpki-client.org