Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Z5QbZVH96BpePBpKCd5LJCpGPR4.roa
File: Z5QbZVH96BpePBpKCd5LJCpGPR4.roa (raw, json)
Hash identifier: KwoHc27yCjcWfZsIxKjIqKlUjIf5nfatvrV6FqFfUVU=
Subject key identifier: 67:94:1B:65:51:FD:E8:1A:5E:3C:1A:4A:09:DE:4B:24:2A:46:3D:1E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0187F648992183CBAE20A0572F882AAF59BB
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Z5QbZVH96BpePBpKCd5LJCpGPR4.roa
Signing time: Sun 07 May 2023 12:56:05 +0000
ROA not before: Sun 07 May 2023 12:56:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212793
IP address blocks: 2a10:2f01:2d0::/44 maxlen: 48
2a10:2f01:350::/44 maxlen: 48
2a10:2f00:147::/48 maxlen: 48
2a0f:e401:130::/44 maxlen: 48
2a10:2f01:2d1::/48 maxlen: 48
2a10:2f01:354::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:f6:48:99:21:83:cb:ae:20:a0:57:2f:88:2a:af:59:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 7 12:56:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67941b6551fde81a5e3c1a4a09de4b242a463d1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:89:6f:d3:70:2a:1b:6a:4c:0f:5d:49:ad:43:
24:dd:41:d6:6a:3f:41:6a:32:0a:88:d4:af:2e:3c:
ce:51:b4:0c:b4:d1:7a:b1:3f:93:c4:c8:79:a3:62:
7d:9b:c5:30:bc:84:ff:44:46:41:94:18:27:aa:cf:
72:31:8f:db:e1:3a:d6:d3:ac:d7:24:28:9f:00:f1:
90:74:e2:28:a0:a8:bd:d2:d6:1c:c8:41:8e:9e:99:
ad:e6:ff:a6:5f:2f:1e:84:04:c4:c5:fe:67:25:1f:
6e:0a:0d:dd:61:b4:f1:4b:1f:22:01:91:cd:96:d3:
7e:25:7a:5f:08:2c:d5:2c:e4:4e:32:51:2d:77:b0:
0c:be:fc:ad:d9:73:bc:a3:b3:e1:83:1c:36:5e:da:
ee:4f:f1:98:67:9c:2b:0c:6c:0c:80:53:1c:c2:c0:
d4:24:5d:aa:b0:af:c4:e5:a0:88:19:5e:bc:d7:78:
a3:af:23:bc:af:ce:24:a4:ae:9e:9c:83:1e:68:a9:
ca:40:57:a7:66:33:7e:c2:fa:3b:01:22:b3:06:d4:
08:48:22:f9:83:ca:4d:96:56:72:b7:6b:21:6b:85:
5a:55:50:93:ed:c7:9f:97:78:6e:3c:a4:4a:62:06:
e7:d8:ff:a4:ec:c3:55:84:04:a8:2d:f3:02:4d:d3:
74:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:94:1B:65:51:FD:E8:1A:5E:3C:1A:4A:09:DE:4B:24:2A:46:3D:1E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Z5QbZVH96BpePBpKCd5LJCpGPR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e401:130::/44
2a10:2f00:147::/48
2a10:2f01:2d0::/44
2a10:2f01:350::/44
Signature Algorithm: sha256WithRSAEncryption
04:8f:7b:89:92:1b:b4:e4:53:3c:b8:41:ee:06:ef:83:c4:c1:
b7:0f:2e:e7:f2:d5:7e:33:41:03:e0:00:11:35:76:7a:be:ed:
7c:0b:55:1f:d4:07:87:7e:07:88:c7:b2:c4:28:92:10:6d:77:
be:a3:05:cd:3d:d7:f0:e6:b7:a5:1e:7e:bb:58:03:94:fa:5a:
5b:e2:f5:68:45:58:9d:b4:a5:c7:74:28:8f:a3:20:ba:24:72:
40:32:21:ae:d7:f2:09:ae:9a:5a:e6:98:d3:a2:4b:48:9b:c3:
8b:e3:27:80:57:14:c7:eb:7b:15:36:41:3c:86:ea:49:46:1d:
d8:8f:d6:cf:ed:bc:eb:91:55:5c:4e:5c:64:e2:a2:11:b9:95:
6e:48:65:e6:e7:2a:97:42:c5:4c:76:5f:94:3c:23:ee:83:b6:
50:28:a4:90:32:d9:84:28:5a:a4:08:d6:98:23:bb:17:27:5a:
ca:d6:b0:fa:5d:ba:22:7b:3c:41:94:f1:e2:cc:ef:57:c7:07:
d2:b0:2e:49:75:66:68:02:85:ad:56:75:aa:95:a0:9e:8f:5f:
53:5b:34:c5:09:62:f0:55:7c:25:f4:6c:ba:5a:a1:91:bf:0e:
bc:c2:17:0e:57:d0:99:44:f5:ec:4b:59:98:3d:2d:06:44:39:
7a:85:3c:47
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYf2SJkhg8uuIKBXL4gqr1m7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNTA3MTI1NjA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Nzk0MWI2NTUxZmRlODFhNWUzYzFhNGEwOWRlNGIyNDJhNDYzZDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIlv03AqG2pMD11JrUMk3UHWaj9B
ajIKiNSvLjzOUbQMtNF6sT+TxMh5o2J9m8UwvIT/REZBlBgnqs9yMY/b4TrW06zX
JCifAPGQdOIooKi90tYcyEGOnpmt5v+mXy8ehATExf5nJR9uCg3dYbTxSx8iAZHN
ltN+JXpfCCzVLOROMlEtd7AMvvyt2XO8o7Phgxw2XtruT/GYZ5wrDGwMgFMcwsDU
JF2qsK/E5aCIGV6813ijryO8r84kpK6enIMeaKnKQFenZjN+wvo7ASKzBtQISCL5
g8pNllZyt2sha4VaVVCT7cefl3huPKRKYgbn2P+k7MNVhASoLfMCTdN0jwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGeUG2VR/egaXjwaSgneSyQqRj0eMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWjVRYlpWSDk2QnBlUEJwS0NkNUxKQ3BHUFI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcEKg/kAQEw
AwcAKhAvAAFHAwcEKhAvAQLQAwcEKhAvAQNQMA0GCSqGSIb3DQEBCwUAA4IBAQAE
j3uJkhu05FM8uEHuBu+DxMG3Dy7n8tV+M0ED4AARNXZ6vu18C1Uf1AeHfgeIx7LE
KJIQbXe+owXNPdfw5relHn67WAOU+lpb4vVoRVidtKXHdCiPoyC6JHJAMiGu1/IJ
rppa5pjToktIm8OL4yeAVxTH63sVNkE8hupJRh3Yj9bP7bzrkVVcTlxk4qIRuZVu
SGXm5yqXQsVMdl+UPCPug7ZQKKSQMtmEKFqkCNaYI7sXJ1rK1rD6XboiezxBlPHi
zO9XxwfSsC5JdWZoAoWtVnWqlaCej19TWzTFCWLwVXwl9Gy6WqGRvw68whcOV9CZ
RPXsS1mYPS0GRDl6hTxH
-----END CERTIFICATE-----
Generated at Thu Dec 14 00:24:54 2023 by rpki-client on console-fra.rpki-client.org