Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZQLzbBb-MvVCErghzrzUYgTt5vE.roa
File: ZQLzbBb-MvVCErghzrzUYgTt5vE.roa (raw, json)
Hash identifier: ItywVa7s587NrkNjp1eq8rma44T8P6/SMfFiJhyMo1U=
Subject key identifier: 65:02:F3:6C:16:FE:32:F5:42:12:B8:21:CE:BC:D4:62:04:ED:E6:F1
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48AF79BC28E0C29D8C5DCCDA7BC61D1
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZQLzbBb-MvVCErghzrzUYgTt5vE.roa
Signing time: Tue 24 Jan 2023 16:09:50 +0000
ROA not before: Tue 24 Jan 2023 16:09:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211495
IP address blocks: 2a10:2f00:16c::/48 maxlen: 48
2a0e:b107:10c0::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:f7:9b:c2:8e:0c:29:d8:c5:dc:cd:a7:bc:61:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6502f36c16fe32f54212b821cebcd46204ede6f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:57:9d:16:71:13:22:f3:57:db:74:e4:73:32:
86:a5:48:5b:70:2e:84:a3:d9:95:6a:27:1f:cc:74:
5c:28:56:d1:e1:36:de:e7:5d:44:96:d6:58:66:8c:
75:96:73:bb:5a:4f:d4:7a:05:e0:df:b5:5b:1d:6e:
c3:db:f7:ad:f8:64:7a:73:4a:ea:e1:f4:4d:ad:42:
f5:f6:39:cc:f0:53:0d:32:db:84:c5:4a:8e:53:c8:
ed:d4:58:39:38:0f:88:4a:1d:2e:a2:54:8f:d7:0b:
ef:63:c7:11:d1:f6:47:14:f2:34:16:d8:13:30:bf:
53:b6:6e:8d:60:0e:f8:ad:fb:04:67:b4:68:0d:f5:
59:ea:94:29:c7:a4:99:85:5a:92:0c:f8:38:90:0b:
1f:99:5a:0a:0e:2b:95:5c:d7:20:16:f3:b5:24:f4:
5d:ca:08:69:69:bb:0b:53:5c:73:f2:1a:6e:44:a2:
18:d2:9d:45:0a:5f:b2:04:85:83:e8:d6:79:df:1a:
ff:29:fe:df:00:32:d5:69:60:b6:3f:03:d9:f3:b4:
17:35:cf:f0:c8:ba:5d:cb:d7:6f:26:e8:6e:ff:83:
3d:7e:71:a0:54:d7:1a:e8:43:cc:ed:20:78:0f:60:
e2:7c:d2:f3:38:d4:83:b6:96:40:c0:62:bb:41:0b:
8f:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:02:F3:6C:16:FE:32:F5:42:12:B8:21:CE:BC:D4:62:04:ED:E6:F1
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZQLzbBb-MvVCErghzrzUYgTt5vE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:10c0::/44
2a10:2f00:16c::/48
Signature Algorithm: sha256WithRSAEncryption
7c:f2:0c:16:20:b1:11:a2:53:0d:bb:ff:7a:f6:bb:f4:da:d7:
12:61:63:2e:be:9b:33:24:99:dc:ff:c8:75:a9:0a:69:de:75:
47:a8:69:08:00:d1:b0:7e:80:fb:a3:55:ba:a8:ba:62:7d:87:
c8:7a:f9:c1:cd:b1:18:54:d2:2a:7c:a4:4e:7c:0d:61:75:54:
b6:2c:41:d2:89:c7:24:2f:fe:24:d6:aa:42:21:95:eb:a1:8b:
ff:f8:0d:26:d2:ab:56:54:09:b4:b3:e4:03:d2:8f:2c:80:b5:
a4:83:56:3a:05:02:a4:42:7c:4b:b8:92:b6:26:57:04:ad:06:
e0:72:93:50:11:d4:c3:da:38:1a:6f:6d:45:54:5e:81:21:cc:
dd:cb:b3:2b:71:1a:af:14:82:fb:d9:b4:10:df:4d:0e:c4:b4:
d5:dd:97:d3:56:22:7c:f8:9a:28:f5:54:bc:ea:c4:9c:77:63:
92:7a:98:91:e2:26:e1:32:b2:89:5d:9e:c8:52:c6:4d:b4:fa:
40:10:a5:b4:cb:34:66:15:cb:f4:f4:1b:6f:cd:11:b5:ed:f6:
12:b2:3c:32:8a:cf:46:a5:ec:46:06:a8:97:67:86:df:94:e5:
aa:cd:17:92:f4:be:6f:a2:d4:dd:0d:67:83:ba:37:6a:b1:24:
34:a3:41:3e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXkivebwo4MKdjF3M2nvGHRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTAyZjM2YzE2ZmUzMmY1NDIxMmI4MjFjZWJjZDQ2MjA0ZWRlNmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1edFnETIvNX23TkczKGpUhbcC6E
o9mVaicfzHRcKFbR4Tbe511EltZYZox1lnO7Wk/UegXg37VbHW7D2/et+GR6c0rq
4fRNrUL19jnM8FMNMtuExUqOU8jt1Fg5OA+ISh0uolSP1wvvY8cR0fZHFPI0FtgT
ML9Ttm6NYA74rfsEZ7RoDfVZ6pQpx6SZhVqSDPg4kAsfmVoKDiuVXNcgFvO1JPRd
yghpabsLU1xz8hpuRKIY0p1FCl+yBIWD6NZ53xr/Kf7fADLVaWC2PwPZ87QXNc/w
yLpdy9dvJuhu/4M9fnGgVNca6EPM7SB4D2DifNLzONSDtpZAwGK7QQuP8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGUC82wW/jL1QhK4Ic681GIE7ebxMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWlFMemJCYi1NdlZDRXJnaHpyelVZZ1R0NXZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6xBxDA
AwcAKhAvAAFsMA0GCSqGSIb3DQEBCwUAA4IBAQB88gwWILERolMNu/969rv02tcS
YWMuvpszJJnc/8h1qQpp3nVHqGkIANGwfoD7o1W6qLpifYfIevnBzbEYVNIqfKRO
fA1hdVS2LEHSicckL/4k1qpCIZXroYv/+A0m0qtWVAm0s+QD0o8sgLWkg1Y6BQKk
QnxLuJK2JlcErQbgcpNQEdTD2jgab21FVF6BIczdy7MrcRqvFIL72bQQ300OxLTV
3ZfTViJ8+Joo9VS86sScd2OSepiR4ibhMrKJXZ7IUsZNtPpAEKW0yzRmFcv09Btv
zRG17fYSsjwyis9GpexGBqiXZ4bflOWqzReS9L5votTdDWeDujdqsSQ0o0E+
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:51 2024 by rpki-client on console-ams.rpki-client.org