Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZYdheMQBEqgsX0qvuhaSH37aWNI.roa
File: ZYdheMQBEqgsX0qvuhaSH37aWNI.roa (raw, json)
Hash identifier: kZnAp5160TP9QfysoLJsbTQ6V5XyThnhil8ab96b3oM=
Subject key identifier: 65:87:61:78:C4:01:12:A8:2C:5F:4A:AF:BA:16:92:1F:7E:DA:58:D2
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018C7C3D621F659B57E9899DBF8CE3558912
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZYdheMQBEqgsX0qvuhaSH37aWNI.roa
Signing time: Mon 18 Dec 2023 09:24:06 +0000
ROA not before: Mon 18 Dec 2023 09:24:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 215849
IP address blocks: 2a0e:b107:2830::/48 maxlen: 48
2a0e:b107:2835::/48 maxlen: 48
2a0e:b107:2832::/48 maxlen: 48
2a0e:b107:2837::/48 maxlen: 48
2a0e:b107:2834::/48 maxlen: 48
2a0e:b107:2831::/48 maxlen: 48
2a0e:b107:2836::/48 maxlen: 48
2a0e:b107:2833::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7c:3d:62:1f:65:9b:57:e9:89:9d:bf:8c:e3:55:89:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 18 09:24:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65876178c40112a82c5f4aafba16921f7eda58d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:2d:79:c9:1b:aa:a3:eb:c3:1b:6e:a7:e2:c4:
7b:f8:8d:86:b1:ba:21:3c:ae:40:1b:2c:33:05:f8:
21:37:66:ce:09:d2:89:61:30:b0:8e:62:d6:84:12:
6c:5b:99:1a:fb:f6:43:55:0b:9f:8c:a8:03:3d:f1:
e7:2b:e3:59:24:27:84:41:bb:ef:ea:07:46:f8:6a:
91:69:0f:cf:c0:c3:2b:14:6b:48:82:30:09:a2:64:
c8:c8:59:f0:6b:c9:47:b2:85:cf:4f:fd:e4:ca:77:
da:87:5e:11:7f:b5:e6:55:be:45:a0:27:34:1a:b4:
f3:80:a6:0e:75:58:23:86:23:4d:d2:bb:6c:0d:a2:
c1:d0:93:b1:bf:47:d0:4c:04:c7:8d:1f:4a:5a:2d:
72:c5:cd:d1:64:56:93:f0:6d:ed:47:ee:f7:5f:14:
ce:6f:20:03:d3:13:aa:02:9e:4e:b3:d3:25:c6:67:
8a:82:e5:03:80:f6:b3:ec:e9:be:6b:a4:35:ae:d3:
0e:69:c8:b5:2d:d5:c7:bf:9c:44:61:2f:2f:ac:bf:
ff:70:b6:0c:76:e5:df:d4:0a:f7:35:d4:64:71:6a:
78:ca:45:0b:59:fc:e1:2f:aa:b7:47:ba:9f:bb:61:
f3:bd:74:eb:51:eb:0c:ed:99:38:1c:e7:05:ae:61:
01:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:87:61:78:C4:01:12:A8:2C:5F:4A:AF:BA:16:92:1F:7E:DA:58:D2
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZYdheMQBEqgsX0qvuhaSH37aWNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:2830::/45
Signature Algorithm: sha256WithRSAEncryption
87:12:89:5c:34:2b:cb:af:17:ef:00:91:a7:7b:b9:df:c5:3c:
06:26:75:fd:b8:b5:e6:86:b3:5f:73:1e:40:3c:3f:91:06:e7:
07:46:4c:65:c1:72:86:33:7b:f4:a6:0e:3e:f7:86:ef:64:2a:
29:80:cd:0e:5c:81:84:13:04:3a:ee:4c:ba:68:73:33:72:13:
5f:42:7e:c6:7e:28:cf:e4:ab:53:b1:1d:75:30:67:92:f7:78:
55:a1:39:71:79:75:68:5a:d3:de:40:3f:e7:b6:43:14:b2:00:
e5:49:88:c3:7e:b7:7d:ae:27:68:f8:ec:67:50:d1:a7:ca:fa:
eb:f5:9e:f8:18:18:fc:49:30:b3:3b:51:9e:93:d4:31:9b:0b:
3d:de:7c:68:38:3d:62:e5:81:5c:ba:b0:65:ac:6d:fe:36:96:
0f:20:a4:67:3d:6e:40:74:27:42:15:ab:9c:a1:1f:06:ea:cd:
9f:7e:d7:4b:e1:ba:7b:8c:73:7d:57:30:06:70:27:4d:7f:cf:
4b:58:12:2d:0c:96:ba:4b:13:01:8d:16:17:eb:db:7e:da:b7:
75:c1:7e:11:95:a7:21:a6:e2:4e:04:94:49:09:03:65:91:56:
7d:cd:16:36:7b:56:a2:9c:a8:e3:f8:2f:fb:59:fa:c2:a6:52:
47:31:80:6a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYx8PWIfZZtX6Ymdv4zjVYkSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMjE4MDkyNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTg3NjE3OGM0MDExMmE4MmM1ZjRhYWZiYTE2OTIxZjdlZGE1OGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAni15yRuqo+vDG26n4sR7+I2Gsboh
PK5AGywzBfghN2bOCdKJYTCwjmLWhBJsW5ka+/ZDVQufjKgDPfHnK+NZJCeEQbvv
6gdG+GqRaQ/PwMMrFGtIgjAJomTIyFnwa8lHsoXPT/3kynfah14Rf7XmVb5FoCc0
GrTzgKYOdVgjhiNN0rtsDaLB0JOxv0fQTATHjR9KWi1yxc3RZFaT8G3tR+73XxTO
byAD0xOqAp5Os9MlxmeKguUDgPaz7Om+a6Q1rtMOaci1LdXHv5xEYS8vrL//cLYM
duXf1Ar3NdRkcWp4ykULWfzhL6q3R7qfu2HzvXTrUesM7Zk4HOcFrmEBJwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGWHYXjEARKoLF9Kr7oWkh9+2ljSMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWllkaGVNUUJFcWdzWDBxdnVoYVNIMzdhV05JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcDKg6xBygw
MA0GCSqGSIb3DQEBCwUAA4IBAQCHEolcNCvLrxfvAJGne7nfxTwGJnX9uLXmhrNf
cx5APD+RBucHRkxlwXKGM3v0pg4+94bvZCopgM0OXIGEEwQ67ky6aHMzchNfQn7G
fijP5KtTsR11MGeS93hVoTlxeXVoWtPeQD/ntkMUsgDlSYjDfrd9rido+OxnUNGn
yvrr9Z74GBj8STCzO1Gek9Qxmws93nxoOD1i5YFcurBlrG3+NpYPIKRnPW5AdCdC
FaucoR8G6s2fftdL4bp7jHN9VzAGcCdNf89LWBItDJa6SxMBjRYX69t+2rd1wX4R
lachpuJOBJRJCQNlkVZ9zRY2e1ainKjj+C/7WfrCplJHMYBq
-----END CERTIFICATE-----
Generated at Mon Dec 18 15:54:20 2023 by rpki-client on console-ams.rpki-client.org