Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_2DKSNqiZnPg-wSRJfbzXH_zBwk.roa
File: _2DKSNqiZnPg-wSRJfbzXH_zBwk.roa (raw, json)
Hash identifier: lijI5BGKDVtg8sY3KfCdcJWmtTWg4eLbsqkADw1VttM=
Subject key identifier: FF:60:CA:48:DA:A2:66:73:E0:FB:04:91:25:F6:F3:5C:7F:F3:07:09
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7AAAE02B26320617736D8A2C8638A
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_2DKSNqiZnPg-wSRJfbzXH_zBwk.roa
Signing time: Mon 02 Jan 2023 05:15:08 +0000
ROA not before: Mon 02 Jan 2023 05:15:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202647
IP address blocks: 2a10:2f00:18c::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:aa:ae:02:b2:63:20:61:77:36:d8:a2:c8:63:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff60ca48daa26673e0fb049125f6f35c7ff30709
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:06:f7:17:9f:a1:0d:55:f0:19:e2:78:ff:8a:
53:fe:21:74:85:dc:d3:a1:42:ae:24:b0:17:a5:77:
33:c3:a4:41:3a:a0:db:11:8c:40:f2:eb:a1:97:47:
75:2e:37:21:44:75:9d:e2:8b:3f:24:40:d7:f0:2b:
f4:76:77:49:29:ff:fc:f3:2c:70:47:be:3d:f1:f4:
92:2b:42:1f:91:ba:0f:34:44:36:dd:63:18:a7:ec:
cb:56:f7:5f:e4:e3:28:c5:ef:58:94:35:49:72:1c:
97:99:05:35:76:50:53:38:1c:86:5c:e5:a1:61:7c:
44:a0:88:8f:4b:9f:78:2a:6b:fc:65:14:42:84:4a:
58:84:bb:39:2a:13:dd:ce:7f:23:4e:c1:b2:18:20:
30:47:ac:63:93:cd:a2:30:02:d4:72:e3:68:e3:8b:
9e:5a:04:c0:bb:4d:64:d8:5c:0b:32:9d:75:b4:6c:
d6:e1:d6:d0:78:30:6c:73:c0:2c:ac:3a:9f:c9:4b:
7e:39:6d:d6:d8:6a:17:38:89:63:44:66:6d:ce:01:
62:3d:50:1c:0e:1f:8f:1c:97:1f:ac:06:e2:16:81:
97:0a:ce:6f:af:ae:50:14:2e:8e:f0:94:d9:d4:29:
ea:61:6f:ef:19:a7:b0:7d:63:5a:f8:12:34:0c:3d:
bb:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:60:CA:48:DA:A2:66:73:E0:FB:04:91:25:F6:F3:5C:7F:F3:07:09
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_2DKSNqiZnPg-wSRJfbzXH_zBwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:2f00:18c::/48
Signature Algorithm: sha256WithRSAEncryption
01:6a:d1:44:b0:50:6d:ca:c2:78:28:27:a3:6e:2b:4f:0f:ab:
45:ee:f7:30:bd:65:81:3a:6f:04:b0:73:86:db:c0:28:44:a4:
3a:ab:58:26:6a:44:1d:9e:a9:53:6d:fb:a9:62:da:7e:f2:6c:
f9:d1:56:ed:1d:97:ed:96:fc:89:4c:e9:85:61:5f:3a:06:f8:
35:2c:11:a5:b4:57:cd:8f:7f:58:20:4b:b7:57:6c:ef:cf:80:
e1:bd:c4:5b:a5:6b:21:1f:67:18:99:b4:d7:1d:9e:47:4f:21:
f6:54:78:9a:c9:25:13:35:5b:43:79:ff:36:c4:fb:35:41:54:
19:70:30:8c:b5:50:4a:bc:c7:18:54:b7:1f:d2:60:da:8b:8b:
b7:a1:3f:7a:cf:1b:dd:3c:8d:9c:d5:23:2a:b1:cb:fd:57:c9:
75:de:e4:0d:19:7e:42:39:37:4e:6b:5a:45:f1:92:3a:60:15:
0e:0a:0b:e1:2f:e9:f1:a6:72:4f:c2:67:54:71:41:71:b9:a4:
ba:9f:ed:ab:42:a1:f2:95:06:d7:4b:92:c8:54:6f:74:9f:e7:
6e:70:5e:c4:eb:40:39:c5:5e:3e:f7:c1:d3:01:1f:ae:95:ab:
d9:66:c7:fb:03:c3:8e:02:d3:61:7e:8e:a2:56:26:57:2f:e6:
77:73:cd:1c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw56quArJjIGF3NtiiyGOKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjYwY2E0OGRhYTI2NjczZTBmYjA0OTEyNWY2ZjM1YzdmZjMwNzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwb3F5+hDVXwGeJ4/4pT/iF0hdzT
oUKuJLAXpXczw6RBOqDbEYxA8uuhl0d1LjchRHWd4os/JEDX8Cv0dndJKf/88yxw
R7498fSSK0IfkboPNEQ23WMYp+zLVvdf5OMoxe9YlDVJchyXmQU1dlBTOByGXOWh
YXxEoIiPS594Kmv8ZRRChEpYhLs5KhPdzn8jTsGyGCAwR6xjk82iMALUcuNo44ue
WgTAu01k2FwLMp11tGzW4dbQeDBsc8AsrDqfyUt+OW3W2GoXOIljRGZtzgFiPVAc
Dh+PHJcfrAbiFoGXCs5vr65QFC6O8JTZ1CnqYW/vGaewfWNa+BI0DD27oQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFP9gykjaomZz4PsEkSX281x/8wcJMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvXzJES1NOcWlablBnLXdTUkpmYnpYSF96QndrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhAvAAGM
MA0GCSqGSIb3DQEBCwUAA4IBAQABatFEsFBtysJ4KCejbitPD6tF7vcwvWWBOm8E
sHOG28AoRKQ6q1gmakQdnqlTbfupYtp+8mz50VbtHZftlvyJTOmFYV86Bvg1LBGl
tFfNj39YIEu3V2zvz4DhvcRbpWshH2cYmbTXHZ5HTyH2VHiaySUTNVtDef82xPs1
QVQZcDCMtVBKvMcYVLcf0mDai4u3oT96zxvdPI2c1SMqscv9V8l13uQNGX5COTdO
a1pF8ZI6YBUOCgvhL+nxpnJPwmdUcUFxuaS6n+2rQqHylQbXS5LIVG90n+ducF7E
60A5xV4+98HTAR+ulavZZsf7A8OOAtNhfo6iViZXL+Z3c80c
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:32 2024 by rpki-client on console-fra.rpki-client.org