Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_Ap3DL_IaAT63iNF6fWlQxUCMig.roa
File: _Ap3DL_IaAT63iNF6fWlQxUCMig.roa (raw, json)
Hash identifier: nkfy5KjGYwbTgDuxcaXG4ROCOIge9YXG8+9JrbozaL0=
Subject key identifier: FC:0A:77:0C:BF:C8:68:04:FA:DE:23:45:E9:F5:A5:43:15:02:32:28
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48B12ED5DAC7C63163CBA424241D31D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_Ap3DL_IaAT63iNF6fWlQxUCMig.roa
Signing time: Tue 24 Jan 2023 16:09:57 +0000
ROA not before: Tue 24 Jan 2023 16:09:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398355
IP address blocks: 2a0e:b107:14ff::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8b:12:ed:5d:ac:7c:63:16:3c:ba:42:42:41:d3:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc0a770cbfc86804fade2345e9f5a54315023228
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:9f:f9:3e:0b:bc:b0:82:14:9d:1b:5c:ea:e5:
7a:89:c6:07:14:e1:cd:9b:ef:71:f9:49:9e:cb:d5:
37:b1:97:a1:c8:63:36:c8:bd:8d:22:49:47:1a:86:
63:f5:09:75:49:b7:55:77:df:a3:85:9d:34:90:8c:
bd:5d:6f:80:b2:56:59:44:8a:90:65:90:3a:a6:25:
2b:b9:65:4a:c0:63:fc:5d:78:08:40:91:7e:24:ac:
1c:55:53:07:65:e9:e9:99:26:e7:32:39:52:df:f0:
ac:9f:25:c0:0b:36:bd:46:b7:40:6e:44:e4:21:38:
db:9f:bc:c2:ba:ad:bd:0e:c4:01:be:49:5e:6e:d1:
39:1f:de:c8:3a:1f:44:c3:ea:a0:67:03:45:f3:aa:
9c:cb:29:50:26:92:8f:a5:c4:80:4f:f1:da:aa:63:
2e:44:a7:41:13:a1:8d:70:ed:42:47:33:4d:0c:09:
7e:6b:84:2b:4f:63:32:d0:4f:50:02:bf:e9:dd:4f:
47:f5:a5:0b:81:10:79:2b:a9:55:d7:23:04:da:c7:
7c:14:08:f1:f7:0b:93:3a:65:3c:43:1e:12:f1:cc:
49:91:0e:17:4a:81:14:f1:ea:0e:84:b4:a9:f2:8a:
6d:1b:ad:ec:d0:17:41:df:1a:7b:0a:1b:20:83:ab:
ba:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:0A:77:0C:BF:C8:68:04:FA:DE:23:45:E9:F5:A5:43:15:02:32:28
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_Ap3DL_IaAT63iNF6fWlQxUCMig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:14ff::/48
Signature Algorithm: sha256WithRSAEncryption
52:e5:ff:c3:e4:fb:1e:e0:ae:f8:b1:05:ff:ff:dc:47:2f:25:
33:46:cb:09:ad:51:93:50:b7:0a:59:92:ab:37:fc:a1:46:b9:
3c:c1:5f:99:1e:32:23:a9:69:27:41:c9:f1:db:3b:f9:42:dc:
ec:1d:1f:18:1f:bf:22:00:c3:7d:09:33:08:4c:b7:a6:41:1e:
ae:45:b7:33:3c:64:bc:1f:dc:7b:31:e3:60:6b:74:8d:1e:06:
b5:e3:06:44:b1:41:a8:a3:11:e4:be:e3:54:ae:a0:48:a2:16:
f8:24:4b:fd:dc:18:04:06:3e:77:bc:ba:8a:07:4a:d8:3d:52:
64:5a:9a:84:5d:5b:16:a0:7a:ae:b9:55:e1:e2:f6:5c:b7:8b:
f9:82:2a:2a:c1:91:a7:20:74:9b:fe:d5:12:87:7f:95:45:5f:
41:87:e3:c1:d8:70:fb:54:1c:6b:a5:f5:50:00:9a:1c:45:55:
c0:ca:59:cd:aa:35:8e:49:af:e1:8b:71:a7:c6:6e:1f:9c:95:
dd:46:44:fd:ac:20:35:ff:c0:2e:5c:dc:a4:1e:33:81:aa:dc:
dc:a6:8c:1d:d4:dd:20:6c:ac:8d:46:45:76:4d:4e:38:19:ef:
47:d2:ce:e3:fd:ff:6b:7f:4f:bc:94:a7:47:35:7f:9b:7d:6a:
02:de:fc:e7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXkixLtXax8YxY8ukJCQdMdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzBhNzcwY2JmYzg2ODA0ZmFkZTIzNDVlOWY1YTU0MzE1MDIzMjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA35/5Pgu8sIIUnRtc6uV6icYHFOHN
m+9x+Umey9U3sZehyGM2yL2NIklHGoZj9Ql1SbdVd9+jhZ00kIy9XW+AslZZRIqQ
ZZA6piUruWVKwGP8XXgIQJF+JKwcVVMHZenpmSbnMjlS3/CsnyXACza9RrdAbkTk
ITjbn7zCuq29DsQBvklebtE5H97IOh9Ew+qgZwNF86qcyylQJpKPpcSAT/HaqmMu
RKdBE6GNcO1CRzNNDAl+a4QrT2My0E9QAr/p3U9H9aULgRB5K6lV1yME2sd8FAjx
9wuTOmU8Qx4S8cxJkQ4XSoEU8eoOhLSp8optG63s0BdB3xp7Chsgg6u6NQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPwKdwy/yGgE+t4jRen1pUMVAjIoMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvX0FwM0RMX0lhQVQ2M2lORjZmV2xReFVDTWlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBxT/
MA0GCSqGSIb3DQEBCwUAA4IBAQBS5f/D5Pse4K74sQX//9xHLyUzRssJrVGTULcK
WZKrN/yhRrk8wV+ZHjIjqWknQcnx2zv5QtzsHR8YH78iAMN9CTMITLemQR6uRbcz
PGS8H9x7MeNga3SNHga14wZEsUGooxHkvuNUrqBIohb4JEv93BgEBj53vLqKB0rY
PVJkWpqEXVsWoHquuVXh4vZct4v5gioqwZGnIHSb/tUSh3+VRV9Bh+PB2HD7VBxr
pfVQAJocRVXAylnNqjWOSa/hi3Gnxm4fnJXdRkT9rCA1/8AuXNykHjOBqtzcpowd
1N0gbKyNRkV2TU44Ge9H0s7j/f9rf0+8lKdHNX+bfWoC3vzn
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:51 2024 by rpki-client on console-ams.rpki-client.org