Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_G2pARp0BpV1u169qI5ZYNO_D0I.roa
File: _G2pARp0BpV1u169qI5ZYNO_D0I.roa (raw, json)
Hash identifier: Yr4fzPSvAnPVuu7Qa4yYQCcCpD4O6tvBo6EOoPn8rLQ=
Subject key identifier: FC:6D:A9:01:1A:74:06:95:75:BB:5E:BD:A8:8E:59:60:D3:BF:0F:42
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018C73EAF2246E0A374DCC854423FEDBD45C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_G2pARp0BpV1u169qI5ZYNO_D0I.roa
Signing time: Sat 16 Dec 2023 18:37:06 +0000
ROA not before: Sat 16 Dec 2023 18:37:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8075
IP address blocks: 2a0e:97c0:3b0::/48 maxlen: 48
2a0e:b107:27c7::/48 maxlen: 48
2a0e:b107:27ac::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:73:ea:f2:24:6e:0a:37:4d:cc:85:44:23:fe:db:d4:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 16 18:37:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc6da9011a74069575bb5ebda88e5960d3bf0f42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:db:98:ce:09:51:45:29:73:99:ff:db:26:b2:
40:1e:f2:64:4c:c8:8c:dc:e9:9d:f3:72:7c:5e:19:
5b:8e:00:c4:ef:3d:bc:9e:ad:e3:6c:6e:42:7e:d6:
81:23:a8:da:8e:67:b3:c3:85:18:aa:04:46:14:35:
1f:1c:c3:64:8a:ee:a8:21:8c:69:2d:77:d9:d5:58:
a5:4f:35:70:c2:91:30:88:7b:a5:2a:f9:8e:97:6c:
be:df:68:3c:ae:fb:07:5d:e2:26:d5:45:36:ce:6d:
86:1b:ec:26:e5:46:e6:da:7c:ad:c3:90:b4:85:8c:
b4:94:9c:ea:73:71:0f:22:71:cd:48:c0:ae:8b:c1:
ff:f3:a5:29:92:cf:e2:50:d9:ba:d1:18:90:f1:e1:
e7:d7:c6:fb:86:39:c2:48:85:ab:78:47:3c:5c:b1:
a0:21:1c:a2:51:35:9f:cd:a5:15:cc:dd:4e:6d:7b:
b8:ee:d4:97:b5:45:fe:85:46:51:f2:a8:45:41:ba:
4c:04:df:22:5e:55:e0:68:25:af:16:3b:d6:03:b7:
8d:29:a2:c8:49:a7:aa:6e:62:c6:1c:d7:39:ca:39:
69:40:e7:d0:e5:fe:a4:14:36:48:66:c3:f6:35:93:
bd:92:b0:b9:30:08:50:31:7b:41:1d:97:2f:d7:6f:
8b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:6D:A9:01:1A:74:06:95:75:BB:5E:BD:A8:8E:59:60:D3:BF:0F:42
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_G2pARp0BpV1u169qI5ZYNO_D0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:3b0::/48
2a0e:b107:27ac::/48
2a0e:b107:27c7::/48
Signature Algorithm: sha256WithRSAEncryption
8f:7c:64:b9:5e:56:61:6e:be:cc:be:86:51:98:37:b8:b4:4c:
81:01:e9:8e:ee:48:fd:89:04:14:c1:a9:d7:01:e2:b2:10:24:
d0:bd:36:9e:63:8e:a9:50:9b:5e:ec:f7:e0:b3:33:45:a5:7b:
5f:c0:79:4c:ad:56:5d:85:cd:66:79:0a:83:b4:3d:f4:3f:fa:
c0:15:d0:1a:e2:80:6d:33:cf:9d:97:ef:cc:5b:7f:e6:b8:e5:
48:cb:ab:67:d8:16:82:82:a3:c8:fc:2b:b6:8e:37:98:5f:26:
f7:c9:93:22:ab:1c:55:1a:e4:ca:f1:3e:20:14:cd:96:ac:55:
8c:a6:2a:4e:a2:d9:c6:ea:a7:f7:ca:4c:db:f5:a5:91:2c:3d:
e0:21:58:99:93:c0:51:0a:0b:75:d7:ac:09:03:7d:2d:f8:eb:
b0:ed:08:46:c2:04:7d:a2:02:eb:8b:17:33:71:13:f5:d8:7d:
98:6c:7b:e7:e9:0f:e2:1e:5b:48:68:cc:f2:c5:03:9b:ca:6b:
33:33:ea:f2:8a:f0:1f:be:2f:f1:6e:61:11:62:ca:18:3a:49:
c6:78:95:3f:f4:0f:54:ad:dc:bf:77:4f:7c:9f:a8:9f:a0:4f:
cd:a6:e8:e2:e0:d4:23:b5:ec:82:9e:14:3b:2d:a6:45:b0:37:
a9:40:19:07
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYxz6vIkbgo3TcyFRCP+29RcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMjE2MTgzNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzZkYTkwMTFhNzQwNjk1NzViYjVlYmRhODhlNTk2MGQzYmYwZjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9uYzglRRSlzmf/bJrJAHvJkTMiM
3Omd83J8XhlbjgDE7z28nq3jbG5CftaBI6jajmezw4UYqgRGFDUfHMNkiu6oIYxp
LXfZ1VilTzVwwpEwiHulKvmOl2y+32g8rvsHXeIm1UU2zm2GG+wm5Ubm2nytw5C0
hYy0lJzqc3EPInHNSMCui8H/86Upks/iUNm60RiQ8eHn18b7hjnCSIWreEc8XLGg
IRyiUTWfzaUVzN1ObXu47tSXtUX+hUZR8qhFQbpMBN8iXlXgaCWvFjvWA7eNKaLI
SaeqbmLGHNc5yjlpQOfQ5f6kFDZIZsP2NZO9krC5MAhQMXtBHZcv12+LvQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPxtqQEadAaVdbtevaiOWWDTvw9CMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvX0cycEFScDBCcFYxdTE2OXFJNVpZTk9fRDBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKg6XwAOw
AwcAKg6xByesAwcAKg6xByfHMA0GCSqGSIb3DQEBCwUAA4IBAQCPfGS5XlZhbr7M
voZRmDe4tEyBAemO7kj9iQQUwanXAeKyECTQvTaeY46pUJte7PfgszNFpXtfwHlM
rVZdhc1meQqDtD30P/rAFdAa4oBtM8+dl+/MW3/muOVIy6tn2BaCgqPI/Cu2jjeY
Xyb3yZMiqxxVGuTK8T4gFM2WrFWMpipOotnG6qf3ykzb9aWRLD3gIViZk8BRCgt1
16wJA30t+Ouw7QhGwgR9ogLrixczcRP12H2YbHvn6Q/iHltIaMzyxQObymszM+ry
ivAfvi/xbmERYsoYOknGeJU/9A9Urdy/d098n6ifoE/Npuji4NQjteyCnhQ7LaZF
sDepQBkH
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:32 2024 by rpki-client on console-fra.rpki-client.org