Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_VA5bJi3KPWBaexDVNZVfSfOpRw.roa
File: _VA5bJi3KPWBaexDVNZVfSfOpRw.roa (raw, json)
Hash identifier: guFvrv4ncu37DtB7xeokKLoerKodEAx/lvNwn8WkCfE=
Subject key identifier: FD:50:39:6C:98:B7:28:F5:81:69:EC:43:54:D6:55:7D:27:CE:A5:1C
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7C19485B47B7D670405D1A3CDD3C2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_VA5bJi3KPWBaexDVNZVfSfOpRw.roa
Signing time: Mon 02 Jan 2023 05:15:14 +0000
ROA not before: Mon 02 Jan 2023 05:15:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205043
IP address blocks: 2a0e:97c0:b10::/44 maxlen: 48
2a10:cc44:1b0::/44 maxlen: 48
Validation: Failed, certificate revoked on Sun 27 Aug 2023 17:32:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:c1:94:85:b4:7b:7d:67:04:05:d1:a3:cd:d3:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd50396c98b728f58169ec4354d6557d27cea51c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:2e:b3:28:f4:35:79:99:c4:1d:8c:c2:10:1c:
02:b2:c4:6f:6c:90:a8:8d:cf:dc:40:8f:4c:9e:b2:
93:45:e0:27:f1:94:69:11:63:42:01:b6:e1:51:4a:
65:a5:f6:df:8c:41:f2:42:b1:43:2a:7d:6e:53:04:
0d:13:c5:44:1a:75:71:c4:e1:41:e5:ca:10:55:c7:
94:5b:16:d7:68:59:d5:39:93:63:8d:82:31:12:75:
65:45:00:a7:80:13:ae:b9:f4:9a:18:16:41:c8:e2:
8b:9b:54:a3:b1:d8:40:7d:5d:6a:e7:cd:e2:1e:4f:
be:28:1f:5a:f0:7a:09:8c:f2:59:8d:89:14:50:53:
dc:1a:5a:16:74:24:cc:71:48:50:b5:4e:85:42:70:
a4:f0:ae:60:b0:2e:f7:be:05:4b:5b:a5:8f:70:09:
a6:ae:78:cc:8f:dd:e2:c1:59:e5:fa:50:b4:09:33:
f2:32:ec:ab:f3:18:d1:74:89:88:64:61:cc:2b:da:
ba:5d:87:26:ab:26:d9:0c:28:f6:42:c2:cd:3e:02:
71:7d:53:63:f6:6a:3f:12:31:d1:5f:98:ea:0e:16:
fa:11:b1:7c:95:6c:9d:65:b5:80:38:d6:65:3f:29:
6b:8f:db:3e:5f:89:a5:e0:a3:c4:f6:84:47:21:c8:
a9:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:50:39:6C:98:B7:28:F5:81:69:EC:43:54:D6:55:7D:27:CE:A5:1C
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_VA5bJi3KPWBaexDVNZVfSfOpRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:b10::/44
2a10:cc44:1b0::/44
Signature Algorithm: sha256WithRSAEncryption
cb:b3:9d:b5:0a:ea:84:85:23:06:75:e0:1d:f4:ce:21:2b:4b:
a2:69:3f:50:b1:f5:32:50:78:ba:4a:32:9a:e7:04:e9:74:99:
43:43:8c:4e:23:86:d0:0f:f4:47:d2:0a:c6:23:26:b4:3e:b0:
3c:67:62:31:30:cc:a6:ef:66:73:46:55:e8:4f:6b:a7:d5:f7:
49:88:8a:21:4f:64:d5:2f:30:fd:ab:0a:dd:58:5f:2f:a7:e8:
fd:14:b2:1b:5f:38:9e:90:07:e0:2c:9f:8f:12:2e:58:b1:7a:
36:34:59:d4:27:89:44:6e:79:cd:48:e0:70:36:a7:bd:d9:99:
2a:19:bc:31:1d:04:b2:94:9c:1c:fe:d4:fc:d9:c7:65:ab:e5:
e3:3e:0a:68:96:33:70:a7:e7:d8:2e:56:93:a4:88:94:16:07:
48:b4:c6:2b:98:e5:62:d4:00:6b:4b:da:54:67:05:30:30:1d:
e1:ca:80:02:29:04:cd:eb:41:b6:80:b7:2e:d3:10:a3:bb:f7:
9a:68:f2:57:22:2e:9f:5e:b7:7c:58:0c:3a:5e:9d:80:9c:6d:
ce:e2:e9:96:27:0e:d8:73:05:f6:c5:e0:1f:99:ed:f3:20:05:
1a:00:a5:90:d0:a2:10:5e:5f:0e:84:cf:2c:6a:1f:bf:2d:36:
f3:2b:7d:59
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw58GUhbR7fWcEBdGjzdPCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDUwMzk2Yzk4YjcyOGY1ODE2OWVjNDM1NGQ2NTU3ZDI3Y2VhNTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1i6zKPQ1eZnEHYzCEBwCssRvbJCo
jc/cQI9MnrKTReAn8ZRpEWNCAbbhUUplpfbfjEHyQrFDKn1uUwQNE8VEGnVxxOFB
5coQVceUWxbXaFnVOZNjjYIxEnVlRQCngBOuufSaGBZByOKLm1SjsdhAfV1q583i
Hk++KB9a8HoJjPJZjYkUUFPcGloWdCTMcUhQtU6FQnCk8K5gsC73vgVLW6WPcAmm
rnjMj93iwVnl+lC0CTPyMuyr8xjRdImIZGHMK9q6XYcmqybZDCj2QsLNPgJxfVNj
9mo/EjHRX5jqDhb6EbF8lWydZbWAONZlPylrj9s+X4ml4KPE9oRHIciprwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP1QOWyYtyj1gWnsQ1TWVX0nzqUcMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvX1ZBNWJKaTNLUFdCYWV4RFZOWlZmU2ZPcFJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6XwAsQ
AwcEKhDMRAGwMA0GCSqGSIb3DQEBCwUAA4IBAQDLs521CuqEhSMGdeAd9M4hK0ui
aT9QsfUyUHi6SjKa5wTpdJlDQ4xOI4bQD/RH0grGIya0PrA8Z2IxMMym72ZzRlXo
T2un1fdJiIohT2TVLzD9qwrdWF8vp+j9FLIbXziekAfgLJ+PEi5YsXo2NFnUJ4lE
bnnNSOBwNqe92ZkqGbwxHQSylJwc/tT82cdlq+XjPgpoljNwp+fYLlaTpIiUFgdI
tMYrmOVi1ABrS9pUZwUwMB3hyoACKQTN60G2gLcu0xCju/eaaPJXIi6fXrd8WAw6
Xp2AnG3O4umWJw7YcwX2xeAfme3zIAUaAKWQ0KIQXl8OhM8sah+/LTbzK31Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:06 2024 by rpki-client on console-ams.rpki-client.org