Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_iF5PTOVuPyHUZQJXXfsWNwctYI.roa
File: _iF5PTOVuPyHUZQJXXfsWNwctYI.roa (raw, json)
Hash identifier: pGduzigZ0ID+v5nG1Y7a9i/TJwR1bRgJkClZriDMbHM=
Subject key identifier: FE:21:79:3D:33:95:B8:FC:87:51:94:09:5D:77:EC:58:DC:1C:B5:82
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7EF6E4D9293DCE33B988F8130DF76
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_iF5PTOVuPyHUZQJXXfsWNwctYI.roa
Signing time: Mon 02 Jan 2023 05:15:26 +0000
ROA not before: Mon 02 Jan 2023 05:15:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210633
IP address blocks: 2a0e:b107:1880::/44 maxlen: 48
2a0e:b107:1960::/44 maxlen: 48
2a0e:b107:1888::/45 maxlen: 48
2a0e:b107:1880::/45 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:ef:6e:4d:92:93:dc:e3:3b:98:8f:81:30:df:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe21793d3395b8fc875194095d77ec58dc1cb582
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:3a:19:9b:a6:37:03:99:19:7b:64:28:2e:7b:
dd:f9:0a:9c:1e:fd:35:9a:e1:41:5e:18:bd:3d:5e:
e6:95:51:56:b3:07:9a:c3:d8:a2:e7:c2:af:65:e4:
ad:fa:ee:7d:59:24:21:7f:06:dc:78:92:b9:b2:0e:
ee:0a:59:4a:69:02:24:34:de:e9:cc:7b:48:54:44:
19:0f:8f:c5:01:52:c7:03:46:6d:44:b6:10:5b:4a:
0f:dc:e8:bd:62:da:71:62:4f:6b:aa:35:d9:56:a8:
55:73:04:c0:a2:1b:03:50:87:91:a0:7a:d5:a4:d0:
5a:c4:aa:2c:16:f7:6b:ef:74:f9:72:9d:69:d8:52:
03:85:66:af:40:23:89:37:0b:bc:89:0a:91:51:07:
67:85:a1:c5:a4:81:6f:64:23:fa:bb:90:75:f9:ef:
3f:8c:8e:e4:78:c0:8b:40:f4:e3:1e:09:43:ca:4c:
d6:c3:8f:82:3e:fb:cf:bb:64:31:82:49:b0:3c:46:
4d:f4:9d:4f:4f:3c:61:81:20:93:6c:17:8f:4a:22:
be:70:38:91:46:eb:03:1b:8a:80:d4:66:f5:c0:c1:
62:bb:36:38:e4:38:de:b6:4d:6b:65:11:fd:55:c4:
a4:99:08:32:d5:77:e7:0a:a4:15:d4:f9:15:b3:8e:
9d:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:21:79:3D:33:95:B8:FC:87:51:94:09:5D:77:EC:58:DC:1C:B5:82
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_iF5PTOVuPyHUZQJXXfsWNwctYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1880::/44
2a0e:b107:1960::/44
Signature Algorithm: sha256WithRSAEncryption
7d:fe:5d:f0:09:fe:72:98:2b:87:37:e9:5e:bc:a9:8c:71:3f:
d7:06:33:9c:82:3e:2c:c6:68:30:26:d0:25:63:60:7a:cf:84:
4f:32:e8:f5:ce:a7:06:d7:5b:17:dd:e0:54:00:8f:ce:c9:b3:
1e:4c:98:40:d1:47:be:b7:04:05:db:0d:83:ea:de:d0:be:60:
9c:5c:94:ff:82:07:20:3f:4b:b5:8e:f1:c9:bf:f0:c3:17:51:
76:fc:29:f2:dc:40:bd:2e:d4:fa:11:29:b8:e6:f6:a3:4c:8c:
13:64:de:06:0a:a5:d2:28:32:c7:e8:59:d7:48:a3:74:fa:63:
30:32:8a:e1:7a:aa:22:dc:9a:7d:b1:61:fd:06:d5:58:7e:9a:
86:ce:92:13:d4:ff:c3:e7:ac:81:7c:6d:3d:5c:12:c5:2e:ef:
3e:72:6b:03:d8:69:57:79:18:86:56:18:de:c9:c0:32:55:0d:
5a:ff:01:82:8e:a6:00:5a:d7:e3:2c:13:da:a1:1f:c7:ec:4b:
5b:76:9d:88:b9:a6:f5:a6:99:d8:1a:12:23:65:8e:68:56:33:
e6:ca:c8:59:92:ef:34:36:4f:25:c7:98:cb:ae:82:13:98:72:
31:21:de:01:b1:bf:19:5d:48:38:97:0c:73:45:a9:fd:4b:f5:
93:0e:0d:c4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw5+9uTZKT3OM7mI+BMN92MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTIxNzkzZDMzOTViOGZjODc1MTk0MDk1ZDc3ZWM1OGRjMWNiNTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzoZm6Y3A5kZe2QoLnvd+QqcHv01
muFBXhi9PV7mlVFWsweaw9ii58KvZeSt+u59WSQhfwbceJK5sg7uCllKaQIkNN7p
zHtIVEQZD4/FAVLHA0ZtRLYQW0oP3Oi9YtpxYk9rqjXZVqhVcwTAohsDUIeRoHrV
pNBaxKosFvdr73T5cp1p2FIDhWavQCOJNwu8iQqRUQdnhaHFpIFvZCP6u5B1+e8/
jI7keMCLQPTjHglDykzWw4+CPvvPu2QxgkmwPEZN9J1PTzxhgSCTbBePSiK+cDiR
RusDG4qA1Gb1wMFiuzY45Djetk1rZRH9VcSkmQgy1XfnCqQV1PkVs46dJQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP4heT0zlbj8h1GUCV137FjcHLWCMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvX2lGNVBUT1Z1UHlIVVpRSlhYZnNXTndjdFlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6xBxiA
AwcEKg6xBxlgMA0GCSqGSIb3DQEBCwUAA4IBAQB9/l3wCf5ymCuHN+levKmMcT/X
BjOcgj4sxmgwJtAlY2B6z4RPMuj1zqcG11sX3eBUAI/OybMeTJhA0Ue+twQF2w2D
6t7QvmCcXJT/ggcgP0u1jvHJv/DDF1F2/Cny3EC9LtT6ESm45vajTIwTZN4GCqXS
KDLH6FnXSKN0+mMwMorheqoi3Jp9sWH9BtVYfpqGzpIT1P/D56yBfG09XBLFLu8+
cmsD2GlXeRiGVhjeycAyVQ1a/wGCjqYAWtfjLBPaoR/H7Etbdp2Iuab1ppnYGhIj
ZY5oVjPmyshZku80Nk8lx5jLroITmHIxId4Bsb8ZXUg4lwxzRan9S/WTDg3E
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:01 2023 by rpki-client on console-ams.rpki-client.org