Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_nOoam9uemUY3mKHHL2WK-ymElk.roa
File: _nOoam9uemUY3mKHHL2WK-ymElk.roa (raw, json)
Hash identifier: BTlo9AxSO1XirAHpNKhbWNkTx1L5u+G0LhCUGKzCkmM=
Subject key identifier: FE:73:A8:6A:6F:6E:7A:65:18:DE:62:87:1C:BD:96:2B:EC:A6:12:59
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185C91F86A1AFDAF6C51253936FA2DC697F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_nOoam9uemUY3mKHHL2WK-ymElk.roa
Signing time: Thu 19 Jan 2023 08:22:44 +0000
ROA not before: Thu 19 Jan 2023 08:22:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212888
IP address blocks: 2a0e:b107:c00::/48 maxlen: 48
2a0e:b107:c00::/47 maxlen: 48
2a0e:b107:c02::/48 maxlen: 48
2a0e:b107:c01::/48 maxlen: 48
2a0e:b107:c03::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c9:1f:86:a1:af:da:f6:c5:12:53:93:6f:a2:dc:69:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 19 08:22:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe73a86a6f6e7a6518de62871cbd962beca61259
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c5:08:05:4f:c1:12:8c:1c:4f:2f:f8:53:6a:
4e:db:91:20:b4:2f:c9:4e:66:70:ed:f0:03:a7:32:
3a:73:24:18:44:7d:0a:51:3a:47:c1:6a:99:3d:39:
b0:10:07:83:c3:45:71:28:bd:30:da:68:83:2f:63:
fd:2c:55:11:42:16:f0:d3:10:72:15:bf:ef:43:25:
3a:6d:34:6c:ee:8f:e4:67:80:68:75:2e:62:3e:df:
8b:74:d4:1f:c7:99:a9:08:fb:63:4a:c4:34:cd:7c:
47:ac:f7:47:29:f1:fb:5a:54:0a:c8:36:07:43:5c:
f1:8e:ed:ed:56:3d:44:b8:73:d7:cb:dc:38:f2:85:
a1:98:2a:c3:c8:5b:79:b7:4e:da:36:70:6a:f0:b7:
59:ae:e6:12:e7:3e:5c:c5:91:65:ea:9d:20:76:05:
8c:f0:f7:f1:76:0f:ac:7d:66:40:a8:2e:7e:c6:62:
2e:7b:66:91:75:77:ab:7a:26:74:de:09:0b:84:2d:
1b:33:6e:b7:7f:bb:f1:76:d2:08:18:8a:1e:e6:7e:
b5:14:35:cb:64:8d:bc:12:b5:6c:f1:99:1c:9a:e1:
f9:2b:d9:df:b5:1e:70:26:d3:a3:a9:f8:12:6b:86:
b1:d4:27:c1:3f:6b:b7:64:8d:ec:9d:f5:7f:e2:13:
39:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:73:A8:6A:6F:6E:7A:65:18:DE:62:87:1C:BD:96:2B:EC:A6:12:59
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_nOoam9uemUY3mKHHL2WK-ymElk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:c00::/46
Signature Algorithm: sha256WithRSAEncryption
6b:34:8c:41:c9:07:c8:57:ea:71:7b:e0:9d:9b:cd:cc:97:b1:
a5:c4:55:a3:7b:fe:dc:95:9a:22:47:5d:97:ce:da:e1:dd:a7:
fd:4f:b4:5c:c4:7d:3c:8f:9f:99:86:2c:85:24:b8:c5:e6:4e:
55:74:30:d9:47:2c:d1:fa:79:a5:11:3d:57:29:49:d8:ea:dc:
71:5e:6e:f3:25:b9:90:3c:a8:81:ab:52:96:5f:e7:8b:e7:09:
6f:43:43:26:eb:5e:77:01:a5:b1:f0:ee:74:4d:92:52:97:11:
dd:52:f3:11:e5:61:ac:1e:c8:36:1f:90:2f:32:c2:66:e1:0a:
a4:5d:4d:17:25:8b:a4:66:e8:07:ef:6f:f7:13:d5:29:03:e4:
b9:c8:a8:48:8a:25:19:bb:dc:3f:3a:74:d5:01:54:19:f6:3b:
4a:b6:28:95:38:c9:fa:02:09:f0:ff:fb:f3:91:90:1f:81:81:
98:a7:01:67:c0:8c:bb:4f:2f:8b:59:72:2b:03:14:0a:6d:d6:
e2:9b:e1:69:71:a1:55:58:21:99:df:24:8b:f8:f3:64:8b:95:
f1:f5:26:b7:9a:e2:97:18:77:11:ff:20:bc:ad:40:36:5a:4f:
1f:c1:52:13:c0:89:4c:73:ce:93:de:73:a2:10:a7:78:d5:98:
ed:ec:f5:c9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXJH4ahr9r2xRJTk2+i3Gl/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTE5MDgyMjQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTczYTg2YTZmNmU3YTY1MThkZTYyODcxY2JkOTYyYmVjYTYxMjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMUIBU/BEowcTy/4U2pO25EgtC/J
TmZw7fADpzI6cyQYRH0KUTpHwWqZPTmwEAeDw0VxKL0w2miDL2P9LFURQhbw0xBy
Fb/vQyU6bTRs7o/kZ4BodS5iPt+LdNQfx5mpCPtjSsQ0zXxHrPdHKfH7WlQKyDYH
Q1zxju3tVj1EuHPXy9w48oWhmCrDyFt5t07aNnBq8LdZruYS5z5cxZFl6p0gdgWM
8Pfxdg+sfWZAqC5+xmIue2aRdXereiZ03gkLhC0bM263f7vxdtIIGIoe5n61FDXL
ZI28ErVs8ZkcmuH5K9nftR5wJtOjqfgSa4ax1CfBP2u3ZI3snfV/4hM5SwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFP5zqGpvbnplGN5ihxy9livsphJZMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvX25Pb2FtOXVlbVVZM21LSEhMMldLLXltRWxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKg6xBwwA
MA0GCSqGSIb3DQEBCwUAA4IBAQBrNIxByQfIV+pxe+Cdm83Ml7GlxFWje/7clZoi
R12Xztrh3af9T7RcxH08j5+ZhiyFJLjF5k5VdDDZRyzR+nmlET1XKUnY6txxXm7z
JbmQPKiBq1KWX+eL5wlvQ0Mm6153AaWx8O50TZJSlxHdUvMR5WGsHsg2H5AvMsJm
4QqkXU0XJYukZugH72/3E9UpA+S5yKhIiiUZu9w/OnTVAVQZ9jtKtiiVOMn6Agnw
//vzkZAfgYGYpwFnwIy7Ty+LWXIrAxQKbdbim+FpcaFVWCGZ3ySL+PNki5Xx9Sa3
muKXGHcR/yC8rUA2Wk8fwVITwIlMc86T3nOiEKd41Zjt7PXJ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:17 2023 by rpki-client on console-fra.rpki-client.org