Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aO8f85JCsrcwMyApMKMcXT_RTfk.roa
File: aO8f85JCsrcwMyApMKMcXT_RTfk.roa (raw, json)
Hash identifier: ESvOTyAQYJLyw9y08WluA7E0m7maZi0naRTT/JY8jls=
Subject key identifier: 68:EF:1F:F3:92:42:B2:B7:30:33:20:29:30:A3:1C:5D:3F:D1:4D:F9
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48B03B563B22A9034E6234CFD2FED5C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aO8f85JCsrcwMyApMKMcXT_RTfk.roa
Signing time: Tue 24 Jan 2023 16:09:53 +0000
ROA not before: Tue 24 Jan 2023 16:09:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212270
IP address blocks: 2a0e:b107:1210::/44 maxlen: 48
2a0e:b107:f50::/44 maxlen: 48
2a0e:b107:1510::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8b:03:b5:63:b2:2a:90:34:e6:23:4c:fd:2f:ed:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68ef1ff39242b2b73033202930a31c5d3fd14df9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:3e:6e:ec:5c:a2:77:bc:a9:f2:14:b9:67:62:
d7:b8:ce:e8:26:7b:a5:f1:25:33:1f:2e:77:43:e4:
e5:b2:52:ff:3b:34:d7:d8:83:d8:7d:da:77:6a:d8:
f8:40:29:b8:b7:cc:c2:5d:c2:7d:d6:4a:c8:7e:70:
e9:d0:6b:ac:db:7d:62:af:3f:73:e6:f6:06:f1:99:
44:35:38:8f:89:ee:8f:04:20:d4:52:1f:36:38:ad:
01:7a:b3:77:19:04:bd:39:d8:8e:03:01:92:d0:46:
de:55:62:ae:89:d2:9c:0f:1f:b9:f4:70:43:71:87:
b3:7e:f8:64:53:82:84:e6:ab:37:e0:d8:f5:4d:b9:
2e:71:0f:6b:87:2a:51:cc:39:9e:87:65:5e:9d:c4:
63:bb:76:ce:5f:ed:ec:0f:4a:65:8f:09:b8:98:5c:
34:6c:6d:6a:a1:11:59:01:99:86:8d:24:61:c2:a1:
5d:f2:1e:d9:fb:91:14:95:a5:05:cd:db:a7:a1:d8:
1c:9d:c9:0e:51:db:bf:53:d0:33:36:d5:63:87:9c:
2c:44:6b:ea:31:21:04:db:f2:08:fe:a5:a4:9d:14:
b3:c8:e7:16:93:7d:be:1a:d0:99:a7:1b:8e:a5:7f:
cc:45:51:f9:1a:df:69:dd:a1:1c:6f:16:fa:fb:07:
b2:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:EF:1F:F3:92:42:B2:B7:30:33:20:29:30:A3:1C:5D:3F:D1:4D:F9
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aO8f85JCsrcwMyApMKMcXT_RTfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:f50::/44
2a0e:b107:1210::/44
2a0e:b107:1510::/44
Signature Algorithm: sha256WithRSAEncryption
58:02:63:0d:d8:d1:01:dc:dc:9b:38:ca:33:1c:f0:eb:b8:2b:
33:5f:3a:58:4d:e1:7b:38:47:d5:1b:6e:84:14:e0:48:b8:09:
38:fe:82:64:5d:52:a6:0e:3d:b7:2b:20:ad:fe:0e:06:ee:42:
83:ab:25:5d:18:4b:58:83:d0:02:ef:4c:1a:f9:4e:ad:b0:2c:
c1:ae:ea:d1:06:9c:5e:bb:53:64:4b:c8:9e:03:70:04:65:8b:
4a:f8:68:bd:69:eb:c5:65:31:12:39:4a:d7:7d:2d:af:ad:fc:
d9:a3:8c:4d:88:1a:93:32:0e:aa:b9:c3:18:46:c8:a4:14:53:
9c:4a:b5:c7:b5:e7:70:f5:11:13:bb:7d:60:5e:eb:89:49:fc:
97:c1:fb:75:c5:ce:98:32:53:52:f3:da:12:64:f2:ba:eb:69:
c5:23:d2:f6:c0:84:42:8f:d0:a8:0d:99:64:12:09:17:1c:57:
00:b7:bd:ac:2a:63:9a:15:d2:a1:18:d2:f4:4c:6f:72:69:2e:
19:be:d9:ef:75:6e:0b:c6:ac:9f:07:19:99:05:11:e3:cc:5f:
b9:60:cb:2d:da:79:69:22:a1:bd:3d:4a:7e:2f:14:35:86:88:
53:b5:52:c3:0b:77:65:96:dd:53:7d:77:2c:7d:bf:88:a0:34:
1b:5b:72:13
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYXkiwO1Y7IqkDTmI0z9L+1cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGVmMWZmMzkyNDJiMmI3MzAzMzIwMjkzMGEzMWM1ZDNmZDE0ZGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiz5u7Fyid7yp8hS5Z2LXuM7oJnul
8SUzHy53Q+TlslL/OzTX2IPYfdp3atj4QCm4t8zCXcJ91krIfnDp0Gus231irz9z
5vYG8ZlENTiPie6PBCDUUh82OK0BerN3GQS9OdiOAwGS0EbeVWKuidKcDx+59HBD
cYezfvhkU4KE5qs34Nj1TbkucQ9rhypRzDmeh2VencRju3bOX+3sD0pljwm4mFw0
bG1qoRFZAZmGjSRhwqFd8h7Z+5EUlaUFzdunodgcnckOUdu/U9AzNtVjh5wsRGvq
MSEE2/II/qWknRSzyOcWk32+GtCZpxuOpX/MRVH5Gt9p3aEcbxb6+wey+QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGjvH/OSQrK3MDMgKTCjHF0/0U35MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvYU84Zjg1SkNzcmN3TXlBcE1LTWNYVF9SVGZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcEKg6xBw9Q
AwcEKg6xBxIQAwcEKg6xBxUQMA0GCSqGSIb3DQEBCwUAA4IBAQBYAmMN2NEB3Nyb
OMozHPDruCszXzpYTeF7OEfVG26EFOBIuAk4/oJkXVKmDj23KyCt/g4G7kKDqyVd
GEtYg9AC70wa+U6tsCzBrurRBpxeu1NkS8ieA3AEZYtK+Gi9aevFZTESOUrXfS2v
rfzZo4xNiBqTMg6qucMYRsikFFOcSrXHtedw9RETu31gXuuJSfyXwft1xc6YMlNS
89oSZPK662nFI9L2wIRCj9CoDZlkEgkXHFcAt72sKmOaFdKhGNL0TG9yaS4Zvtnv
dW4LxqyfBxmZBRHjzF+5YMst2nlpIqG9PUp+LxQ1hohTtVLDC3dllt1TfXcsfb+I
oDQbW3IT
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:32 2024 by rpki-client on console-fra.rpki-client.org