Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aZHjjnSgD6V72uI0IE90OVm4s_Q.roa
File: aZHjjnSgD6V72uI0IE90OVm4s_Q.roa (raw, json)
Hash identifier: t3gNqCZgL4yU8Zc0QLCByGsndZ3TUuEi+pu951xb1AQ=
Subject key identifier: 69:91:E3:8E:74:A0:0F:A5:7B:DA:E2:34:20:4F:74:39:59:B8:B3:F4
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7E36DEBDCEEFD8BE825706310189C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aZHjjnSgD6V72uI0IE90OVm4s_Q.roa
Signing time: Mon 02 Jan 2023 05:15:23 +0000
ROA not before: Mon 02 Jan 2023 05:15:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210074
IP address blocks: 2a10:2f00:17b::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:e3:6d:eb:dc:ee:fd:8b:e8:25:70:63:10:18:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6991e38e74a00fa57bdae234204f743959b8b3f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a9:e6:28:65:be:2e:c0:8d:ca:bf:a8:58:bc:
52:94:70:68:9b:d1:61:37:91:5c:7b:7a:3f:c1:42:
c3:cd:7c:bb:d2:4f:3c:2e:61:aa:51:ff:6c:b7:e0:
7c:f7:32:88:f2:62:12:d8:26:3e:4e:21:66:00:71:
6a:da:db:bf:ed:74:e8:6c:40:e0:b2:bb:82:5a:81:
a6:9f:b9:2f:9b:d4:a5:cf:69:3d:98:7f:55:d6:7f:
d6:3e:b7:f8:c7:2d:03:f0:e4:da:22:ec:91:61:e0:
15:3e:eb:04:c6:8f:7c:2f:d3:5d:07:d9:09:81:9e:
17:2a:6c:79:86:05:20:21:12:2a:1b:e5:8a:51:2a:
a7:f2:a6:cb:ec:b5:02:9c:9a:d3:c1:a4:be:18:7e:
56:ac:69:7b:b1:91:40:52:01:bb:4d:d3:33:01:c8:
b1:61:46:ce:7a:55:7b:6d:31:ff:af:ff:83:04:d6:
d1:3f:16:2a:bb:1c:aa:f0:37:6e:30:e7:66:bf:b1:
b9:bf:54:e6:1c:76:1e:25:77:a5:77:58:3b:fa:cb:
43:58:7e:df:7a:a1:0d:37:82:74:d2:e4:25:4b:42:
86:ed:9a:e1:be:fd:3f:09:ac:4a:4d:f2:4e:94:f0:
13:c5:7a:58:ea:a2:30:fc:d3:31:20:bb:7c:27:50:
df:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:91:E3:8E:74:A0:0F:A5:7B:DA:E2:34:20:4F:74:39:59:B8:B3:F4
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aZHjjnSgD6V72uI0IE90OVm4s_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:2f00:17b::/48
Signature Algorithm: sha256WithRSAEncryption
35:56:5b:d7:e4:d2:3f:03:0c:41:b5:88:8d:b7:b2:38:0e:5d:
0e:a0:30:a6:43:d7:9d:18:61:fb:b7:87:2a:80:20:f9:f7:fe:
d7:19:c7:c8:8c:b7:65:73:19:aa:13:22:92:71:2b:81:c9:1f:
9d:39:37:dc:2c:8c:e4:f4:00:aa:ef:c1:cc:53:cc:b1:d2:15:
40:da:cf:98:38:12:3e:b0:f3:ab:94:a2:c6:c4:72:3d:5c:c0:
02:ea:7a:f9:af:cd:74:0d:a8:f6:83:ad:4e:23:ed:6f:ab:f9:
93:ac:06:ac:24:27:09:b3:1a:2b:38:15:cd:b1:14:ae:4b:a5:
41:16:75:94:51:ce:58:24:54:de:ad:c3:70:c6:56:06:68:b6:
20:e4:57:76:51:f1:5f:41:4e:4e:34:31:02:8d:0f:cd:14:2c:
75:11:6a:f2:05:0b:fd:88:ce:e6:dc:bb:c0:f3:f8:c7:84:1d:
cf:f9:1f:36:0e:2b:42:5c:41:2a:61:f5:26:88:71:e6:c0:98:
c4:17:40:e8:4c:cd:49:c6:a0:26:14:15:1b:e8:98:c2:a4:3f:
c2:ef:35:ce:5e:e8:ff:bf:47:90:40:6b:f4:df:0f:a8:25:4d:
91:48:5e:27:09:3a:05:33:12:3f:a4:3b:2d:97:3f:d8:05:01:
26:26:5e:ae
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw5+Nt69zu/YvoJXBjEBicMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTkxZTM4ZTc0YTAwZmE1N2JkYWUyMzQyMDRmNzQzOTU5YjhiM2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqnmKGW+LsCNyr+oWLxSlHBom9Fh
N5Fce3o/wULDzXy70k88LmGqUf9st+B89zKI8mIS2CY+TiFmAHFq2tu/7XTobEDg
sruCWoGmn7kvm9Slz2k9mH9V1n/WPrf4xy0D8OTaIuyRYeAVPusExo98L9NdB9kJ
gZ4XKmx5hgUgIRIqG+WKUSqn8qbL7LUCnJrTwaS+GH5WrGl7sZFAUgG7TdMzAcix
YUbOelV7bTH/r/+DBNbRPxYquxyq8DduMOdmv7G5v1TmHHYeJXeld1g7+stDWH7f
eqENN4J00uQlS0KG7Zrhvv0/CaxKTfJOlPATxXpY6qIw/NMxILt8J1DfWQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGmR4450oA+le9riNCBPdDlZuLP0MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvYVpIampuU2dENlY3MnVJMElFOTBPVm00c19RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhAvAAF7
MA0GCSqGSIb3DQEBCwUAA4IBAQA1VlvX5NI/AwxBtYiNt7I4Dl0OoDCmQ9edGGH7
t4cqgCD59/7XGcfIjLdlcxmqEyKScSuByR+dOTfcLIzk9ACq78HMU8yx0hVA2s+Y
OBI+sPOrlKLGxHI9XMAC6nr5r810Daj2g61OI+1vq/mTrAasJCcJsxorOBXNsRSu
S6VBFnWUUc5YJFTercNwxlYGaLYg5Fd2UfFfQU5ONDECjQ/NFCx1EWryBQv9iM7m
3LvA8/jHhB3P+R82DitCXEEqYfUmiHHmwJjEF0DoTM1JxqAmFBUb6JjCpD/C7zXO
Xuj/v0eQQGv03w+oJU2RSF4nCToFMxI/pDstlz/YBQEmJl6u
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:32 2024 by rpki-client on console-fra.rpki-client.org