Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/amBN5Kb5xS539PTw-FbEIJiITHY.roa
File: amBN5Kb5xS539PTw-FbEIJiITHY.roa (raw, json)
Hash identifier: kO2mU6vqBZIAz45LcjJBDRd3cWnTlrxCaCU7lo0+Q1Y=
Subject key identifier: 6A:60:4D:E4:A6:F9:C5:2E:77:F4:F4:F0:F8:56:C4:20:98:88:4C:76
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0189777C6202D149D68AB5981EB95F8BE9A1
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/amBN5Kb5xS539PTw-FbEIJiITHY.roa
Signing time: Fri 21 Jul 2023 08:06:27 +0000
ROA not before: Fri 21 Jul 2023 08:06:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212504
IP address blocks: 2a0e:97c0:9f0::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:77:7c:62:02:d1:49:d6:8a:b5:98:1e:b9:5f:8b:e9:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 21 08:06:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a604de4a6f9c52e77f4f4f0f856c42098884c76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b4:c8:e5:11:1f:99:d9:6f:b2:a2:e9:57:b2:
7e:a6:e2:0d:68:b8:a1:c2:3a:c6:36:35:b9:b1:04:
3d:0f:e7:ce:66:0a:b2:3d:7e:1d:48:da:f9:77:2d:
4b:83:1d:d1:cd:67:f9:3c:c0:67:fb:c0:c3:a9:a7:
86:e4:3f:f1:4b:75:4b:2f:d5:48:d1:a4:2e:7e:aa:
a4:49:94:5a:1f:1a:c8:88:05:a1:2e:2e:33:ae:a9:
ed:9f:07:55:b3:a0:eb:f1:27:57:93:bd:3e:c4:56:
2c:c7:31:20:80:37:cb:94:10:a0:14:4f:cc:70:d4:
1b:ac:fa:e1:ca:8d:ed:95:19:cf:b0:62:0f:20:17:
82:7d:9e:5e:65:04:d4:9d:94:c4:25:be:14:ab:09:
20:7f:d7:3e:3c:d5:ba:42:f2:d7:94:73:a3:38:5b:
a9:0c:4e:4d:d4:65:ae:0a:02:8d:e1:2a:f3:30:1b:
6c:f9:e4:b1:24:49:72:68:77:de:90:7e:89:8d:93:
63:4d:39:20:15:1a:ef:d5:81:11:73:75:fd:7a:74:
27:3b:68:67:70:07:56:68:3a:35:dd:e0:f9:01:13:
8e:78:22:02:19:67:94:9d:be:d9:1c:2f:50:23:62:
a9:92:32:8a:36:6b:41:32:f5:d9:18:c7:c4:33:d1:
34:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:60:4D:E4:A6:F9:C5:2E:77:F4:F4:F0:F8:56:C4:20:98:88:4C:76
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/amBN5Kb5xS539PTw-FbEIJiITHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:9f0::/44
Signature Algorithm: sha256WithRSAEncryption
a1:71:34:ef:e7:87:3b:ca:71:50:96:7a:78:3f:b4:f5:d0:55:
cd:10:f2:70:71:32:5b:2d:a1:9b:e9:76:59:3a:42:82:0d:ad:
f1:ad:37:91:2e:7a:1b:97:35:f7:36:7e:bd:c5:fc:20:d8:ea:
d8:93:ea:2c:2e:a5:5d:38:39:68:ea:df:1a:03:41:c5:18:f1:
c1:26:e3:5c:1c:fe:a1:85:15:56:2e:f4:7b:87:97:54:28:6d:
88:36:f4:9b:09:bc:c9:ab:d8:4b:10:c5:96:23:df:66:c7:69:
57:cf:a4:ae:53:3b:5c:0e:0f:23:21:c2:3b:56:41:53:62:be:
cd:60:8e:d7:6c:8b:5b:33:4d:34:37:16:ec:39:97:7c:30:d7:
dd:50:0c:82:2c:39:c9:66:6f:1e:00:34:45:b0:fd:4d:bd:ca:
68:e1:7c:78:73:b5:f2:27:8e:32:79:0a:20:62:87:22:ea:56:
eb:1e:a2:9c:fc:c4:79:1a:96:b4:b0:f4:7d:3d:85:da:22:dd:
0a:46:a9:ec:8e:85:cb:6e:79:b6:8c:dc:39:fe:06:98:39:46:
94:cb:cd:69:7f:6f:dc:fe:d3:23:56:fe:d0:f5:06:e2:c3:eb:
41:25:90:17:3c:8a:ab:76:6d:0f:43:1a:b3:d6:90:0a:0a:12:
9e:81:0c:13
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYl3fGIC0UnWirWYHrlfi+mhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNzIxMDgwNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTYwNGRlNGE2ZjljNTJlNzdmNGY0ZjBmODU2YzQyMDk4ODg0Yzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7TI5REfmdlvsqLpV7J+puINaLih
wjrGNjW5sQQ9D+fOZgqyPX4dSNr5dy1Lgx3RzWf5PMBn+8DDqaeG5D/xS3VLL9VI
0aQufqqkSZRaHxrIiAWhLi4zrqntnwdVs6Dr8SdXk70+xFYsxzEggDfLlBCgFE/M
cNQbrPrhyo3tlRnPsGIPIBeCfZ5eZQTUnZTEJb4Uqwkgf9c+PNW6QvLXlHOjOFup
DE5N1GWuCgKN4SrzMBts+eSxJElyaHfekH6JjZNjTTkgFRrv1YERc3X9enQnO2hn
cAdWaDo13eD5AROOeCICGWeUnb7ZHC9QI2KpkjKKNmtBMvXZGMfEM9E0oQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGpgTeSm+cUud/T08PhWxCCYiEx2MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvYW1CTjVLYjV4UzUzOVBUdy1GYkVJSmlJVEhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAnw
MA0GCSqGSIb3DQEBCwUAA4IBAQChcTTv54c7ynFQlnp4P7T10FXNEPJwcTJbLaGb
6XZZOkKCDa3xrTeRLnoblzX3Nn69xfwg2OrYk+osLqVdODlo6t8aA0HFGPHBJuNc
HP6hhRVWLvR7h5dUKG2INvSbCbzJq9hLEMWWI99mx2lXz6SuUztcDg8jIcI7VkFT
Yr7NYI7XbItbM000NxbsOZd8MNfdUAyCLDnJZm8eADRFsP1Nvcpo4Xx4c7XyJ44y
eQogYoci6lbrHqKc/MR5Gpa0sPR9PYXaIt0KRqnsjoXLbnm2jNw5/gaYOUaUy81p
f2/c/tMjVv7Q9Qbiw+tBJZAXPIqrdm0PQxqz1pAKChKegQwT
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:51 2024 by rpki-client on console-ams.rpki-client.org