Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/bg5nQtkflzqC3kLsalRhzOqDOBM.roa
File: bg5nQtkflzqC3kLsalRhzOqDOBM.roa (raw, json)
Hash identifier: xfGnia4LU62OL+zaCxLjnHgRR+vLWp3KoTG4TTjWD6I=
Subject key identifier: 6E:0E:67:42:D9:1F:97:3A:82:DE:42:EC:6A:54:61:CC:EA:83:38:13
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E82D32C0389D67A5259771668A4BE6
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/bg5nQtkflzqC3kLsalRhzOqDOBM.roa
Signing time: Mon 02 Jan 2023 05:15:42 +0000
ROA not before: Mon 02 Jan 2023 05:15:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213377
IP address blocks: 2a0e:b107:1080::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e8:2d:32:c0:38:9d:67:a5:25:97:71:66:8a:4b:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e0e6742d91f973a82de42ec6a5461ccea833813
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:18:30:48:2e:d8:e6:5b:4c:31:74:3d:3d:4e:
56:90:95:f9:c9:c7:44:6c:a7:ef:7e:d6:ef:29:4d:
69:76:ca:ea:1e:5f:c0:d1:b1:f3:31:05:57:ef:5e:
3f:c8:8f:eb:2d:47:9a:ad:36:f4:ae:ee:7a:8e:3d:
ca:09:e5:ea:35:e1:77:da:74:43:68:af:c1:20:cc:
68:4f:9c:55:7d:a0:d8:0a:92:e8:7d:63:61:7b:0c:
7e:27:57:09:74:63:e0:e8:a4:6f:d6:16:e3:5b:9d:
4c:e7:8d:a3:2a:91:d0:c9:98:10:25:95:0d:6f:05:
8c:d2:bc:82:57:3f:bc:09:d0:e0:a4:ea:83:40:c3:
7e:70:5e:5d:1b:a7:12:6a:aa:74:39:c0:01:6f:2b:
b8:35:f5:da:ab:8d:b1:45:16:35:d2:fc:70:56:cb:
05:1b:b1:8d:12:4b:ec:66:d6:c3:2b:28:12:6c:b1:
35:ad:4c:9d:55:f4:d1:66:5e:85:12:69:8d:23:19:
6e:29:0b:ce:86:64:ec:57:28:23:30:40:0c:bc:b8:
0a:cf:1b:06:cf:80:b5:52:6c:09:a7:9d:86:7c:0d:
f4:90:1d:4c:87:8a:78:30:29:92:d5:38:6e:66:7c:
72:26:fb:f8:08:46:0b:c3:12:fc:0c:d2:0d:59:3d:
9b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:0E:67:42:D9:1F:97:3A:82:DE:42:EC:6A:54:61:CC:EA:83:38:13
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/bg5nQtkflzqC3kLsalRhzOqDOBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1080::/44
Signature Algorithm: sha256WithRSAEncryption
1c:3d:16:e3:73:e8:e9:34:17:1e:2e:8c:3b:3c:dc:2f:32:b5:
38:bb:40:8c:31:37:08:d8:27:26:1c:ef:80:c5:13:2e:6a:a6:
8b:bb:02:02:7e:58:c7:19:6b:f6:e3:b8:14:a3:39:3f:70:6d:
ff:75:37:72:9e:95:02:26:21:fa:ea:26:d2:44:bf:76:a3:1c:
06:ee:33:05:bf:93:13:1f:1e:85:08:cd:55:65:cc:d1:92:b9:
62:ea:a5:90:5f:c1:eb:63:f3:63:c0:fa:47:34:03:29:80:a1:
ca:90:9e:d7:91:99:de:2d:c6:c2:b1:15:39:55:b0:78:3d:d0:
d1:82:71:76:52:78:75:46:d6:32:65:65:0f:cf:6a:a6:99:4e:
91:c9:cb:ba:73:fe:78:e0:f7:a2:f8:43:25:e3:27:89:30:6b:
bb:ca:07:da:0b:1d:38:36:7e:68:5b:5e:59:89:e0:53:03:af:
f0:db:5d:71:5c:e2:c1:3b:fe:df:9c:b1:83:a2:3c:0e:69:43:
2f:3c:68:a5:cf:45:ad:61:a9:db:73:cf:cb:8c:81:ad:4c:71:
b9:8e:05:5d:d3:1f:46:6a:44:6d:0b:8a:c7:7c:73:08:c4:90:
b2:8e:c1:a7:6c:30:4b:14:1e:46:31:87:84:f0:15:75:4f:93:
e5:2b:02:90
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw6C0ywDidZ6Ull3FmikvmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTBlNjc0MmQ5MWY5NzNhODJkZTQyZWM2YTU0NjFjY2VhODMzODEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRgwSC7Y5ltMMXQ9PU5WkJX5ycdE
bKfvftbvKU1pdsrqHl/A0bHzMQVX714/yI/rLUearTb0ru56jj3KCeXqNeF32nRD
aK/BIMxoT5xVfaDYCpLofWNhewx+J1cJdGPg6KRv1hbjW51M542jKpHQyZgQJZUN
bwWM0ryCVz+8CdDgpOqDQMN+cF5dG6cSaqp0OcABbyu4NfXaq42xRRY10vxwVssF
G7GNEkvsZtbDKygSbLE1rUydVfTRZl6FEmmNIxluKQvOhmTsVygjMEAMvLgKzxsG
z4C1UmwJp52GfA30kB1Mh4p4MCmS1ThuZnxyJvv4CEYLwxL8DNINWT2buwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFG4OZ0LZH5c6gt5C7GpUYczqgzgTMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvYmc1blF0a2ZsenFDM2tMc2FsUmh6T3FET0JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBxCA
MA0GCSqGSIb3DQEBCwUAA4IBAQAcPRbjc+jpNBceLow7PNwvMrU4u0CMMTcI2Ccm
HO+AxRMuaqaLuwICfljHGWv247gUozk/cG3/dTdynpUCJiH66ibSRL92oxwG7jMF
v5MTHx6FCM1VZczRkrli6qWQX8HrY/NjwPpHNAMpgKHKkJ7XkZneLcbCsRU5VbB4
PdDRgnF2Unh1RtYyZWUPz2qmmU6Rycu6c/544Pei+EMl4yeJMGu7ygfaCx04Nn5o
W15ZieBTA6/w211xXOLBO/7fnLGDojwOaUMvPGilz0WtYanbc8/LjIGtTHG5jgVd
0x9GakRtC4rHfHMIxJCyjsGnbDBLFB5GMYeE8BV1T5PlKwKQ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:01 2023 by rpki-client on console-ams.rpki-client.org