Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/bqXKR1cP_gCzaLOyrXLV-LJIi98.roa
File: bqXKR1cP_gCzaLOyrXLV-LJIi98.roa (raw, json)
Hash identifier: l4N4TGuFjFghQwVIC6c7UqEE0KYn1QEfqzcrt/dXYY4=
Subject key identifier: 6E:A5:CA:47:57:0F:FE:00:B3:68:B3:B2:AD:72:D5:F8:B2:48:8B:DF
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018B779F636EB7346B46A6E3C532140CF294
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/bqXKR1cP_gCzaLOyrXLV-LJIi98.roa
Signing time: Sat 28 Oct 2023 18:50:16 +0000
ROA not before: Sat 28 Oct 2023 18:50:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216112
IP address blocks: 2a0e:97c0:de0::/44 maxlen: 48
2a0e:97c0:de1::/48 maxlen: 48
2a0e:97c0:de2::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:77:9f:63:6e:b7:34:6b:46:a6:e3:c5:32:14:0c:f2:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 28 18:50:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ea5ca47570ffe00b368b3b2ad72d5f8b2488bdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:aa:f8:fc:5f:fe:19:46:d2:f5:0c:e7:6e:5b:
34:9e:bc:7d:0f:ca:5b:c2:21:d4:53:24:b3:5b:86:
31:06:b4:69:a2:b7:cf:1e:f4:82:55:ef:a4:ac:64:
b1:85:f1:2a:9c:b5:82:93:f6:79:68:d3:a3:e4:88:
0f:4b:8c:73:a8:7e:75:66:1c:d9:ab:6a:f5:80:e1:
78:60:fb:69:17:56:6a:e8:e7:b8:55:44:69:40:3b:
40:49:93:74:ec:dc:c2:2c:31:a3:91:3c:59:98:ed:
0f:42:af:68:03:c2:2f:e6:02:78:1c:76:b8:e4:b2:
b4:f9:51:0e:6b:21:11:d8:aa:ff:4a:16:03:a4:10:
94:4e:cd:27:89:69:9b:0a:b0:17:eb:07:ba:9c:27:
b0:79:cb:7b:1b:74:88:c2:3b:5a:6c:da:f5:5f:64:
bf:07:bc:4f:3e:d4:68:8f:02:14:e0:32:19:55:ce:
76:6f:42:3f:44:26:75:98:dd:da:47:2d:af:69:92:
da:c7:8f:cb:39:b6:d4:1e:35:33:1e:cd:70:e2:40:
b1:0a:31:ac:b6:79:81:56:b5:00:56:f4:e4:82:a0:
cb:54:a4:0d:30:a6:bb:12:b5:f0:10:ed:6b:c2:30:
e9:f4:b6:ba:15:f7:e0:0b:05:f1:e3:42:d0:7a:5d:
a5:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:A5:CA:47:57:0F:FE:00:B3:68:B3:B2:AD:72:D5:F8:B2:48:8B:DF
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/bqXKR1cP_gCzaLOyrXLV-LJIi98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:de0::/44
Signature Algorithm: sha256WithRSAEncryption
1e:39:5a:26:3b:03:63:98:3f:89:91:8c:79:49:d5:b3:00:1d:
4d:48:1a:e5:e5:a3:bc:de:bf:b5:1d:da:31:35:7e:04:8a:7d:
7f:a0:6d:2a:aa:b0:57:a8:a9:0a:84:1c:5b:95:f6:1e:11:bf:
63:c7:59:25:dd:8a:f3:16:9f:05:df:ee:73:9d:dc:6f:67:fd:
9c:5c:c3:35:96:7d:14:93:aa:cc:16:b0:58:cb:f3:6e:0c:e8:
79:8c:2c:47:64:ca:01:0c:8a:ec:69:0a:e8:62:02:6a:ad:27:
80:52:81:1c:f8:10:c3:4a:ca:0c:fa:d1:99:01:d0:01:d2:23:
bb:33:10:7a:c7:21:6e:c0:46:2e:f8:03:da:ba:48:02:97:b5:
24:9a:41:96:c3:04:93:6c:4c:84:58:52:7b:12:c6:5b:84:c3:
ef:36:74:2c:01:b4:7f:64:19:89:89:1c:ff:74:cf:00:43:32:
68:1f:e2:df:13:94:68:2c:49:81:0d:78:ad:68:b3:85:43:61:
8b:67:df:da:3f:e9:35:00:20:ff:8f:31:b9:d6:b5:5b:90:64:
fe:db:70:30:9a:02:0f:75:cf:6c:37:3c:e6:a6:97:8e:54:7d:
b5:4a:0b:c7:3d:bf:47:1a:72:dc:32:49:df:a6:a6:03:d7:d8:
9d:a9:f9:3e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYt3n2NutzRrRqbjxTIUDPKUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMDI4MTg1MDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWE1Y2E0NzU3MGZmZTAwYjM2OGIzYjJhZDcyZDVmOGIyNDg4YmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6r4/F/+GUbS9Qznbls0nrx9D8pb
wiHUUySzW4YxBrRporfPHvSCVe+krGSxhfEqnLWCk/Z5aNOj5IgPS4xzqH51ZhzZ
q2r1gOF4YPtpF1Zq6Oe4VURpQDtASZN07NzCLDGjkTxZmO0PQq9oA8Iv5gJ4HHa4
5LK0+VEOayER2Kr/ShYDpBCUTs0niWmbCrAX6we6nCewect7G3SIwjtabNr1X2S/
B7xPPtRojwIU4DIZVc52b0I/RCZ1mN3aRy2vaZLax4/LObbUHjUzHs1w4kCxCjGs
tnmBVrUAVvTkgqDLVKQNMKa7ErXwEO1rwjDp9La6FffgCwXx40LQel2lPQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFG6lykdXD/4As2izsq1y1fiySIvfMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvYnFYS1IxY1BfZ0N6YUxPeXJYTFYtTEpJaTk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwA3g
MA0GCSqGSIb3DQEBCwUAA4IBAQAeOVomOwNjmD+JkYx5SdWzAB1NSBrl5aO83r+1
HdoxNX4Ein1/oG0qqrBXqKkKhBxblfYeEb9jx1kl3YrzFp8F3+5zndxvZ/2cXMM1
ln0Uk6rMFrBYy/NuDOh5jCxHZMoBDIrsaQroYgJqrSeAUoEc+BDDSsoM+tGZAdAB
0iO7MxB6xyFuwEYu+APaukgCl7UkmkGWwwSTbEyEWFJ7EsZbhMPvNnQsAbR/ZBmJ
iRz/dM8AQzJoH+LfE5RoLEmBDXitaLOFQ2GLZ9/aP+k1ACD/jzG51rVbkGT+23Aw
mgIPdc9sNzzmppeOVH21SgvHPb9HGnLcMknfpqYD19idqfk+
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:32 2024 by rpki-client on console-fra.rpki-client.org