Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/c-JfJ9WTYiossQKu8w0Nyi1E8vQ.roa
File: c-JfJ9WTYiossQKu8w0Nyi1E8vQ.roa (raw, json)
Hash identifier: W0kwOmr6lKV4TkB4U8BHvhmPOJ+ZXNESb4UY5o5jZXM=
Subject key identifier: 73:E2:5F:27:D5:93:62:2A:2C:B1:02:AE:F3:0D:0D:CA:2D:44:F2:F4
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018990DB20DA25C120EB2D33B19DBBA11956
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/c-JfJ9WTYiossQKu8w0Nyi1E8vQ.roa
Signing time: Wed 26 Jul 2023 06:20:27 +0000
ROA not before: Wed 26 Jul 2023 06:20:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202002
IP address blocks: 2a0e:b107:1d14::/48 maxlen: 48
2a0e:b107:1d11::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:90:db:20:da:25:c1:20:eb:2d:33:b1:9d:bb:a1:19:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 26 06:20:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73e25f27d593622a2cb102aef30d0dca2d44f2f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e8:6c:b2:31:c2:53:6d:ff:c0:f4:6c:5b:34:
74:24:bb:5d:9d:76:7c:56:12:b6:b6:21:e7:6d:5f:
f6:5e:95:75:7f:77:a3:57:8f:65:85:1b:4b:bd:bb:
1c:c0:3f:6f:62:f8:98:a6:48:ee:09:a7:2d:3b:e6:
61:5d:8e:af:7c:7e:9c:17:38:b2:84:7e:d2:71:a2:
1a:5c:75:2c:18:f1:39:d2:63:4d:28:8a:a8:ea:60:
71:9b:47:7e:c9:7a:04:a7:67:28:33:78:34:00:b8:
59:07:05:09:3d:2e:20:19:c7:16:e6:3e:2a:0b:0e:
80:29:60:50:eb:83:71:ce:6f:c8:5d:69:7c:11:01:
31:e6:b4:40:d1:73:7a:33:5a:d9:6a:04:dc:3f:ca:
42:b3:b7:f4:7c:7e:f6:eb:22:ad:a8:e9:81:b3:20:
f1:d0:19:bd:8b:c8:64:1b:ea:91:29:0d:e7:66:fa:
ed:30:81:ee:c0:9c:e2:6d:c4:cb:13:8e:8b:6c:64:
1e:23:9d:25:c8:82:f4:84:cb:30:8a:42:9d:54:12:
cf:96:ac:88:ae:73:93:f1:48:42:8b:d5:d4:b6:ad:
fa:9c:bb:cf:29:28:52:59:ab:dc:ef:4c:47:8d:18:
bb:8b:50:6c:ca:c0:06:ae:d2:d7:87:3b:17:1b:d9:
72:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:E2:5F:27:D5:93:62:2A:2C:B1:02:AE:F3:0D:0D:CA:2D:44:F2:F4
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/c-JfJ9WTYiossQKu8w0Nyi1E8vQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1d11::/48
2a0e:b107:1d14::/48
Signature Algorithm: sha256WithRSAEncryption
ab:0c:a8:a1:23:46:51:64:7d:3e:c4:fd:50:2c:54:1b:5b:d5:
c3:b8:2c:08:1b:f8:6a:b3:ad:62:8b:ef:dc:d7:80:96:fd:ff:
ae:b1:f3:17:9c:dc:1d:47:9d:00:16:2c:c1:eb:30:df:d4:a0:
4d:e0:19:18:87:e3:3d:59:e3:a2:fe:86:42:cf:38:64:63:49:
c0:ff:ae:67:78:83:f6:ef:f6:17:86:2f:d7:05:84:1c:ff:41:
cd:cd:bb:37:b7:7c:29:57:2c:66:3f:fe:e1:25:85:a7:a7:45:
27:57:71:f8:15:d7:5d:d8:40:31:a0:38:f9:d2:c6:8e:6b:47:
64:f8:d6:91:ee:54:89:d4:c6:e3:32:58:87:7e:91:fd:50:a4:
73:f7:40:18:f9:a8:5d:81:09:13:8d:d2:6a:3a:b7:4d:1a:99:
a2:f6:f6:26:ab:91:1f:63:c5:2c:d1:55:0e:bf:e5:c8:2a:ef:
e5:2d:f4:ce:8a:ae:20:1d:76:04:eb:87:99:8f:ab:f0:56:d4:
83:71:bc:39:4a:b0:00:c3:ad:1e:27:e6:84:6b:d6:96:2f:7d:
ae:a8:b6:a1:f0:d7:0f:bb:77:45:1e:1e:bb:a6:d7:85:30:c6:
5e:77:a7:57:a3:20:9b:dc:b5:66:3e:08:dd:b4:ba:71:cd:5f:
a3:ab:38:e3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYmQ2yDaJcEg6y0zsZ27oRlWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNzI2MDYyMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2UyNWYyN2Q1OTM2MjJhMmNiMTAyYWVmMzBkMGRjYTJkNDRmMmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuhssjHCU23/wPRsWzR0JLtdnXZ8
VhK2tiHnbV/2XpV1f3ejV49lhRtLvbscwD9vYviYpkjuCactO+ZhXY6vfH6cFziy
hH7ScaIaXHUsGPE50mNNKIqo6mBxm0d+yXoEp2coM3g0ALhZBwUJPS4gGccW5j4q
Cw6AKWBQ64Nxzm/IXWl8EQEx5rRA0XN6M1rZagTcP8pCs7f0fH726yKtqOmBsyDx
0Bm9i8hkG+qRKQ3nZvrtMIHuwJzibcTLE46LbGQeI50lyIL0hMswikKdVBLPlqyI
rnOT8UhCi9XUtq36nLvPKShSWavc70xHjRi7i1BsysAGrtLXhzsXG9lyZwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHPiXyfVk2IqLLECrvMNDcotRPL0MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvYy1KZko5V1RZaW9zc1FLdTh3ME55aTFFOHZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6xBx0R
AwcAKg6xBx0UMA0GCSqGSIb3DQEBCwUAA4IBAQCrDKihI0ZRZH0+xP1QLFQbW9XD
uCwIG/hqs61ii+/c14CW/f+usfMXnNwdR50AFizB6zDf1KBN4BkYh+M9WeOi/oZC
zzhkY0nA/65neIP27/YXhi/XBYQc/0HNzbs3t3wpVyxmP/7hJYWnp0UnV3H4Fddd
2EAxoDj50saOa0dk+NaR7lSJ1MbjMliHfpH9UKRz90AY+ahdgQkTjdJqOrdNGpmi
9vYmq5EfY8Us0VUOv+XIKu/lLfTOiq4gHXYE64eZj6vwVtSDcbw5SrAAw60eJ+aE
a9aWL32uqLah8NcPu3dFHh67pteFMMZed6dXoyCb3LVmPgjdtLpxzV+jqzjj
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:51 2024 by rpki-client on console-ams.rpki-client.org