Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/c2nWHzmrFS04SIB8CNTcrQJWw58.roa
File: c2nWHzmrFS04SIB8CNTcrQJWw58.roa (raw, json)
Hash identifier: rSJixHzeqX8hlEmgQlqaaKCnCzUL/lnpmtzyd9ArCCQ=
Subject key identifier: 73:69:D6:1F:39:AB:15:2D:38:48:80:7C:08:D4:DC:AD:02:56:C3:9F
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7AFFD8D12B0622669589A154237DD
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/c2nWHzmrFS04SIB8CNTcrQJWw58.roa
Signing time: Mon 02 Jan 2023 05:15:10 +0000
ROA not before: Mon 02 Jan 2023 05:15:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203490
IP address blocks: 2a0e:97c0:ba0::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:af:fd:8d:12:b0:62:26:69:58:9a:15:42:37:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7369d61f39ab152d3848807c08d4dcad0256c39f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:27:38:22:eb:0a:43:c0:fa:7b:43:16:46:3c:
d1:c8:33:c5:f0:07:b7:3d:52:4f:22:66:dd:91:d3:
34:98:26:37:94:34:f1:92:16:25:3d:f9:d6:35:e6:
a7:2b:14:9f:7b:36:b9:a8:a1:8f:bf:44:30:55:14:
db:de:82:07:15:0d:b1:d1:67:78:46:7a:01:83:88:
3a:60:3d:86:29:45:03:7c:50:67:55:0a:1e:d1:54:
a4:16:c7:5e:21:4c:74:b3:97:66:4c:af:73:e7:54:
a0:28:de:4d:f3:91:b3:70:93:a9:fd:ac:a2:b9:0a:
cd:d1:47:26:bc:4f:8f:2d:c9:ca:2b:e3:5f:40:d5:
0c:c7:7e:46:c3:2e:53:58:bf:71:cc:35:b9:d7:38:
81:77:08:5d:04:ec:ba:d1:d0:4c:a7:64:4b:77:64:
12:31:cb:bd:63:c5:ac:62:a0:71:13:0c:82:16:9e:
8f:83:3c:c8:56:cc:99:a4:79:2a:90:05:ea:cf:4f:
af:3c:f7:39:8c:9c:a2:47:4e:e8:05:33:fb:96:f1:
7d:79:6e:50:2c:32:96:69:16:d2:50:da:44:11:7d:
3a:02:d5:59:71:6e:08:18:7f:f7:5a:a6:bf:80:d4:
f9:5a:74:c0:eb:ab:31:77:05:78:0b:f7:88:66:77:
4b:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:69:D6:1F:39:AB:15:2D:38:48:80:7C:08:D4:DC:AD:02:56:C3:9F
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/c2nWHzmrFS04SIB8CNTcrQJWw58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:ba0::/44
Signature Algorithm: sha256WithRSAEncryption
b8:7b:c3:68:3e:84:95:99:51:38:3c:07:89:57:1f:99:74:eb:
b4:23:79:d0:ff:46:f3:e3:38:65:ee:0a:4b:6b:31:8c:9b:0e:
13:9d:d6:95:63:7d:98:c9:6d:c8:f0:9b:d1:08:b9:91:71:ed:
10:32:e6:28:5b:73:dd:8e:bf:90:3c:02:9a:03:d8:35:b2:4e:
60:80:ac:a2:5a:d9:4c:6f:10:97:c1:28:10:12:09:92:51:6c:
c8:3e:d9:56:2d:d6:eb:25:fb:44:79:d4:a2:da:a3:64:e8:88:
6b:d7:0e:93:be:f4:ae:79:cf:0b:00:59:4d:da:4f:c8:07:81:
2d:59:5e:f0:58:08:b1:35:91:81:c1:dd:96:44:a8:51:ca:3d:
7d:75:28:75:c2:8e:bc:25:7d:3b:87:31:9e:bd:a8:4e:98:a1:
99:d1:b3:9b:fa:7d:12:aa:8e:30:0c:77:98:93:2b:83:44:40:
f1:ff:1d:db:4e:16:46:ee:1f:03:51:cd:0b:6f:6a:13:43:84:
48:a1:df:6d:5b:df:a5:1c:f4:34:71:1f:9c:33:bc:e1:34:31:
67:04:bd:63:0e:dd:87:ae:9e:92:b8:28:19:94:6c:d6:8f:30:
29:b5:92:60:03:1a:7a:07:3e:4a:eb:e1:3c:c3:9a:91:8d:99:
8f:23:c7:a0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw56/9jRKwYiZpWJoVQjfdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzY5ZDYxZjM5YWIxNTJkMzg0ODgwN2MwOGQ0ZGNhZDAyNTZjMzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyc4IusKQ8D6e0MWRjzRyDPF8Ae3
PVJPImbdkdM0mCY3lDTxkhYlPfnWNeanKxSfeza5qKGPv0QwVRTb3oIHFQ2x0Wd4
RnoBg4g6YD2GKUUDfFBnVQoe0VSkFsdeIUx0s5dmTK9z51SgKN5N85GzcJOp/ayi
uQrN0UcmvE+PLcnKK+NfQNUMx35Gwy5TWL9xzDW51ziBdwhdBOy60dBMp2RLd2QS
Mcu9Y8WsYqBxEwyCFp6PgzzIVsyZpHkqkAXqz0+vPPc5jJyiR07oBTP7lvF9eW5Q
LDKWaRbSUNpEEX06AtVZcW4IGH/3Wqa/gNT5WnTA66sxdwV4C/eIZndLIQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHNp1h85qxUtOEiAfAjU3K0CVsOfMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvYzJuV0h6bXJGUzA0U0lCOENOVGNyUUpXdzU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAug
MA0GCSqGSIb3DQEBCwUAA4IBAQC4e8NoPoSVmVE4PAeJVx+ZdOu0I3nQ/0bz4zhl
7gpLazGMmw4TndaVY32YyW3I8JvRCLmRce0QMuYoW3Pdjr+QPAKaA9g1sk5ggKyi
WtlMbxCXwSgQEgmSUWzIPtlWLdbrJftEedSi2qNk6Ihr1w6TvvSuec8LAFlN2k/I
B4EtWV7wWAixNZGBwd2WRKhRyj19dSh1wo68JX07hzGevahOmKGZ0bOb+n0Sqo4w
DHeYkyuDREDx/x3bThZG7h8DUc0Lb2oTQ4RIod9tW9+lHPQ0cR+cM7zhNDFnBL1j
Dt2Hrp6SuCgZlGzWjzAptZJgAxp6Bz5K6+E8w5qRjZmPI8eg
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:51 2024 by rpki-client on console-ams.rpki-client.org