Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/cf_1i5mbtr5Q0irVT5WupK34tPM.roa
File: cf_1i5mbtr5Q0irVT5WupK34tPM.roa (raw, json)
Hash identifier: 5S8tt+SlV6/5odQ4uf7T4jdloqjZUmJp3vepjsIssY4=
Subject key identifier: 71:FF:F5:8B:99:9B:B6:BE:50:D2:2A:D5:4F:95:AE:A4:AD:F8:B4:F3
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185DE40AB7239E6032D46DFE321065EFE81
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/cf_1i5mbtr5Q0irVT5WupK34tPM.roa
Signing time: Mon 23 Jan 2023 10:50:58 +0000
ROA not before: Mon 23 Jan 2023 10:50:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201412
IP address blocks: 2a0e:97c0:c70::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:de:40:ab:72:39:e6:03:2d:46:df:e3:21:06:5e:fe:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 23 10:50:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71fff58b999bb6be50d22ad54f95aea4adf8b4f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e3:4f:66:e6:65:10:7c:31:08:03:20:eb:42:
79:24:49:3e:69:75:80:ef:7e:fe:14:7b:d9:8f:e9:
b2:7b:5b:bb:b4:e3:f3:08:18:62:20:94:cb:af:24:
36:d8:13:00:36:6e:56:1d:42:ab:1a:14:78:ad:48:
e3:da:f4:b8:44:26:95:e8:7d:5a:5a:e7:8a:80:db:
70:6f:46:08:32:dd:82:78:cb:fe:ac:e2:51:7b:32:
d6:43:91:aa:74:85:16:82:72:0b:70:2c:97:33:79:
20:7b:08:1d:7c:72:fb:f5:00:53:ba:f3:3d:ba:fe:
f3:64:7c:7b:92:b8:0e:e0:92:01:39:54:f4:dc:14:
9c:14:9f:f4:8a:9a:e0:06:66:97:00:f6:18:64:34:
0f:d4:82:e0:c2:1e:3f:a1:53:5d:6c:0e:fa:09:2d:
3a:40:9f:26:91:1c:94:68:48:7a:93:35:8a:47:60:
af:38:82:4b:47:09:ff:95:8e:38:80:ec:39:22:60:
21:13:9a:1d:ce:87:5f:6a:ce:54:34:10:08:78:c6:
1c:9f:9f:11:52:fa:47:72:b7:d8:57:b9:25:50:da:
86:e9:d8:e1:22:69:43:ac:59:0a:10:44:39:44:66:
4a:cc:79:46:0e:cf:20:6d:01:68:18:2e:a6:30:35:
59:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:FF:F5:8B:99:9B:B6:BE:50:D2:2A:D5:4F:95:AE:A4:AD:F8:B4:F3
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/cf_1i5mbtr5Q0irVT5WupK34tPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:c70::/44
Signature Algorithm: sha256WithRSAEncryption
2b:34:c1:f6:3f:7d:2d:24:af:36:da:7d:55:ab:50:bc:00:13:
98:77:5f:a5:80:a5:5a:06:67:9f:bf:bd:86:ea:53:cb:4f:32:
98:36:9f:ab:eb:ca:7b:c2:a0:66:1f:40:bb:63:7f:93:ca:d9:
39:10:bc:64:2d:5d:f8:a8:d3:d2:31:14:c1:df:2c:a2:90:2d:
aa:9e:22:8a:d1:60:a9:37:d0:6a:45:1a:43:8f:86:a9:78:ab:
24:2d:e2:b0:ff:0c:fe:a1:23:95:5f:f0:98:21:ce:66:c9:57:
1b:a2:54:2d:d7:0e:e5:1e:e4:56:30:40:4c:e3:38:8f:f9:de:
0b:d9:fd:33:46:3b:d3:5f:7e:d9:5f:67:59:1f:89:5d:41:2f:
37:87:db:d5:7b:5f:e8:47:ec:c1:75:a8:7e:33:35:c5:7c:18:
69:e5:34:fe:4e:43:3c:27:9c:f0:b2:77:0f:b3:65:ec:44:d0:
11:e5:21:e0:1f:5d:79:d6:c3:d6:e0:29:19:f1:59:95:79:0e:
f7:4c:1c:b9:be:b4:d8:7b:aa:c0:09:42:a5:ca:2d:47:20:67:
67:3b:86:82:31:16:81:4b:22:33:c7:e6:e9:0b:d9:10:f4:10:
62:9b:ad:c4:92:a4:7f:86:3b:a3:42:38:1d:30:e7:f6:c2:37:
a2:60:51:9e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXeQKtyOeYDLUbf4yEGXv6BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTIzMTA1MDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWZmZjU4Yjk5OWJiNmJlNTBkMjJhZDU0Zjk1YWVhNGFkZjhiNGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+NPZuZlEHwxCAMg60J5JEk+aXWA
737+FHvZj+mye1u7tOPzCBhiIJTLryQ22BMANm5WHUKrGhR4rUjj2vS4RCaV6H1a
WueKgNtwb0YIMt2CeMv+rOJRezLWQ5GqdIUWgnILcCyXM3kgewgdfHL79QBTuvM9
uv7zZHx7krgO4JIBOVT03BScFJ/0iprgBmaXAPYYZDQP1ILgwh4/oVNdbA76CS06
QJ8mkRyUaEh6kzWKR2CvOIJLRwn/lY44gOw5ImAhE5odzodfas5UNBAIeMYcn58R
UvpHcrfYV7klUNqG6djhImlDrFkKEEQ5RGZKzHlGDs8gbQFoGC6mMDVZ2wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHH/9YuZm7a+UNIq1U+VrqSt+LTzMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvY2ZfMWk1bWJ0cjVRMGlyVlQ1V3VwSzM0dFBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAxw
MA0GCSqGSIb3DQEBCwUAA4IBAQArNMH2P30tJK822n1Vq1C8ABOYd1+lgKVaBmef
v72G6lPLTzKYNp+r68p7wqBmH0C7Y3+Tytk5ELxkLV34qNPSMRTB3yyikC2qniKK
0WCpN9BqRRpDj4apeKskLeKw/wz+oSOVX/CYIc5myVcbolQt1w7lHuRWMEBM4ziP
+d4L2f0zRjvTX37ZX2dZH4ldQS83h9vVe1/oR+zBdah+MzXFfBhp5TT+TkM8J5zw
sncPs2XsRNAR5SHgH1151sPW4CkZ8VmVeQ73TBy5vrTYe6rACUKlyi1HIGdnO4aC
MRaBSyIzx+bpC9kQ9BBim63EkqR/hjujQjgdMOf2wjeiYFGe
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:01 2023 by rpki-client on console-ams.rpki-client.org