Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/d7JR5HqfrWZDKErPHtv0IkOLugM.roa
File: d7JR5HqfrWZDKErPHtv0IkOLugM.roa (raw, json)
Hash identifier: M7OoIjo9l+TiLrxtId4ojmp9gbn/ODnwONXRwbjRnhE=
Subject key identifier: 77:B2:51:E4:7A:9F:AD:66:43:28:4A:CF:1E:DB:F4:22:43:8B:BA:03
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7D852E14445190DB1BFA8BB415D61
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/d7JR5HqfrWZDKErPHtv0IkOLugM.roa
Signing time: Mon 02 Jan 2023 05:15:20 +0000
ROA not before: Mon 02 Jan 2023 05:15:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208840
IP address blocks: 2a0e:97c0:bd0::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:d8:52:e1:44:45:19:0d:b1:bf:a8:bb:41:5d:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77b251e47a9fad6643284acf1edbf422438bba03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:32:70:a1:87:30:4c:b2:a7:40:f3:b2:4d:4f:
72:74:1e:fd:3f:d1:a4:44:dc:06:21:67:e5:b2:71:
32:a3:69:28:43:6d:9e:9b:3b:53:57:2b:f2:e3:04:
fd:22:02:d8:f5:af:a0:d1:b6:ea:87:fc:73:06:54:
e9:f4:6b:99:b5:67:76:1a:e8:02:d7:82:45:b4:ed:
3f:12:0d:8b:85:0f:6f:14:7f:1f:4d:a5:9b:76:e0:
e6:2c:c5:40:63:59:3c:43:aa:b5:f1:d3:db:e0:f7:
d3:77:65:68:8c:4e:a0:3e:1d:84:45:de:f4:ff:98:
1e:c9:42:c1:05:16:0d:ac:0f:f1:61:a6:60:d6:8c:
f4:75:f0:87:15:75:cd:6c:78:84:02:3a:cd:22:b9:
2e:34:92:35:1c:31:21:a5:d1:fb:57:75:a5:3d:3a:
80:ab:8d:cd:39:b3:a0:39:bd:0e:ad:b2:5a:3f:f7:
2a:f5:d8:c1:f4:3a:0d:1d:7a:87:8f:63:d8:b3:c7:
e6:84:46:79:7f:85:38:ce:16:90:07:3c:6e:e8:eb:
83:51:5e:cb:89:7a:9a:0c:df:50:8a:52:24:1b:e8:
62:b3:b7:cf:4d:62:f1:27:33:bc:2e:55:e3:bb:a8:
95:35:18:de:e2:40:c7:23:c9:74:7f:d9:a1:f7:9a:
e4:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:B2:51:E4:7A:9F:AD:66:43:28:4A:CF:1E:DB:F4:22:43:8B:BA:03
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/d7JR5HqfrWZDKErPHtv0IkOLugM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:bd0::/44
Signature Algorithm: sha256WithRSAEncryption
9d:a8:27:30:fe:5b:a4:e0:ca:35:81:52:a6:35:f1:f0:d9:73:
3c:4c:bf:77:65:e4:69:04:0a:4f:a5:10:c3:07:43:75:fc:86:
ed:73:a3:00:d9:c9:0a:7f:80:26:2d:40:67:10:5d:ef:c7:12:
72:2e:5d:88:15:61:bf:4c:ba:70:86:9b:34:70:c6:23:ca:7a:
ac:f8:bc:a6:4d:6d:9b:b3:66:a3:6a:d7:88:4c:80:20:68:78:
b0:c3:5c:68:47:79:a2:e1:da:fc:0c:2f:59:21:d5:89:d3:01:
cd:5a:89:95:bb:e8:45:b1:27:e1:72:5d:1f:0d:3b:2c:a8:4a:
ae:e7:93:49:62:94:c2:77:55:af:d3:43:68:09:a2:39:1d:18:
5a:c5:a5:6d:44:33:9c:13:2c:85:98:b2:bf:77:b1:d7:00:31:
5d:95:61:1a:ec:a4:99:64:f2:c4:0b:66:fc:14:7f:c0:d1:08:
24:1d:5e:5e:1f:15:7e:ec:6f:c1:2e:4a:94:cc:95:c6:55:20:
dc:a2:a6:75:e1:c9:8d:c5:93:5a:dd:a7:81:fa:6a:b6:48:12:
a1:f3:a8:8c:af:f5:e3:cc:44:46:c7:9f:c0:03:40:13:ee:77:
d5:17:05:d8:b3:2d:df:89:36:96:32:a7:54:23:81:ba:a9:b6:
39:d9:30:de
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw59hS4URFGQ2xv6i7QV1hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2IyNTFlNDdhOWZhZDY2NDMyODRhY2YxZWRiZjQyMjQzOGJiYTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszJwoYcwTLKnQPOyTU9ydB79P9Gk
RNwGIWflsnEyo2koQ22emztTVyvy4wT9IgLY9a+g0bbqh/xzBlTp9GuZtWd2GugC
14JFtO0/Eg2LhQ9vFH8fTaWbduDmLMVAY1k8Q6q18dPb4PfTd2VojE6gPh2ERd70
/5geyULBBRYNrA/xYaZg1oz0dfCHFXXNbHiEAjrNIrkuNJI1HDEhpdH7V3WlPTqA
q43NObOgOb0OrbJaP/cq9djB9DoNHXqHj2PYs8fmhEZ5f4U4zhaQBzxu6OuDUV7L
iXqaDN9QilIkG+his7fPTWLxJzO8LlXju6iVNRje4kDHI8l0f9mh95rkGQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHeyUeR6n61mQyhKzx7b9CJDi7oDMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZDdKUjVIcWZyV1pES0VyUEh0djBJa09MdWdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAvQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCdqCcw/luk4Mo1gVKmNfHw2XM8TL93ZeRpBApP
pRDDB0N1/Ibtc6MA2ckKf4AmLUBnEF3vxxJyLl2IFWG/TLpwhps0cMYjynqs+Lym
TW2bs2ajateITIAgaHiww1xoR3mi4dr8DC9ZIdWJ0wHNWomVu+hFsSfhcl0fDTss
qEqu55NJYpTCd1Wv00NoCaI5HRhaxaVtRDOcEyyFmLK/d7HXADFdlWEa7KSZZPLE
C2b8FH/A0QgkHV5eHxV+7G/BLkqUzJXGVSDcoqZ14cmNxZNa3aeB+mq2SBKh86iM
r/XjzERGx5/AA0AT7nfVFwXYsy3fiTaWMqdUI4G6qbY52TDe
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:32 2024 by rpki-client on console-fra.rpki-client.org