Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dNHindNIP5cDJ6Xbe_nxKKZLcOw.roa
File: dNHindNIP5cDJ6Xbe_nxKKZLcOw.roa (raw, json)
Hash identifier: aXBn5uRu1DB08+ZRShxhzhoI6yCj1GbP4/CKQCjqrGc=
Subject key identifier: 74:D1:E2:9D:D3:48:3F:97:03:27:A5:DB:7B:F9:F1:28:A6:4B:70:EC
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018AC36960E72783D161F887517F06CD6FD7
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dNHindNIP5cDJ6Xbe_nxKKZLcOw.roa
Signing time: Sat 23 Sep 2023 18:59:37 +0000
ROA not before: Sat 23 Sep 2023 18:59:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209949
IP address blocks: 2a0e:97c0:d20::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c3:69:60:e7:27:83:d1:61:f8:87:51:7f:06:cd:6f:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 23 18:59:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74d1e29dd3483f970327a5db7bf9f128a64b70ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a8:9c:2b:f8:71:3e:1c:0e:f4:13:ea:d1:58:
46:76:37:2f:bf:f1:4a:31:48:af:ff:31:ed:8e:a5:
4c:e6:19:0f:2c:43:78:ed:2f:15:6e:02:37:60:8f:
2d:21:79:e9:7b:cb:ad:48:e5:20:b8:e1:98:d2:db:
a7:16:24:3f:e5:3a:59:b3:7a:28:8f:1b:b5:25:cd:
78:8f:bd:32:c9:ea:fa:fd:cc:c2:92:21:0d:74:e0:
89:aa:b0:84:62:1f:37:9d:c7:fd:6e:66:6f:ef:2f:
23:b7:a4:63:fa:86:05:98:32:75:22:72:5f:5e:e3:
33:65:8f:50:b5:14:e2:a8:af:50:95:58:6a:3a:c0:
60:45:4b:58:d1:ce:16:dd:74:ed:50:00:3f:0d:50:
a3:bb:3d:a2:62:0b:19:66:12:2c:d1:7c:0d:94:8d:
ec:87:27:c5:40:0c:62:9b:29:c4:8e:36:54:d0:b7:
b1:9c:b2:3a:03:de:ff:24:da:64:ab:b4:2d:94:90:
75:e8:e8:94:d9:8f:88:40:0b:f5:d3:84:3c:af:7b:
a4:4f:0f:e7:e0:26:09:48:d6:2c:75:73:fb:23:11:
8f:38:c7:b1:f0:e4:f7:c7:f7:e6:44:22:23:a5:6e:
10:d9:bc:98:dd:97:4a:73:09:a6:7c:0a:61:61:8f:
92:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:D1:E2:9D:D3:48:3F:97:03:27:A5:DB:7B:F9:F1:28:A6:4B:70:EC
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dNHindNIP5cDJ6Xbe_nxKKZLcOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:d20::/44
Signature Algorithm: sha256WithRSAEncryption
9f:85:f1:c3:0a:74:7d:c7:a4:70:5e:f7:13:8c:c4:2c:e8:77:
f7:84:11:63:98:b0:ef:b2:de:b9:0c:56:b8:10:70:4b:e3:8d:
9e:31:4f:50:cc:1b:81:f9:d7:80:5a:28:eb:35:9f:b9:ae:d8:
8a:93:4a:f2:98:25:7f:fc:eb:4a:2f:d6:34:cb:55:ef:9d:d3:
25:6d:fe:6b:39:0f:54:94:49:32:a0:95:56:48:45:95:66:fb:
9c:81:0f:41:15:99:02:1e:64:db:9f:79:ba:35:50:d6:c5:61:
67:f4:9d:79:9b:f1:66:0c:1d:0a:b6:b3:5b:ea:37:d9:31:f5:
a3:c1:d0:fd:8f:0c:49:7c:1d:26:39:d1:fb:b8:35:ef:84:e9:
54:6b:30:d5:26:1e:f3:06:f0:6c:63:5c:82:38:3f:4b:f8:01:
40:a4:f2:f4:58:7a:c7:29:f3:21:79:94:45:37:c8:52:18:cb:
bf:3b:83:e4:45:fe:73:2b:25:f8:0e:87:a6:c9:6c:6e:a3:c8:
86:10:11:5c:53:13:7f:bb:a3:12:9e:84:2e:88:65:3a:b8:d4:
ec:cf:c0:05:c3:55:2f:8a:5a:0d:ef:cd:78:00:ed:2e:30:90:
c0:0f:67:1a:f8:d9:ff:57:1b:82:dc:59:57:c0:cf:0b:93:72:
42:f4:62:94
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYrDaWDnJ4PRYfiHUX8GzW/XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwOTIzMTg1OTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGQxZTI5ZGQzNDgzZjk3MDMyN2E1ZGI3YmY5ZjEyOGE2NGI3MGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqicK/hxPhwO9BPq0VhGdjcvv/FK
MUiv/zHtjqVM5hkPLEN47S8VbgI3YI8tIXnpe8utSOUguOGY0tunFiQ/5TpZs3oo
jxu1Jc14j70yyer6/czCkiENdOCJqrCEYh83ncf9bmZv7y8jt6Rj+oYFmDJ1InJf
XuMzZY9QtRTiqK9QlVhqOsBgRUtY0c4W3XTtUAA/DVCjuz2iYgsZZhIs0XwNlI3s
hyfFQAximynEjjZU0LexnLI6A97/JNpkq7QtlJB16OiU2Y+IQAv104Q8r3ukTw/n
4CYJSNYsdXP7IxGPOMex8OT3x/fmRCIjpW4Q2byY3ZdKcwmmfAphYY+S6wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHTR4p3TSD+XAyel23v58SimS3DsMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZE5IaW5kTklQNWNESjZYYmVfbnhLS1pMY093LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwA0g
MA0GCSqGSIb3DQEBCwUAA4IBAQCfhfHDCnR9x6RwXvcTjMQs6Hf3hBFjmLDvst65
DFa4EHBL442eMU9QzBuB+deAWijrNZ+5rtiKk0rymCV//OtKL9Y0y1XvndMlbf5r
OQ9UlEkyoJVWSEWVZvucgQ9BFZkCHmTbn3m6NVDWxWFn9J15m/FmDB0KtrNb6jfZ
MfWjwdD9jwxJfB0mOdH7uDXvhOlUazDVJh7zBvBsY1yCOD9L+AFApPL0WHrHKfMh
eZRFN8hSGMu/O4PkRf5zKyX4DoemyWxuo8iGEBFcUxN/u6MSnoQuiGU6uNTsz8AF
w1UviloN7814AO0uMJDAD2ca+Nn/VxuC3FlXwM8Lk3JC9GKU
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:32 2024 by rpki-client on console-fra.rpki-client.org