Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dRUGp9i_q97lz2rCRuLBngS7rNY.roa
File: dRUGp9i_q97lz2rCRuLBngS7rNY.roa (raw, json)
Hash identifier: YSekhJWLWk06Kugt0j8HJ4tcCa3Vo1ohpz3JOrZ/pg4=
Subject key identifier: 75:15:06:A7:D8:BF:AB:DE:E5:CF:6A:C2:46:E2:C1:9E:04:BB:AC:D6
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0186C5261D6F5B20FE865086FA23D4FAC41B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dRUGp9i_q97lz2rCRuLBngS7rNY.roa
Signing time: Thu 09 Mar 2023 06:54:14 +0000
ROA not before: Thu 09 Mar 2023 06:54:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207079
IP address blocks: 2a0e:b107:1ed0::/44 maxlen: 48
2a0e:b107:17f0::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c5:26:1d:6f:5b:20:fe:86:50:86:fa:23:d4:fa:c4:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 9 06:54:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=751506a7d8bfabdee5cf6ac246e2c19e04bbacd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:74:f6:b5:95:40:05:24:00:73:4b:01:20:dd:
64:33:a3:5f:cd:45:55:36:00:cb:19:e1:d0:c8:86:
00:a2:94:1c:e1:30:2f:bd:3d:84:d9:3e:40:9d:75:
70:d6:91:0e:15:4f:74:b7:6f:56:40:6f:d1:a0:06:
46:eb:57:f6:61:4f:b1:3b:f3:5e:14:25:7a:05:e6:
ae:85:72:c2:45:fa:6c:8a:d2:f3:3b:e5:8c:07:3f:
97:6a:96:e5:d7:a3:4f:20:21:9f:fb:8b:cf:43:29:
f2:2e:d8:27:30:a9:3a:8e:94:b3:a7:ef:d2:13:a0:
7e:95:26:08:f1:28:00:36:b9:e7:19:75:c5:e2:99:
45:8e:96:aa:d8:9f:82:4f:9a:25:19:e2:1b:35:49:
d1:c7:65:22:45:42:fa:cc:60:f0:44:b3:66:cf:ae:
73:36:25:4f:8b:e6:8d:11:0f:f7:be:99:5c:ca:1b:
fa:97:5d:03:5a:15:f3:ee:b9:94:72:df:4c:18:4f:
07:a1:2f:f1:88:03:75:19:95:19:2c:d1:7b:0c:14:
a7:0b:fd:f1:dc:8e:2c:83:3b:02:7a:2f:87:e1:db:
7e:65:2d:4d:90:d6:ae:4f:04:4f:2a:11:ed:98:90:
2f:b6:33:f3:de:e2:af:db:e3:6e:fa:10:af:02:87:
d7:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:15:06:A7:D8:BF:AB:DE:E5:CF:6A:C2:46:E2:C1:9E:04:BB:AC:D6
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dRUGp9i_q97lz2rCRuLBngS7rNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:17f0::/44
2a0e:b107:1ed0::/44
Signature Algorithm: sha256WithRSAEncryption
94:df:a6:42:69:70:09:d9:3e:f1:52:b4:2f:57:f2:65:d2:a9:
55:87:91:21:25:11:db:68:92:39:b9:b8:6b:f6:ea:19:d0:a9:
3b:8b:9a:17:ec:20:14:2f:9d:66:b9:21:da:2b:d8:fc:83:86:
6e:9a:d2:11:79:cd:0d:20:4b:b8:e4:15:a4:e0:50:b5:66:41:
1a:20:c6:91:03:ae:9c:9a:7b:1a:27:0f:9d:29:2a:56:fb:5f:
8b:8d:d6:5c:e8:c8:e1:40:b8:21:b7:d6:20:22:56:cc:af:2e:
1b:4c:1e:9c:16:8e:5e:d0:d1:e7:b0:5f:55:c5:e9:fa:ba:93:
3e:0b:29:8b:3c:d1:0c:b3:ab:56:5f:41:ea:b2:a0:5e:dd:69:
bf:70:16:35:88:de:79:db:23:de:6f:66:79:7b:51:c7:57:c9:
da:19:5f:26:b4:50:96:f0:4b:25:f6:5d:63:f3:3b:43:5b:5e:
24:ae:70:b6:fd:a1:1c:ee:d0:2e:a5:f1:5e:22:1a:d8:6d:bb:
61:a5:33:99:fa:03:91:5c:50:41:c8:38:ed:10:a0:88:4b:30:
a2:5c:4c:b6:76:d6:9a:04:49:4e:8a:3a:ce:d4:16:cc:72:a3:
7a:32:31:73:5c:46:5b:fd:e9:db:96:cb:6e:e8:9f:13:48:39:
87:d3:eb:d4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYbFJh1vWyD+hlCG+iPU+sQbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMzA5MDY1NDE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTE1MDZhN2Q4YmZhYmRlZTVjZjZhYzI0NmUyYzE5ZTA0YmJhY2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXT2tZVABSQAc0sBIN1kM6NfzUVV
NgDLGeHQyIYAopQc4TAvvT2E2T5AnXVw1pEOFU90t29WQG/RoAZG61f2YU+xO/Ne
FCV6BeauhXLCRfpsitLzO+WMBz+Xapbl16NPICGf+4vPQynyLtgnMKk6jpSzp+/S
E6B+lSYI8SgANrnnGXXF4plFjpaq2J+CT5olGeIbNUnRx2UiRUL6zGDwRLNmz65z
NiVPi+aNEQ/3vplcyhv6l10DWhXz7rmUct9MGE8HoS/xiAN1GZUZLNF7DBSnC/3x
3I4sgzsCei+H4dt+ZS1NkNauTwRPKhHtmJAvtjPz3uKv2+Nu+hCvAofXtwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHUVBqfYv6ve5c9qwkbiwZ4Eu6zWMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZFJVR3A5aV9xOTdsejJyQ1J1TEJuZ1M3ck5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6xBxfw
AwcEKg6xBx7QMA0GCSqGSIb3DQEBCwUAA4IBAQCU36ZCaXAJ2T7xUrQvV/Jl0qlV
h5EhJRHbaJI5ubhr9uoZ0Kk7i5oX7CAUL51muSHaK9j8g4ZumtIRec0NIEu45BWk
4FC1ZkEaIMaRA66cmnsaJw+dKSpW+1+LjdZc6MjhQLght9YgIlbMry4bTB6cFo5e
0NHnsF9Vxen6upM+CymLPNEMs6tWX0HqsqBe3Wm/cBY1iN552yPeb2Z5e1HHV8na
GV8mtFCW8Esl9l1j8ztDW14krnC2/aEc7tAupfFeIhrYbbthpTOZ+gORXFBByDjt
EKCISzCiXEy2dtaaBElOijrO1BbMcqN6MjFzXEZb/enblstu6J8TSDmH0+vU
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:32 2024 by rpki-client on console-fra.rpki-client.org