Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ddoOrOeJZZYu7R05gAHVSGSelcw.roa
File: ddoOrOeJZZYu7R05gAHVSGSelcw.roa (raw, json)
Hash identifier: QQYJy86knNJ48NTIAhUw70iXN8i0lz0wM1s/iaudI0g=
Subject key identifier: 75:DA:0E:AC:E7:89:65:96:2E:ED:1D:39:80:01:D5:48:64:9E:95:CC
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48AF8C0F1F4DCEA5992E6930817C9B9
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ddoOrOeJZZYu7R05gAHVSGSelcw.roa
Signing time: Tue 24 Jan 2023 16:09:50 +0000
ROA not before: Tue 24 Jan 2023 16:09:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211640
IP address blocks: 2a10:2f00:168::/48 maxlen: 48
2a0e:b107:ea8::/46 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:f8:c0:f1:f4:dc:ea:59:92:e6:93:08:17:c9:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75da0eace78965962eed1d398001d548649e95cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:58:00:c0:aa:75:f9:52:a2:3f:f6:19:e4:77:
ea:9f:47:2b:48:3a:39:54:d3:8a:9e:c8:c5:d7:fa:
72:79:16:19:1d:ed:cf:27:8c:82:69:03:39:f5:33:
0b:f9:61:85:d4:c9:3f:44:30:3c:79:29:08:90:fe:
a7:83:02:0e:c8:77:df:ba:70:25:9f:d1:91:c1:4f:
d4:9d:02:70:52:a3:08:ad:d4:ab:c9:1a:1f:37:ca:
37:23:45:e6:3a:3e:a8:a3:6e:00:94:b3:9b:29:dc:
9f:d7:d1:89:ed:7c:a5:d1:74:f7:2b:6c:f7:90:42:
a7:15:df:6f:68:8c:5a:92:d6:fa:e7:8e:41:b1:d3:
32:f2:8c:48:ad:86:de:22:60:48:89:b2:8a:cb:69:
f5:5d:d8:aa:d2:d5:a1:25:19:e5:8e:f7:c8:43:bf:
ab:c1:94:d0:5b:8d:00:6b:06:62:d8:b0:b7:30:b2:
98:19:81:a0:d9:d1:3c:b4:61:9c:55:2e:15:4c:d0:
fc:af:21:7d:5f:bd:31:a2:12:35:be:36:21:25:b7:
01:03:e9:dd:56:8e:2c:55:91:de:6b:95:91:07:bd:
ef:34:c4:5e:df:20:23:94:25:c0:9e:38:22:aa:3e:
47:0c:9f:13:b8:03:ae:58:35:a3:a3:7a:9b:40:38:
6f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:DA:0E:AC:E7:89:65:96:2E:ED:1D:39:80:01:D5:48:64:9E:95:CC
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ddoOrOeJZZYu7R05gAHVSGSelcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:ea8::/46
2a10:2f00:168::/48
Signature Algorithm: sha256WithRSAEncryption
6a:7e:27:c1:6a:37:6a:0b:0c:4e:95:9c:c0:e7:e8:18:5c:8a:
33:df:a7:36:82:90:e0:f3:b9:ef:7d:c6:6c:c3:d5:b8:cc:82:
20:db:5b:f2:a7:a8:42:bd:36:4a:db:56:05:82:f8:58:67:cc:
88:a3:68:ad:7f:a3:c5:ee:b3:01:12:20:ba:f9:de:83:ae:03:
bb:78:78:5e:ad:b7:5f:56:65:6a:4c:18:9b:09:7f:c3:7f:32:
72:4f:50:cd:e2:32:e1:9e:3d:8d:75:d9:f7:38:68:be:7d:a6:
66:2c:62:a9:df:30:73:f9:b2:39:ec:45:84:0f:3e:ab:c3:98:
5f:a7:00:f0:c9:5a:43:4c:45:02:75:c3:db:10:c7:94:71:45:
71:6d:40:c8:71:cf:45:d5:7d:45:48:ea:8b:69:da:61:cd:81:
41:95:f2:3f:ab:fd:09:00:f6:76:81:45:86:30:6a:52:f0:98:
6f:f2:b3:45:f3:e2:38:fd:ad:71:ae:a7:f4:86:9f:73:e0:f1:
cb:cf:52:dd:76:1d:3e:f7:b8:4d:96:3a:01:2d:4c:ff:6d:9e:
50:78:ef:cf:25:26:92:b0:d1:35:15:13:70:02:f9:06:28:df:
7a:81:aa:a9:38:b2:94:a1:cd:4d:27:b0:04:00:37:57:ae:a3:
f0:e2:e5:77
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXkivjA8fTc6lmS5pMIF8m5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWRhMGVhY2U3ODk2NTk2MmVlZDFkMzk4MDAxZDU0ODY0OWU5NWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVgAwKp1+VKiP/YZ5Hfqn0crSDo5
VNOKnsjF1/pyeRYZHe3PJ4yCaQM59TML+WGF1Mk/RDA8eSkIkP6ngwIOyHffunAl
n9GRwU/UnQJwUqMIrdSryRofN8o3I0XmOj6oo24AlLObKdyf19GJ7Xyl0XT3K2z3
kEKnFd9vaIxaktb6545BsdMy8oxIrYbeImBIibKKy2n1Xdiq0tWhJRnljvfIQ7+r
wZTQW40AawZi2LC3MLKYGYGg2dE8tGGcVS4VTND8ryF9X70xohI1vjYhJbcBA+nd
Vo4sVZHea5WRB73vNMRe3yAjlCXAnjgiqj5HDJ8TuAOuWDWjo3qbQDhvHwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHXaDqzniWWWLu0dOYAB1UhknpXMMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZGRvT3JPZUpaWll1N1IwNWdBSFZTR1NlbGN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcCKg6xBw6o
AwcAKhAvAAFoMA0GCSqGSIb3DQEBCwUAA4IBAQBqfifBajdqCwxOlZzA5+gYXIoz
36c2gpDg87nvfcZsw9W4zIIg21vyp6hCvTZK21YFgvhYZ8yIo2itf6PF7rMBEiC6
+d6DrgO7eHherbdfVmVqTBibCX/DfzJyT1DN4jLhnj2Nddn3OGi+faZmLGKp3zBz
+bI57EWEDz6rw5hfpwDwyVpDTEUCdcPbEMeUcUVxbUDIcc9F1X1FSOqLadphzYFB
lfI/q/0JAPZ2gUWGMGpS8Jhv8rNF8+I4/a1xrqf0hp9z4PHLz1Lddh0+97hNljoB
LUz/bZ5QeO/PJSaSsNE1FRNwAvkGKN96gaqpOLKUoc1NJ7AEADdXrqPw4uV3
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:32 2024 by rpki-client on console-fra.rpki-client.org