Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dkL3iU9-i7V92tKxWTCiYoY71EE.roa
File: dkL3iU9-i7V92tKxWTCiYoY71EE.roa (raw, json)
Hash identifier: ujojBe3ZWAZ2xLMN/tENH1rfokESLNm4HYg8HvPltQA=
Subject key identifier: 76:42:F7:89:4F:7E:8B:B5:7D:DA:D2:B1:59:30:A2:62:86:3B:D4:41
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E78FE394B6284C642D901448BE44C0
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dkL3iU9-i7V92tKxWTCiYoY71EE.roa
Signing time: Mon 02 Jan 2023 05:15:01 +0000
ROA not before: Mon 02 Jan 2023 05:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 134666
IP address blocks: 2a0e:b107:30f::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:8f:e3:94:b6:28:4c:64:2d:90:14:48:be:44:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7642f7894f7e8bb57ddad2b15930a262863bd441
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:64:21:9b:4f:ba:36:1f:8d:31:88:0d:1c:22:
b7:b1:95:c6:ac:c5:f0:7b:d9:03:e9:2f:be:b4:1d:
18:9b:78:f8:3f:8a:3d:1f:20:0e:63:a0:f2:91:be:
fc:31:11:5a:22:f5:1b:bc:41:c4:9a:a0:dc:38:79:
ac:c8:5c:92:7d:3e:8f:cd:36:3f:08:95:bc:80:50:
9c:82:48:2b:e4:42:94:35:a2:e5:95:ce:28:20:82:
91:b0:72:be:31:a6:29:91:67:4a:65:ec:2b:e5:66:
c0:58:dc:f9:b6:ff:a2:02:58:9b:58:89:3d:36:79:
48:35:2c:4a:23:45:aa:21:c4:28:f5:6b:ca:e3:9c:
e4:d3:a6:6c:c1:b4:7d:a4:90:1e:dc:71:f7:64:3e:
d8:a8:89:86:3f:d8:2e:f8:85:5a:bb:91:3c:02:fa:
1b:cc:4e:c9:0a:43:d4:42:7c:1d:84:e2:11:b6:a4:
d6:12:d2:ee:df:ce:1e:ba:99:c9:0d:62:81:a6:8f:
40:63:00:ae:b6:3e:13:4b:8d:d8:03:a8:5b:21:5d:
1c:8e:14:bd:3c:36:c3:80:ed:3d:0b:de:01:72:19:
32:85:ec:b7:3b:e7:ed:4b:90:a7:2e:d0:5c:13:f2:
b0:23:a7:55:5a:3a:7f:e9:5e:0a:63:2a:47:3b:61:
87:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:42:F7:89:4F:7E:8B:B5:7D:DA:D2:B1:59:30:A2:62:86:3B:D4:41
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dkL3iU9-i7V92tKxWTCiYoY71EE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:30f::/48
Signature Algorithm: sha256WithRSAEncryption
59:bb:ce:69:be:ae:e4:e3:6c:e2:fe:fe:8a:1a:f5:87:c3:b4:
08:55:03:cd:3d:75:70:a1:ef:11:61:5d:e1:34:34:09:6a:0b:
0f:08:5c:f7:8e:f0:2f:56:24:03:02:40:6a:60:fa:e0:87:f9:
b6:20:d7:25:49:6d:05:bd:ca:69:c0:b1:9c:a6:09:5a:c3:d0:
14:68:07:3f:66:a7:d9:d0:af:86:f6:c3:cf:fb:91:85:88:7a:
09:2f:b0:89:1a:82:40:f8:04:64:0a:3f:43:2f:8d:72:c2:97:
ea:e2:51:c4:cd:01:01:c1:fd:c0:6b:47:db:11:52:98:22:12:
cf:42:fc:b2:38:4c:d2:bb:99:6d:8e:af:21:ef:f9:ad:2e:e2:
7b:c0:ca:4d:a1:d8:a4:5c:6e:4c:0a:25:6c:59:4a:5d:cc:47:
55:3e:3f:c3:cb:68:1f:9e:07:13:b7:7c:04:6e:41:cb:3c:95:
84:3f:02:9a:a2:54:c2:60:95:a2:d0:ac:2e:a5:03:3d:b2:6f:
85:52:ff:3c:ab:1e:11:c2:ad:1e:b2:10:ee:5a:ba:99:00:a0:
84:71:87:b5:22:8e:33:e4:a6:9f:e5:4b:03:5f:e8:85:07:1a:
74:2c:0e:83:43:29:15:06:9b:39:92:39:7f:dd:78:ed:c0:ab:
72:0c:8a:ff
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw54/jlLYoTGQtkBRIvkTAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjQyZjc4OTRmN2U4YmI1N2RkYWQyYjE1OTMwYTI2Mjg2M2JkNDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmQhm0+6Nh+NMYgNHCK3sZXGrMXw
e9kD6S++tB0Ym3j4P4o9HyAOY6Dykb78MRFaIvUbvEHEmqDcOHmsyFySfT6PzTY/
CJW8gFCcgkgr5EKUNaLllc4oIIKRsHK+MaYpkWdKZewr5WbAWNz5tv+iAlibWIk9
NnlINSxKI0WqIcQo9WvK45zk06ZswbR9pJAe3HH3ZD7YqImGP9gu+IVau5E8Avob
zE7JCkPUQnwdhOIRtqTWEtLu384eupnJDWKBpo9AYwCutj4TS43YA6hbIV0cjhS9
PDbDgO09C94Bchkyhey3O+ftS5CnLtBcE/KwI6dVWjp/6V4KYypHO2GHhQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHZC94lPfou1fdrSsVkwomKGO9RBMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZGtMM2lVOS1pN1Y5MnRLeFdUQ2lZb1k3MUVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBwMP
MA0GCSqGSIb3DQEBCwUAA4IBAQBZu85pvq7k42zi/v6KGvWHw7QIVQPNPXVwoe8R
YV3hNDQJagsPCFz3jvAvViQDAkBqYPrgh/m2INclSW0FvcppwLGcpglaw9AUaAc/
ZqfZ0K+G9sPP+5GFiHoJL7CJGoJA+ARkCj9DL41ywpfq4lHEzQEBwf3Aa0fbEVKY
IhLPQvyyOEzSu5ltjq8h7/mtLuJ7wMpNodikXG5MCiVsWUpdzEdVPj/Dy2gfngcT
t3wEbkHLPJWEPwKaolTCYJWi0KwupQM9sm+FUv88qx4Rwq0eshDuWrqZAKCEcYe1
Io4z5Kaf5UsDX+iFBxp0LA6DQykVBps5kjl/3XjtwKtyDIr/
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:18 2023 by rpki-client on console-fra.rpki-client.org