Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dwd6Jwndog0cgvKhNH2pOGuJnCY.roa
File: dwd6Jwndog0cgvKhNH2pOGuJnCY.roa (raw, json)
Hash identifier: M7hS/VEt8VFSB9qjlJH/7Hb7HOUB+u/mzjlunppGUss=
Subject key identifier: 77:07:7A:27:09:DD:A2:0D:1C:82:F2:A1:34:7D:A9:38:6B:89:9C:26
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018C24AB19D33AC49D9352C34D8193726E58
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dwd6Jwndog0cgvKhNH2pOGuJnCY.roa
Signing time: Fri 01 Dec 2023 09:17:22 +0000
ROA not before: Fri 01 Dec 2023 09:17:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204160
IP address blocks: 2a0e:97c0:b70::/44 maxlen: 48
2a0e:97c0:b78::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:24:ab:19:d3:3a:c4:9d:93:52:c3:4d:81:93:72:6e:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 1 09:17:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77077a2709dda20d1c82f2a1347da9386b899c26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a4:a9:5d:7b:ee:e4:d1:f8:1f:d6:bb:f9:fc:
cb:ec:84:86:ad:04:a3:6a:0e:01:f3:c3:46:55:d2:
7a:b0:8e:58:ef:fb:7c:7b:6a:f5:b7:99:d6:66:33:
f8:bc:5b:b5:35:43:e9:fb:06:70:65:50:c1:86:3d:
dd:a4:17:bc:a6:fb:c4:20:93:76:30:06:86:2f:e2:
95:85:72:d4:60:68:73:a9:41:a7:61:bf:7b:d7:f3:
14:6e:28:5f:80:38:07:e8:0c:84:d5:f6:6c:7d:69:
6a:b4:6a:75:4d:e9:c8:b1:5e:ed:42:61:0c:f0:01:
ac:f6:e9:01:19:da:7f:15:6d:55:18:88:6a:f3:49:
8e:3c:78:33:6f:a9:31:42:1a:bd:bf:35:d2:ad:3b:
bb:24:ea:75:71:19:cd:ea:eb:4b:48:b5:f1:b1:b9:
e9:9b:54:ee:49:9f:b1:9a:64:0a:f0:fa:fa:46:51:
23:ca:29:27:83:b7:4d:7d:aa:8e:8c:19:73:ac:d9:
a4:35:3c:ca:78:80:3e:69:33:3f:f9:5f:ac:c1:e0:
1b:9b:6c:aa:f8:46:40:88:24:57:bd:7c:9a:30:49:
b8:40:a8:6d:85:9b:70:36:9c:b7:c6:97:db:4a:fc:
a6:73:0e:e6:81:85:22:1b:29:32:de:4f:91:ae:40:
e5:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:07:7A:27:09:DD:A2:0D:1C:82:F2:A1:34:7D:A9:38:6B:89:9C:26
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dwd6Jwndog0cgvKhNH2pOGuJnCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:b70::/44
Signature Algorithm: sha256WithRSAEncryption
bf:66:89:41:7c:37:10:75:78:2a:c7:7f:69:b8:f6:84:53:da:
df:cb:7f:f0:af:dd:d7:b8:d4:39:db:1a:b2:a8:0e:22:30:f1:
1b:e3:e4:e4:4f:65:fc:2c:15:88:d2:bb:c6:d4:89:57:2e:5e:
5a:1c:04:0b:59:16:2e:22:cd:9a:20:07:44:43:11:97:41:22:
be:91:f6:81:2e:e0:4f:2f:69:ad:97:0b:df:17:32:c8:03:79:
08:9f:7f:c4:99:87:da:b1:6d:c3:b8:02:91:8b:d9:95:b1:05:
97:54:eb:61:7e:7b:ed:03:d7:42:bc:cc:04:6d:bf:41:bd:b2:
15:ca:d4:58:06:16:df:03:0a:c9:ab:fc:64:53:bd:d9:85:c1:
fd:a8:aa:a8:88:3b:65:09:01:21:28:a2:d8:ea:af:e7:ee:51:
1c:73:c2:bc:38:80:05:48:71:6c:23:0f:aa:48:d1:5d:c7:c7:
15:6c:2b:6f:40:47:96:78:4c:9d:88:f6:32:46:a4:8a:5c:23:
aa:c1:92:96:bc:8f:bf:4e:50:db:47:c5:71:f4:42:b4:82:6d:
a0:80:28:b0:92:64:71:0f:5e:10:7a:34:80:3a:77:2a:59:45:
52:15:be:b7:13:9e:7a:65:14:20:84:30:69:a6:80:8e:58:30:
ae:10:40:eb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYwkqxnTOsSdk1LDTYGTcm5YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMjAxMDkxNzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzA3N2EyNzA5ZGRhMjBkMWM4MmYyYTEzNDdkYTkzODZiODk5YzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKSpXXvu5NH4H9a7+fzL7ISGrQSj
ag4B88NGVdJ6sI5Y7/t8e2r1t5nWZjP4vFu1NUPp+wZwZVDBhj3dpBe8pvvEIJN2
MAaGL+KVhXLUYGhzqUGnYb971/MUbihfgDgH6AyE1fZsfWlqtGp1TenIsV7tQmEM
8AGs9ukBGdp/FW1VGIhq80mOPHgzb6kxQhq9vzXSrTu7JOp1cRnN6utLSLXxsbnp
m1TuSZ+xmmQK8Pr6RlEjyikng7dNfaqOjBlzrNmkNTzKeIA+aTM/+V+sweAbm2yq
+EZAiCRXvXyaMEm4QKhthZtwNpy3xpfbSvymcw7mgYUiGyky3k+RrkDlsQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHcHeicJ3aINHILyoTR9qThriZwmMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZHdkNkp3bmRvZzBjZ3ZLaE5IMnBPR3VKbkNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAtw
MA0GCSqGSIb3DQEBCwUAA4IBAQC/ZolBfDcQdXgqx39puPaEU9rfy3/wr93XuNQ5
2xqyqA4iMPEb4+TkT2X8LBWI0rvG1IlXLl5aHAQLWRYuIs2aIAdEQxGXQSK+kfaB
LuBPL2mtlwvfFzLIA3kIn3/EmYfasW3DuAKRi9mVsQWXVOthfnvtA9dCvMwEbb9B
vbIVytRYBhbfAwrJq/xkU73ZhcH9qKqoiDtlCQEhKKLY6q/n7lEcc8K8OIAFSHFs
Iw+qSNFdx8cVbCtvQEeWeEydiPYyRqSKXCOqwZKWvI+/TlDbR8Vx9EK0gm2ggCiw
kmRxD14QejSAOncqWUVSFb63E556ZRQghDBppoCOWDCuEEDr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:35 2024 by rpki-client on console-fra.rpki-client.org