Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fIv47mzjSqerCbQtAtMJMZ-HTIU.roa
File: fIv47mzjSqerCbQtAtMJMZ-HTIU.roa (raw, json)
Hash identifier: QsmPXC/s5AZAhYpyU9bdSi7p9GSVfbAC2EsURFJDMf8=
Subject key identifier: 7C:8B:F8:EE:6C:E3:4A:A7:AB:09:B4:2D:02:D3:09:31:9F:87:4C:85
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018C877AC35B2C65B885462928154097A210
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fIv47mzjSqerCbQtAtMJMZ-HTIU.roa
Signing time: Wed 20 Dec 2023 13:46:58 +0000
ROA not before: Wed 20 Dec 2023 13:46:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 215828
IP address blocks: 2a0e:b107:2804::/46 maxlen: 48
2a0e:b107:27fc::/46 maxlen: 48
2a0e:b107:27d4::/46 maxlen: 48
2a0e:b107:2800::/46 maxlen: 48
2a0e:b107:27f8::/46 maxlen: 48
2a0e:b107:27d0::/46 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:87:7a:c3:5b:2c:65:b8:85:46:29:28:15:40:97:a2:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 20 13:46:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c8bf8ee6ce34aa7ab09b42d02d309319f874c85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ad:66:4d:79:77:41:94:ce:2c:e5:15:8b:c1:
5c:f4:76:bf:1e:17:9e:95:8d:3a:3f:b3:6f:d7:2e:
0c:bc:6a:d7:e5:a5:22:57:c2:15:a8:b5:79:6a:b6:
1d:ec:33:f0:f5:10:6f:8c:34:3d:17:27:c4:91:9c:
7b:7b:07:51:6b:c7:71:5c:fb:99:4f:cf:c7:17:0f:
f2:8a:34:a5:5e:ef:6a:68:a3:80:9e:af:67:1e:ed:
f8:71:df:9a:2b:a0:74:c2:d2:37:4e:3d:71:5d:16:
c4:d3:9c:9f:d1:7d:63:23:a7:ff:9f:14:1c:03:51:
b6:f8:40:04:f2:5d:ff:78:47:29:57:de:5c:3a:8d:
8a:6d:1f:f1:ae:6c:8e:a0:18:84:b2:57:da:8b:de:
19:87:c7:dd:a5:6e:13:d5:b5:29:20:8b:67:7e:e8:
e0:ff:ce:f9:c7:4c:d3:14:7d:7e:20:4f:a3:f8:0e:
6a:2a:f0:ae:1d:3a:aa:e1:08:ec:6c:12:24:e0:44:
6e:67:78:c1:30:0d:bd:11:de:d2:11:01:3b:b2:a5:
24:09:2a:ce:94:10:3c:a7:ca:94:db:ad:9f:5f:5d:
35:61:45:7a:03:44:0c:da:44:3d:02:99:0a:07:c2:
50:3b:aa:df:a5:78:45:f1:1d:ae:3a:7f:cb:1d:34:
bc:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:8B:F8:EE:6C:E3:4A:A7:AB:09:B4:2D:02:D3:09:31:9F:87:4C:85
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fIv47mzjSqerCbQtAtMJMZ-HTIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:27d0::/45
2a0e:b107:27f8::-2a0e:b107:2807:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
66:be:71:bd:62:b7:8b:79:74:8e:d8:5d:64:b6:a0:87:05:35:
5d:1a:0f:ac:a4:8c:c7:17:83:19:7a:6a:75:7e:2a:7a:2e:62:
ce:3e:01:f0:ce:90:21:19:f2:b1:c6:f6:67:b2:51:7f:53:22:
8d:97:8f:fc:05:ad:97:b1:de:73:bf:1f:03:bb:32:a1:26:c7:
3b:ec:54:89:b9:ac:e8:74:f5:0d:21:83:91:63:a4:18:6b:a3:
78:32:61:13:7a:fd:3e:41:d3:6d:1c:4d:de:e6:f1:e2:56:c5:
14:09:06:c1:ab:6c:06:8b:9d:a1:f2:06:4a:47:3c:43:36:70:
34:23:fe:3c:cd:3a:d6:f0:d3:21:f2:8a:12:c1:5e:78:13:0b:
ad:60:79:ad:2f:f0:16:ea:bb:27:3c:97:e4:56:00:b5:bc:32:
6f:1f:df:3b:6d:1f:73:62:32:d9:24:74:e2:03:49:b3:69:c4:
ff:fd:49:40:2b:6b:79:a5:4c:28:6d:e7:ea:e2:00:93:59:22:
cc:72:65:22:b9:15:d0:d1:57:ee:8a:97:47:cc:17:11:5c:29:
8e:4c:ed:95:b1:1c:9d:21:8f:e5:76:a8:e7:67:75:24:5b:9c:
6c:3f:a2:b2:14:9d:61:dd:51:c0:c7:1d:f0:9b:79:5a:a7:9e:
bd:df:0c:d2
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYyHesNbLGW4hUYpKBVAl6IQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMjIwMTM0NjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzhiZjhlZTZjZTM0YWE3YWIwOWI0MmQwMmQzMDkzMTlmODc0Yzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApa1mTXl3QZTOLOUVi8Fc9Ha/Hhee
lY06P7Nv1y4MvGrX5aUiV8IVqLV5arYd7DPw9RBvjDQ9FyfEkZx7ewdRa8dxXPuZ
T8/HFw/yijSlXu9qaKOAnq9nHu34cd+aK6B0wtI3Tj1xXRbE05yf0X1jI6f/nxQc
A1G2+EAE8l3/eEcpV95cOo2KbR/xrmyOoBiEslfai94Zh8fdpW4T1bUpIItnfujg
/875x0zTFH1+IE+j+A5qKvCuHTqq4QjsbBIk4ERuZ3jBMA29Ed7SEQE7sqUkCSrO
lBA8p8qU262fX101YUV6A0QM2kQ9ApkKB8JQO6rfpXhF8R2uOn/LHTS8KwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHyL+O5s40qnqwm0LQLTCTGfh0yFMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZkl2NDdtempTcWVyQ2JRdEF0TUpNWi1IVElVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcDKg6xByfQ
MBIDBwMqDrEHJ/gDBwMqDrEHKAAwDQYJKoZIhvcNAQELBQADggEBAGa+cb1it4t5
dI7YXWS2oIcFNV0aD6ykjMcXgxl6anV+KnouYs4+AfDOkCEZ8rHG9meyUX9TIo2X
j/wFrZex3nO/HwO7MqEmxzvsVIm5rOh09Q0hg5FjpBhro3gyYRN6/T5B020cTd7m
8eJWxRQJBsGrbAaLnaHyBkpHPEM2cDQj/jzNOtbw0yHyihLBXngTC61gea0v8Bbq
uyc8l+RWALW8Mm8f3zttH3NiMtkkdOIDSbNpxP/9SUAra3mlTCht5+riAJNZIsxy
ZSK5FdDRV+6Kl0fMFxFcKY5M7ZWxHJ0hj+V2qOdndSRbnGw/orIUnWHdUcDHHfCb
eVqnnr3fDNI=
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:51 2024 by rpki-client on console-ams.rpki-client.org