Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fNioz3XfHl37Cgpq3KrbntuBUJo.roa
File: fNioz3XfHl37Cgpq3KrbntuBUJo.roa (raw, json)
Hash identifier: n3W71aMorm8qbHJVDpi+Q1q/zZzKHMGNAMI1+eFB0bs=
Subject key identifier: 7C:D8:A8:CF:75:DF:1E:5D:FB:0A:0A:6A:DC:AA:DB:9E:DB:81:50:9A
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7FD549FBCD623111F3B9DC0D83920
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fNioz3XfHl37Cgpq3KrbntuBUJo.roa
Signing time: Mon 02 Jan 2023 05:15:29 +0000
ROA not before: Mon 02 Jan 2023 05:15:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211231
IP address blocks: 2a0e:b107:1390::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:fd:54:9f:bc:d6:23:11:1f:3b:9d:c0:d8:39:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7cd8a8cf75df1e5dfb0a0a6adcaadb9edb81509a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e2:26:21:73:56:a0:f3:ff:3f:4c:02:8d:76:
07:5a:5a:5e:f1:88:55:21:94:5e:23:c3:11:5e:b7:
e4:fb:98:b5:c4:43:99:04:a3:fc:68:90:18:83:3a:
d6:91:82:6a:73:30:4b:94:4d:d0:87:de:5c:bc:9d:
cd:fe:22:82:39:a6:11:be:83:50:ec:9d:5d:07:39:
37:c1:9d:05:e7:ce:78:72:c4:78:4f:49:67:4c:ef:
ab:ea:87:3f:4f:d4:0d:04:fe:38:17:b7:6a:7e:de:
8b:d0:9d:cf:4a:36:06:65:d8:92:55:9e:f3:90:07:
48:9a:c9:ce:3f:4e:2b:6c:29:a3:2a:86:ff:b9:c9:
14:91:c1:bf:d1:e5:5f:65:9f:04:63:94:5a:c5:38:
8e:80:41:42:d5:1b:b7:56:0a:a9:6b:ca:23:67:9f:
eb:42:01:ca:89:5e:eb:7c:8c:f0:f1:6e:86:ac:52:
fc:d5:4b:fe:7c:ff:98:db:09:83:d7:21:bf:19:22:
ac:3f:d9:a9:b6:88:5c:c4:96:68:b5:25:ba:ee:78:
60:43:95:f6:62:e9:54:a5:a2:4c:12:aa:8f:8a:4c:
39:ce:fe:6e:9d:ea:5a:8d:23:b8:c7:0a:6a:9d:2a:
3e:e0:3d:bf:8c:81:c9:3b:a5:ab:82:d2:d1:c1:10:
11:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:D8:A8:CF:75:DF:1E:5D:FB:0A:0A:6A:DC:AA:DB:9E:DB:81:50:9A
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fNioz3XfHl37Cgpq3KrbntuBUJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1390::/44
Signature Algorithm: sha256WithRSAEncryption
84:c4:60:5f:30:d4:0a:72:75:6a:18:15:70:2a:c2:e2:c8:1d:
08:0e:46:07:fb:88:e6:62:dd:6d:80:1e:aa:3b:83:f5:9a:47:
f3:ab:89:a8:ee:3d:4e:40:29:05:0d:7a:eb:24:ac:80:70:d8:
8c:d8:14:02:c4:b9:bf:a0:87:5c:f1:4a:6c:53:27:4b:50:60:
c2:83:fe:74:01:8c:1c:18:28:84:8e:26:f3:36:4d:4e:b9:77:
38:5d:d9:db:8e:fb:24:dc:7b:97:fe:5d:da:e1:0c:05:35:36:
1d:9d:34:18:82:bb:88:d7:8d:93:6e:06:9c:1b:de:54:c3:a3:
74:fb:39:e9:b6:b9:88:8e:0a:c7:1f:0a:c4:98:21:9b:1b:6d:
98:13:19:7c:90:f5:99:2b:fe:84:95:7f:69:84:43:30:9f:0b:
b7:d7:a4:39:17:c8:32:86:4a:42:3e:64:7c:8d:ec:f1:70:d7:
d9:0b:f7:c0:48:73:46:3d:df:d6:dd:4b:30:5c:19:78:8b:ff:
b4:0b:e6:18:d6:c8:f1:27:c4:dd:c3:8b:a7:38:02:3e:5b:bc:
12:94:a3:89:a2:de:3a:6f:f9:99:58:59:b3:85:00:17:7e:5f:
aa:e5:1d:77:c0:d2:b6:ef:c6:f0:a8:f4:9c:f4:30:55:52:f3:
03:b2:ad:20
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw5/1Un7zWIxEfO53A2DkgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2Q4YThjZjc1ZGYxZTVkZmIwYTBhNmFkY2FhZGI5ZWRiODE1MDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleImIXNWoPP/P0wCjXYHWlpe8YhV
IZReI8MRXrfk+5i1xEOZBKP8aJAYgzrWkYJqczBLlE3Qh95cvJ3N/iKCOaYRvoNQ
7J1dBzk3wZ0F5854csR4T0lnTO+r6oc/T9QNBP44F7dqft6L0J3PSjYGZdiSVZ7z
kAdImsnOP04rbCmjKob/uckUkcG/0eVfZZ8EY5RaxTiOgEFC1Ru3Vgqpa8ojZ5/r
QgHKiV7rfIzw8W6GrFL81Uv+fP+Y2wmD1yG/GSKsP9mptohcxJZotSW67nhgQ5X2
YulUpaJMEqqPikw5zv5unepajSO4xwpqnSo+4D2/jIHJO6WrgtLRwRARRwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHzYqM913x5d+woKatyq257bgVCaMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZk5pb3ozWGZIbDM3Q2dwcTNLcmJudHVCVUpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBxOQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCExGBfMNQKcnVqGBVwKsLiyB0IDkYH+4jmYt1t
gB6qO4P1mkfzq4mo7j1OQCkFDXrrJKyAcNiM2BQCxLm/oIdc8UpsUydLUGDCg/50
AYwcGCiEjibzNk1OuXc4Xdnbjvsk3HuX/l3a4QwFNTYdnTQYgruI142TbgacG95U
w6N0+znptrmIjgrHHwrEmCGbG22YExl8kPWZK/6ElX9phEMwnwu316Q5F8gyhkpC
PmR8jezxcNfZC/fASHNGPd/W3UswXBl4i/+0C+YY1sjxJ8Tdw4unOAI+W7wSlKOJ
ot46b/mZWFmzhQAXfl+q5R13wNK278bwqPSc9DBVUvMDsq0g
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:02 2023 by rpki-client on console-ams.rpki-client.org