Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fbDp6nOTIZNhIm_lsYazf8CLv-A.roa
File: fbDp6nOTIZNhIm_lsYazf8CLv-A.roa (raw, json)
Hash identifier: oDmTuizUxIAOB+qde6eQPLSVSeKD7oWk+o09hv5wYv8=
Subject key identifier: 7D:B0:E9:EA:73:93:21:93:61:22:6F:E5:B1:86:B3:7F:C0:8B:BF:E0
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48AE0467C144F3F32D081CEE21BCB12
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fbDp6nOTIZNhIm_lsYazf8CLv-A.roa
Signing time: Tue 24 Jan 2023 16:09:44 +0000
ROA not before: Tue 24 Jan 2023 16:09:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208679
IP address blocks: 2a0e:b107:178d::/48 maxlen: 48
2a0e:b107:178f::/48 maxlen: 48
2a0e:b107:178c::/48 maxlen: 48
2a0e:b107:178e::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:e0:46:7c:14:4f:3f:32:d0:81:ce:e2:1b:cb:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7db0e9ea7393219361226fe5b186b37fc08bbfe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b1:19:da:e2:42:bd:1d:b9:32:3a:cc:d5:c2:
44:73:93:7d:f9:0e:06:74:f3:66:f2:79:50:ac:10:
87:8e:8d:be:ac:b3:fc:1a:99:53:88:d2:43:a6:79:
0a:2b:b2:bc:6f:99:89:2d:38:87:1a:1a:f8:47:bc:
5c:72:d2:4b:33:6f:e0:08:ee:b7:24:92:aa:cc:93:
2a:cc:6e:81:bd:ee:72:aa:8f:20:87:90:b5:a1:20:
e9:37:e3:03:64:d0:be:98:6a:2d:81:eb:b8:b8:df:
84:62:97:24:c5:31:f8:62:6f:ac:2a:f3:7f:6d:51:
22:a1:d9:fe:9b:43:60:75:12:15:0d:b7:0a:8d:41:
78:07:a9:6e:9d:1a:b7:4f:7e:e1:98:6d:52:5e:7e:
06:99:b0:9d:69:47:56:e8:ee:35:67:7d:6a:6e:64:
e2:8c:45:c1:21:ba:42:91:15:08:8a:c6:39:e3:f4:
65:98:ee:33:3e:0f:98:c9:0e:a0:99:f6:9f:02:cb:
dd:66:5e:81:31:73:8b:c7:bd:58:c9:b5:ef:fb:9b:
65:7e:ee:c5:9a:34:1e:ed:4d:99:43:72:fc:36:03:
5b:76:14:7a:04:b1:0d:96:f2:6a:4c:67:a8:61:eb:
41:d8:70:1f:66:5f:a8:9d:d7:4d:de:b6:c6:f5:b8:
c6:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:B0:E9:EA:73:93:21:93:61:22:6F:E5:B1:86:B3:7F:C0:8B:BF:E0
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fbDp6nOTIZNhIm_lsYazf8CLv-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:178c::/46
Signature Algorithm: sha256WithRSAEncryption
93:e3:35:be:3c:d5:18:9c:9d:6c:09:00:a5:71:f8:2d:1d:cc:
83:97:b7:ce:ed:69:82:49:9f:20:17:7f:2e:eb:2e:0b:cf:f1:
e8:50:7b:f5:6f:b4:51:da:b5:83:55:1b:86:1b:68:2d:b5:b8:
c5:5a:d3:5f:8d:8d:2a:30:53:c3:b3:45:90:af:17:37:0d:6a:
26:b0:17:06:50:b6:22:a7:70:5d:8d:7a:5a:03:c5:c2:2b:9d:
20:75:7e:a7:b0:a2:0d:fd:37:0e:71:5b:91:e7:24:17:5c:44:
ff:39:57:a0:41:f7:6a:bc:6d:e3:a1:2b:d2:5c:cb:50:48:9b:
d7:8f:a1:68:1d:1b:21:38:98:95:4e:21:dd:f0:75:e1:fc:62:
79:6f:58:42:2a:e9:e6:7c:09:c8:e4:b2:a8:0c:cb:62:e7:78:
a9:71:60:bc:7e:cf:52:72:46:f5:a5:31:74:90:6c:56:38:67:
85:c3:c4:e9:f0:28:10:9b:7c:71:7c:55:9c:ab:e5:d3:71:84:
29:58:8e:3d:10:7e:a4:89:1c:d5:ab:ec:d2:84:25:55:a7:2f:
1d:ce:3e:2b:b2:e9:2f:62:24:24:ab:89:4b:0b:e5:2c:23:84:
71:f3:3f:3a:52:23:80:20:0e:a0:6f:02:99:fb:9e:2d:7f:ec:
d4:a7:bc:09
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXkiuBGfBRPPzLQgc7iG8sSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGIwZTllYTczOTMyMTkzNjEyMjZmZTViMTg2YjM3ZmMwOGJiZmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbEZ2uJCvR25MjrM1cJEc5N9+Q4G
dPNm8nlQrBCHjo2+rLP8GplTiNJDpnkKK7K8b5mJLTiHGhr4R7xcctJLM2/gCO63
JJKqzJMqzG6Bve5yqo8gh5C1oSDpN+MDZNC+mGotgeu4uN+EYpckxTH4Ym+sKvN/
bVEiodn+m0NgdRIVDbcKjUF4B6lunRq3T37hmG1SXn4GmbCdaUdW6O41Z31qbmTi
jEXBIbpCkRUIisY54/RlmO4zPg+YyQ6gmfafAsvdZl6BMXOLx71YybXv+5tlfu7F
mjQe7U2ZQ3L8NgNbdhR6BLENlvJqTGeoYetB2HAfZl+onddN3rbG9bjGuwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFH2w6epzkyGTYSJv5bGGs3/Ai7/gMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZmJEcDZuT1RJWk5oSW1fbHNZYXpmOENMdi1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKg6xBxeM
MA0GCSqGSIb3DQEBCwUAA4IBAQCT4zW+PNUYnJ1sCQClcfgtHcyDl7fO7WmCSZ8g
F38u6y4Lz/HoUHv1b7RR2rWDVRuGG2gttbjFWtNfjY0qMFPDs0WQrxc3DWomsBcG
ULYip3BdjXpaA8XCK50gdX6nsKIN/TcOcVuR5yQXXET/OVegQfdqvG3joSvSXMtQ
SJvXj6FoHRshOJiVTiHd8HXh/GJ5b1hCKunmfAnI5LKoDMti53ipcWC8fs9Sckb1
pTF0kGxWOGeFw8Tp8CgQm3xxfFWcq+XTcYQpWI49EH6kiRzVq+zShCVVpy8dzj4r
sukvYiQkq4lLC+UsI4Rx8z86UiOAIA6gbwKZ+54tf+zUp7wJ
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:32 2024 by rpki-client on console-fra.rpki-client.org