Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/h5JbyBfR2qRSV8yGFPL6lS2KNoU.roa
File: h5JbyBfR2qRSV8yGFPL6lS2KNoU.roa (raw, json)
Hash identifier: 00bt3qg82pjiWuv9BrPnGeaZd61bsQR6Dju2F2eJd1A=
Subject key identifier: 87:92:5B:C8:17:D1:DA:A4:52:57:CC:86:14:F2:FA:95:2D:8A:36:85
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48AB7FF1EE38AA9CC3B9A24F86D5308
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/h5JbyBfR2qRSV8yGFPL6lS2KNoU.roa
Signing time: Tue 24 Jan 2023 16:09:34 +0000
ROA not before: Tue 24 Jan 2023 16:09:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9886
IP address blocks: 2a10:2f00:12a::/48 maxlen: 48
2a0e:b107:f08::/45 maxlen: 45
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:b7:ff:1e:e3:8a:a9:cc:3b:9a:24:f8:6d:53:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87925bc817d1daa45257cc8614f2fa952d8a3685
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:40:f4:60:86:21:91:24:cf:39:05:26:df:88:
ab:0f:cc:f4:79:ba:85:a7:85:14:0a:58:ea:c6:e2:
c4:43:7d:8c:70:22:9c:0e:a4:1a:a5:f3:ec:67:92:
16:c0:2b:88:3e:05:4a:f2:29:f5:38:d5:02:26:5a:
b8:97:ac:ee:02:04:25:0b:6f:d7:08:a7:27:30:56:
34:8e:b3:d1:c0:42:99:bd:5e:09:4e:bd:61:71:7d:
0a:4a:a6:77:66:68:ab:87:06:1e:87:81:6d:26:54:
f1:a0:f2:93:28:af:7b:b4:56:0c:b5:86:a8:c0:69:
65:8b:5e:d5:99:be:3a:4a:9c:94:59:da:13:7c:2f:
40:22:2c:68:3b:55:a8:aa:25:cc:a8:86:41:47:1b:
bf:c0:4c:1c:22:2b:b9:4f:2b:be:69:20:67:dc:7e:
e8:76:3f:b8:0c:9c:2e:6b:d1:52:d9:7f:83:23:8b:
b3:77:7f:d1:e9:01:da:df:5d:2e:b9:6e:07:9d:71:
37:dd:03:6f:ef:a3:41:d0:3e:db:38:37:9d:8b:de:
34:b6:f7:d5:39:eb:0d:d0:8d:5b:f6:a8:43:e5:60:
93:d1:4a:21:17:7a:c8:ef:19:a7:94:ee:90:03:59:
9d:76:81:b5:11:00:1c:07:93:86:59:69:dd:55:fc:
4f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:92:5B:C8:17:D1:DA:A4:52:57:CC:86:14:F2:FA:95:2D:8A:36:85
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/h5JbyBfR2qRSV8yGFPL6lS2KNoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:f08::/45
2a10:2f00:12a::/48
Signature Algorithm: sha256WithRSAEncryption
a6:6f:e2:b3:45:5b:c7:e0:ce:0a:20:1e:6b:22:d7:35:eb:b8:
b2:3b:59:ab:50:21:f0:83:d9:91:29:25:a3:eb:30:03:00:36:
31:38:b3:85:ce:3b:2e:ab:d6:54:04:61:eb:29:64:38:14:05:
79:6c:40:2c:24:16:9f:f8:e6:a3:10:e9:fc:5d:e4:5a:42:06:
60:42:73:ce:f5:92:d0:d0:84:8e:a5:aa:98:51:c5:bf:c1:19:
f2:cc:09:74:4a:89:77:ea:b4:23:31:4a:61:3e:e8:c5:aa:7a:
bc:d0:84:9f:fc:91:08:83:3a:90:77:a1:c1:48:67:7f:e6:5a:
c2:39:8b:01:b0:62:05:22:31:b5:3d:83:24:91:e1:75:9b:38:
46:dd:e0:37:55:fc:27:91:d3:e5:06:2c:6d:48:ca:e7:41:9f:
8e:3c:fc:95:38:62:f5:cf:2a:97:0e:54:12:ce:b4:77:04:f7:
4a:ee:30:74:b5:91:c5:8c:ba:cf:1c:ad:a0:60:1e:ae:39:f8:
4f:cf:a4:f5:3e:2c:5d:9e:13:87:19:b3:fc:4b:6c:d8:aa:58:
c0:95:1a:45:4f:a8:b4:60:95:2a:59:62:cd:f4:8e:ac:dd:98:
fd:88:7a:e0:e0:5f:24:2d:1f:5f:9b:3d:59:b4:b0:47:e7:ed:
d9:5e:3a:b8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXkirf/HuOKqcw7miT4bVMIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzkyNWJjODE3ZDFkYWE0NTI1N2NjODYxNGYyZmE5NTJkOGEzNjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskD0YIYhkSTPOQUm34irD8z0ebqF
p4UUCljqxuLEQ32McCKcDqQapfPsZ5IWwCuIPgVK8in1ONUCJlq4l6zuAgQlC2/X
CKcnMFY0jrPRwEKZvV4JTr1hcX0KSqZ3ZmirhwYeh4FtJlTxoPKTKK97tFYMtYao
wGlli17Vmb46SpyUWdoTfC9AIixoO1WoqiXMqIZBRxu/wEwcIiu5Tyu+aSBn3H7o
dj+4DJwua9FS2X+DI4uzd3/R6QHa310uuW4HnXE33QNv76NB0D7bODedi940tvfV
OesN0I1b9qhD5WCT0UohF3rI7xmnlO6QA1mddoG1EQAcB5OGWWndVfxPIQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIeSW8gX0dqkUlfMhhTy+pUtijaFMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaDVKYnlCZlIycVJTVjh5R0ZQTDZsUzJLTm9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcDKg6xBw8I
AwcAKhAvAAEqMA0GCSqGSIb3DQEBCwUAA4IBAQCmb+KzRVvH4M4KIB5rItc167iy
O1mrUCHwg9mRKSWj6zADADYxOLOFzjsuq9ZUBGHrKWQ4FAV5bEAsJBaf+OajEOn8
XeRaQgZgQnPO9ZLQ0ISOpaqYUcW/wRnyzAl0Sol36rQjMUphPujFqnq80ISf/JEI
gzqQd6HBSGd/5lrCOYsBsGIFIjG1PYMkkeF1mzhG3eA3VfwnkdPlBixtSMrnQZ+O
PPyVOGL1zyqXDlQSzrR3BPdK7jB0tZHFjLrPHK2gYB6uOfhPz6T1PixdnhOHGbP8
S2zYqljAlRpFT6i0YJUqWWLN9I6s3Zj9iHrg4F8kLR9fmz1ZtLBH5+3ZXjq4
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:51 2024 by rpki-client on console-ams.rpki-client.org