Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hBoYh487gXDTWGAcrjDR4N5bpWc.roa
File: hBoYh487gXDTWGAcrjDR4N5bpWc.roa (raw, json)
Hash identifier: 7S7bCgFo+7adggfBBFm1X34ZoPX83HAOyZ9WuzS4OLg=
Subject key identifier: 84:1A:18:87:8F:3B:81:70:D3:58:60:1C:AE:30:D1:E0:DE:5B:A5:67
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7BC4680964096F6BC4DA6906FAF54
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hBoYh487gXDTWGAcrjDR4N5bpWc.roa
Signing time: Mon 02 Jan 2023 05:15:13 +0000
ROA not before: Mon 02 Jan 2023 05:15:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204617
IP address blocks: 2a0e:97c0:b40::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:bc:46:80:96:40:96:f6:bc:4d:a6:90:6f:af:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=841a18878f3b8170d358601cae30d1e0de5ba567
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:89:57:ac:c5:29:4a:56:b6:6c:1a:8c:81:57:
b7:f2:8b:0c:11:18:05:f2:53:f3:8e:c3:83:58:cc:
cc:7b:a1:e6:63:6c:30:98:b0:c4:d5:82:de:74:c7:
62:dd:09:5f:d3:93:0f:93:55:ab:bf:a3:06:9b:06:
23:0f:99:e7:ed:c9:26:a8:26:cf:36:d1:83:16:aa:
2e:4e:24:37:b3:83:0b:0a:89:2e:97:e2:ef:5f:c9:
d7:50:71:15:28:92:17:5d:ec:21:e2:1b:4d:9e:57:
18:d5:98:62:41:3b:e2:68:8d:48:64:12:dd:0f:82:
56:3c:11:b8:53:06:6d:c3:80:a7:a9:22:b7:37:fa:
ec:ba:1e:de:8b:bf:12:59:5c:63:7a:c9:b7:30:3e:
35:4b:31:19:a4:eb:b1:a4:ed:b7:20:6d:1f:c1:53:
ce:8e:ff:7d:9e:96:4f:6d:85:dd:85:29:de:dc:fb:
f4:2a:a5:70:50:bd:76:96:62:17:9a:3c:fa:73:66:
cb:f2:bb:37:e6:bb:4c:16:71:77:4b:40:af:ce:00:
84:b0:db:4a:93:c4:8d:44:9d:61:b8:0a:99:10:31:
de:f4:61:84:58:51:ef:ea:9f:2e:2b:bd:7d:92:44:
03:3a:5f:43:af:8a:f5:db:6c:20:8f:ff:2f:37:19:
d6:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:1A:18:87:8F:3B:81:70:D3:58:60:1C:AE:30:D1:E0:DE:5B:A5:67
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hBoYh487gXDTWGAcrjDR4N5bpWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:b40::/44
Signature Algorithm: sha256WithRSAEncryption
34:06:41:89:1d:3c:a6:e1:aa:39:21:45:35:a1:24:38:a0:28:
4b:36:02:37:45:b6:a1:b8:d6:ed:8d:66:cf:7d:d8:33:18:b6:
9c:77:ad:10:2a:81:02:75:ba:67:22:fd:a7:3d:c4:9d:ca:b1:
17:ad:9b:51:e0:61:d7:0b:ab:8e:2b:77:b7:2d:5b:c0:69:7c:
0b:ae:57:6b:e3:3d:54:9a:8b:2f:3f:07:dc:9d:e1:2f:66:e2:
62:29:7c:f1:e9:ab:69:c6:ca:f3:5e:c9:be:09:53:52:87:b8:
f9:6f:2e:e8:49:ea:5c:79:cf:b0:7f:75:f2:41:d7:17:22:e5:
f3:e8:31:f4:98:8c:4d:7e:ec:61:a6:1e:7b:e5:55:3e:c9:55:
61:97:6b:26:29:42:43:1e:a7:e2:be:bf:f3:37:42:43:5b:30:
82:6f:28:bd:0c:12:5d:6c:bd:e9:a0:dd:8f:f1:48:aa:74:fa:
86:3d:aa:6b:76:c0:6f:8e:0f:de:39:9a:dd:46:7f:37:7e:b1:
d6:c6:e5:65:82:3d:8a:bd:17:7d:bd:f2:9e:76:f7:ed:e7:ee:
2b:da:0a:1d:3b:9e:26:b7:a7:ac:6c:11:e4:fe:c5:77:b4:3e:
81:ce:8a:1f:0d:85:35:0b:40:31:3d:59:9b:60:2f:b9:fa:d8:
cd:33:92:cc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw57xGgJZAlva8TaaQb69UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDFhMTg4NzhmM2I4MTcwZDM1ODYwMWNhZTMwZDFlMGRlNWJhNTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsolXrMUpSla2bBqMgVe38osMERgF
8lPzjsODWMzMe6HmY2wwmLDE1YLedMdi3Qlf05MPk1Wrv6MGmwYjD5nn7ckmqCbP
NtGDFqouTiQ3s4MLCokul+LvX8nXUHEVKJIXXewh4htNnlcY1ZhiQTviaI1IZBLd
D4JWPBG4UwZtw4CnqSK3N/rsuh7ei78SWVxjesm3MD41SzEZpOuxpO23IG0fwVPO
jv99npZPbYXdhSne3Pv0KqVwUL12lmIXmjz6c2bL8rs35rtMFnF3S0CvzgCEsNtK
k8SNRJ1huAqZEDHe9GGEWFHv6p8uK719kkQDOl9Dr4r122wgj/8vNxnWYwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIQaGIePO4Fw01hgHK4w0eDeW6VnMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaEJvWWg0ODdnWERUV0dBY3JqRFI0TjVicFdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAtA
MA0GCSqGSIb3DQEBCwUAA4IBAQA0BkGJHTym4ao5IUU1oSQ4oChLNgI3RbahuNbt
jWbPfdgzGLacd60QKoECdbpnIv2nPcSdyrEXrZtR4GHXC6uOK3e3LVvAaXwLrldr
4z1UmosvPwfcneEvZuJiKXzx6atpxsrzXsm+CVNSh7j5by7oSepcec+wf3XyQdcX
IuXz6DH0mIxNfuxhph575VU+yVVhl2smKUJDHqfivr/zN0JDWzCCbyi9DBJdbL3p
oN2P8UiqdPqGPaprdsBvjg/eOZrdRn83frHWxuVlgj2KvRd9vfKedvft5+4r2god
O54mt6esbBHk/sV3tD6BzoofDYU1C0AxPVmbYC+5+tjNM5LM
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:32 2024 by rpki-client on console-fra.rpki-client.org