Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hZMlp2mRaJMIJ3fXQkHHIfWKQq8.roa
File: hZMlp2mRaJMIJ3fXQkHHIfWKQq8.roa (raw, json)
Hash identifier: /zVSjIEQVCb5otZ3oq9tgG3S44ktpJBZs7RLPornoM0=
Subject key identifier: 85:93:25:A7:69:91:68:93:08:27:77:D7:42:41:C7:21:F5:8A:42:AF
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E644036609FC4863927A1ADB71EA65A3
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hZMlp2mRaJMIJ3fXQkHHIfWKQq8.roa
Signing time: Wed 25 Jan 2023 00:11:34 +0000
ROA not before: Wed 25 Jan 2023 00:11:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47422
IP address blocks: 2a0e:b107:620::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e6:44:03:66:09:fc:48:63:92:7a:1a:db:71:ea:65:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 25 00:11:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=859325a769916893082777d74241c721f58a42af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:37:75:b9:a1:a7:6b:0a:bb:f2:aa:72:71:60:
1a:7b:c7:53:02:ae:89:59:c4:87:59:80:57:cc:f6:
25:e0:c1:65:28:75:2d:25:ce:a4:27:55:a9:68:16:
40:42:aa:ab:7d:81:f2:cc:2f:e4:97:d7:b8:52:28:
2c:fa:18:b1:4b:9f:df:b0:1d:4d:b3:f8:be:75:74:
c7:32:67:e7:19:2e:f6:f3:03:94:5f:61:fe:b8:89:
dd:46:7f:84:d0:11:5d:7f:b8:8e:eb:e1:13:4c:7a:
ea:15:e1:3e:6d:ae:90:4f:6a:42:44:64:85:ac:eb:
37:4c:94:f9:1a:36:5d:74:7f:f2:11:63:19:35:fd:
c0:e3:f9:c4:40:7a:a4:e5:fe:e7:64:62:f7:b2:04:
51:87:8d:1b:19:81:5a:48:aa:0d:cf:c8:55:f0:59:
91:f6:79:80:ca:38:9f:e1:81:72:d1:15:1f:53:d0:
a9:57:19:b5:fe:61:f8:91:de:59:58:91:83:fb:71:
86:e2:f0:53:14:b8:d3:e2:2a:5c:8f:ae:8c:4d:e5:
ec:e1:39:63:1c:00:30:c2:d9:84:be:48:97:d5:d1:
86:8e:ec:e1:2b:63:64:26:b6:d4:a9:78:96:32:06:
49:48:85:d5:75:86:46:51:a4:07:d7:1f:e3:7b:ef:
99:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:93:25:A7:69:91:68:93:08:27:77:D7:42:41:C7:21:F5:8A:42:AF
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hZMlp2mRaJMIJ3fXQkHHIfWKQq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:620::/44
Signature Algorithm: sha256WithRSAEncryption
07:82:51:c5:96:2e:d3:22:41:24:90:9b:b8:95:39:54:a8:fe:
ec:7a:24:81:87:7f:d3:97:f0:92:a1:64:61:7b:c9:ff:5c:03:
cf:b4:29:3d:ba:be:16:64:5c:6f:ac:c7:ef:0d:52:5e:cd:7a:
0f:d8:a9:29:e5:12:96:c6:b3:87:1f:d5:b8:16:41:32:ae:59:
e0:5b:ca:8f:87:2e:22:a1:34:15:8c:89:c6:28:46:d5:40:c9:
ad:02:0b:bb:37:62:e6:1d:f9:83:2d:ea:7e:ac:e9:fa:89:44:
ce:f4:80:6d:cd:90:3f:55:6b:7a:83:17:5d:7c:8d:db:48:a6:
bb:e7:39:fc:24:7f:87:ed:e2:cf:36:0d:61:fa:27:f1:57:0f:
c2:fb:d1:d7:a5:41:4c:a8:78:77:47:84:4c:f9:9f:d3:20:19:
6b:d4:18:ec:d0:86:01:86:bb:fc:10:be:74:7c:34:1c:ae:f2:
0e:08:5c:28:96:c8:e0:72:48:0a:b2:98:b4:2f:85:34:f9:b3:
cb:bc:ad:b4:eb:7b:64:c7:36:3e:59:fa:0d:93:c3:3c:3e:2e:
4a:56:48:d7:68:85:13:d4:d4:33:38:d2:cc:20:47:6f:9f:be:
40:a5:8e:b2:04:ae:9a:6b:7a:04:4c:69:83:24:e1:33:b7:5a:
f2:6b:d6:ec
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXmRANmCfxIY5J6Gttx6mWjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI1MDAxMTM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTkzMjVhNzY5OTE2ODkzMDgyNzc3ZDc0MjQxYzcyMWY1OGE0MmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijd1uaGnawq78qpycWAae8dTAq6J
WcSHWYBXzPYl4MFlKHUtJc6kJ1WpaBZAQqqrfYHyzC/kl9e4Uigs+hixS5/fsB1N
s/i+dXTHMmfnGS728wOUX2H+uIndRn+E0BFdf7iO6+ETTHrqFeE+ba6QT2pCRGSF
rOs3TJT5GjZddH/yEWMZNf3A4/nEQHqk5f7nZGL3sgRRh40bGYFaSKoNz8hV8FmR
9nmAyjif4YFy0RUfU9CpVxm1/mH4kd5ZWJGD+3GG4vBTFLjT4ipcj66MTeXs4Tlj
HAAwwtmEvkiX1dGGjuzhK2NkJrbUqXiWMgZJSIXVdYZGUaQH1x/je++ZpQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIWTJadpkWiTCCd310JBxyH1ikKvMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaFpNbHAybVJhSk1JSjNmWFFrSEhJZldLUXE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBwYg
MA0GCSqGSIb3DQEBCwUAA4IBAQAHglHFli7TIkEkkJu4lTlUqP7seiSBh3/Tl/CS
oWRhe8n/XAPPtCk9ur4WZFxvrMfvDVJezXoP2Kkp5RKWxrOHH9W4FkEyrlngW8qP
hy4ioTQVjInGKEbVQMmtAgu7N2LmHfmDLep+rOn6iUTO9IBtzZA/VWt6gxddfI3b
SKa75zn8JH+H7eLPNg1h+ifxVw/C+9HXpUFMqHh3R4RM+Z/TIBlr1Bjs0IYBhrv8
EL50fDQcrvIOCFwolsjgckgKspi0L4U0+bPLvK2063tkxzY+WfoNk8M8Pi5KVkjX
aIUT1NQzONLMIEdvn75ApY6yBK6aa3oETGmDJOEzt1rya9bs
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:32 2024 by rpki-client on console-fra.rpki-client.org