Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hZopwtZlZ3xTeYJ4EynJX6zsw1s.roa
File: hZopwtZlZ3xTeYJ4EynJX6zsw1s.roa (raw, json)
Hash identifier: xmFBHUkkiE6XACyUsikZsGRZl1oVOr4jYes0e3JJruk=
Subject key identifier: 85:9A:29:C2:D6:65:67:7C:53:79:82:78:13:29:C9:5F:AC:EC:C3:5B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01887646838ABCF77B1C2855F13724FB9E05
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hZopwtZlZ3xTeYJ4EynJX6zsw1s.roa
Signing time: Thu 01 Jun 2023 09:25:12 +0000
ROA not before: Thu 01 Jun 2023 09:25:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202256
IP address blocks: 2a10:ccc7:9000::/40 maxlen: 48
2a10:ccc7:9200::/40 maxlen: 48
2a10:ccc7:9300::/40 maxlen: 48
2a0e:97c6:4000::/34 maxlen: 48
2a06:de01:800::/38 maxlen: 48
2a10:ccc6:400::/38 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:76:46:83:8a:bc:f7:7b:1c:28:55:f1:37:24:fb:9e:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 1 09:25:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=859a29c2d665677c537982781329c95facecc35b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e9:bd:1e:69:65:e9:cf:90:58:cf:82:77:74:
e8:79:05:44:24:50:91:fa:14:76:c0:f8:f4:65:4a:
a1:e5:af:56:f5:16:46:c2:5f:ba:32:fb:96:1e:24:
12:2d:4c:e0:47:14:50:06:be:27:96:06:1d:16:a1:
d2:39:34:ff:21:30:2c:dc:e0:b5:2b:79:0d:32:00:
23:7d:be:0a:a6:1f:38:ed:11:5b:3c:08:88:01:9c:
6e:50:37:54:9d:55:41:ce:7d:24:15:2a:aa:5b:70:
50:f4:d5:d4:db:3b:12:d6:69:e0:c0:e1:92:13:3f:
9c:ff:93:73:ac:ef:a6:51:c3:c0:f8:62:17:0e:ee:
2a:7e:20:c5:00:9a:6c:8e:c0:22:f7:b2:e8:89:ef:
1c:f3:3a:c8:95:a7:ae:4f:37:1c:9a:50:0d:da:23:
a2:a9:ab:42:e2:3a:51:ee:93:e6:f5:b6:19:a8:62:
79:31:29:c8:de:6e:9f:bd:78:de:3f:a7:2e:9f:a6:
68:4b:56:6e:9d:66:81:bb:81:83:9f:c0:5b:e5:1d:
86:cd:ce:5d:96:26:4c:48:f1:2e:69:4f:db:3e:29:
76:30:da:4b:b0:aa:ce:99:41:0d:45:ee:af:d0:fd:
9e:ac:ed:41:69:39:bb:d3:ad:18:02:e1:13:18:c6:
8e:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:9A:29:C2:D6:65:67:7C:53:79:82:78:13:29:C9:5F:AC:EC:C3:5B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hZopwtZlZ3xTeYJ4EynJX6zsw1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de01:800::/38
2a0e:97c6:4000::/34
2a10:ccc6:400::/38
2a10:ccc7:9000::/40
2a10:ccc7:9200::/39
Signature Algorithm: sha256WithRSAEncryption
92:c1:6f:77:ff:2e:8b:2b:49:69:a9:dd:0f:7a:a4:05:8e:39:
fb:f5:10:9a:7a:66:0c:c8:46:34:4a:dc:1e:a1:4c:67:76:46:
e5:57:6b:1d:1f:61:17:e8:ec:58:bb:23:37:f6:ca:40:d7:77:
a8:c5:28:96:6b:71:93:29:93:8e:af:84:3f:28:c7:8a:0f:f0:
31:45:e5:1d:0d:c0:94:82:6e:7d:36:b9:d4:04:24:16:29:91:
5b:91:d7:9e:5f:1a:42:f0:b4:ae:72:ed:34:9d:16:6b:dc:f6:
8d:c4:fd:55:17:64:21:52:e8:26:a4:8c:b7:52:56:30:49:66:
67:76:01:34:ba:e0:0c:77:ef:4c:91:fd:96:24:e8:d7:b7:ad:
5b:9a:9f:36:0b:61:ef:a3:6d:f9:7c:e3:2f:82:ac:27:69:c8:
f3:9e:63:93:d4:ba:b4:31:f0:b7:f6:a4:13:c2:64:53:08:7f:
97:52:27:be:28:d3:66:63:eb:97:5d:cb:11:6d:87:06:5a:c5:
fd:1f:33:e8:36:8b:1b:05:94:29:4d:88:89:b5:4c:d1:7b:64:
99:d4:96:e9:fc:a4:b7:c2:fb:1d:3f:fd:30:34:62:ef:6f:4c:
78:49:75:61:98:ec:09:59:91:3c:8e:cc:e2:d5:2e:de:f8:2d:
7d:45:44:c8
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYh2RoOKvPd7HChV8Tck+54FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNjAxMDkyNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTlhMjljMmQ2NjU2NzdjNTM3OTgyNzgxMzI5Yzk1ZmFjZWNjMzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+m9Hmll6c+QWM+Cd3ToeQVEJFCR
+hR2wPj0ZUqh5a9W9RZGwl+6MvuWHiQSLUzgRxRQBr4nlgYdFqHSOTT/ITAs3OC1
K3kNMgAjfb4Kph847RFbPAiIAZxuUDdUnVVBzn0kFSqqW3BQ9NXU2zsS1mngwOGS
Ez+c/5NzrO+mUcPA+GIXDu4qfiDFAJpsjsAi97Loie8c8zrIlaeuTzccmlAN2iOi
qatC4jpR7pPm9bYZqGJ5MSnI3m6fvXjeP6cun6ZoS1ZunWaBu4GDn8Bb5R2Gzc5d
liZMSPEuaU/bPil2MNpLsKrOmUENRe6v0P2erO1BaTm7060YAuETGMaOUQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFIWaKcLWZWd8U3mCeBMpyV+s7MNbMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaFpvcHd0WmxaM3hUZVlKNEV5bkpYNnpzdzFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAAjAoAwYCKgbeAQgD
BgYqDpfGQAMGAioQzMYEAwYAKhDMx5ADBgEqEMzHkjANBgkqhkiG9w0BAQsFAAOC
AQEAksFvd/8uiytJaandD3qkBY45+/UQmnpmDMhGNErcHqFMZ3ZG5VdrHR9hF+js
WLsjN/bKQNd3qMUolmtxkymTjq+EPyjHig/wMUXlHQ3AlIJufTa51AQkFimRW5HX
nl8aQvC0rnLtNJ0Wa9z2jcT9VRdkIVLoJqSMt1JWMElmZ3YBNLrgDHfvTJH9liTo
17etW5qfNgth76Nt+XzjL4KsJ2nI855jk9S6tDHwt/akE8JkUwh/l1InvijTZmPr
l13LEW2HBlrF/R8z6DaLGwWUKU2IibVM0XtkmdSW6fykt8L7HT/9MDRi729MeEl1
YZjsCVmRPI7M4tUu3vgtfUVEyA==
-----END CERTIFICATE-----
Generated at Tue Aug 1 23:21:53 2023 by rpki-client on console-ams.rpki-client.org