Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hkIruDx6zVciWuyjJDokF5Y8u60.roa
File: hkIruDx6zVciWuyjJDokF5Y8u60.roa (raw, json)
Hash identifier: IfWbLlJ9CbppesU9vj7rxvfC/KkJNbccA/Dp60e0aY4=
Subject key identifier: 86:42:2B:B8:3C:7A:CD:57:22:5A:EC:A3:24:3A:24:17:96:3C:BB:AD
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E80745F9B6FC09CED3BF4B3E711F3C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hkIruDx6zVciWuyjJDokF5Y8u60.roa
Signing time: Mon 02 Jan 2023 05:15:32 +0000
ROA not before: Mon 02 Jan 2023 05:15:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211544
IP address blocks: 2a0e:97c0:2e0::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e8:07:45:f9:b6:fc:09:ce:d3:bf:4b:3e:71:1f:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86422bb83c7acd57225aeca3243a2417963cbbad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:bf:36:1e:5c:9b:31:44:91:3c:89:bc:92:d0:
e3:02:ed:9b:0d:10:b5:47:c8:b7:4e:2d:39:65:24:
4a:64:8f:04:4c:a8:58:7b:94:f8:0e:93:ed:21:e1:
dc:a9:27:4e:d7:5d:d1:68:6f:66:56:50:8e:1a:9b:
e4:7a:88:05:6a:58:22:da:62:7a:9c:a6:3a:ba:39:
4b:f1:c1:29:2c:8d:0d:ad:3d:66:e7:1c:89:b2:08:
88:c2:19:08:48:99:44:90:37:aa:0f:29:ae:fc:bd:
c2:04:27:0d:93:c9:3d:b4:bd:61:21:ba:3c:51:71:
42:90:74:52:42:72:57:34:38:2d:1d:d6:be:b5:29:
f0:e7:11:67:1e:cc:1b:d6:76:e2:7a:4b:2f:92:dd:
ba:21:a9:3a:6e:90:bc:78:9d:bb:a2:bf:6d:ee:c1:
20:a6:0f:b2:55:5d:ef:69:a9:ad:e0:4c:b5:60:45:
64:47:36:31:4d:db:ea:1a:c0:36:e2:f6:f1:ea:02:
a7:11:0d:51:e2:c4:ab:73:86:62:34:41:b2:c7:ce:
3d:22:0c:e0:06:0a:6b:87:00:21:db:a2:e0:0b:39:
e5:a9:2e:11:9d:7e:86:23:a0:ea:eb:9d:04:19:3f:
f1:c8:dd:ea:65:24:20:60:7b:7d:fa:ac:60:5b:6c:
a1:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:42:2B:B8:3C:7A:CD:57:22:5A:EC:A3:24:3A:24:17:96:3C:BB:AD
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hkIruDx6zVciWuyjJDokF5Y8u60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:2e0::/44
Signature Algorithm: sha256WithRSAEncryption
c7:cf:d1:1e:e1:f3:52:3e:5b:c4:e6:c4:8c:44:ff:1b:fc:3a:
2a:50:e1:e3:ab:6a:9d:c5:1d:4c:8a:32:db:02:f7:bd:4a:1e:
03:37:dd:86:df:a5:1e:8a:1e:ef:e3:07:5d:20:d5:6c:c1:58:
ce:7d:37:da:fa:0d:6e:d5:d5:43:ab:cf:92:3f:29:b6:39:5b:
0e:7a:88:12:cc:eb:fe:63:fa:72:7e:d8:03:78:68:59:cd:9b:
55:67:6a:34:c3:cc:7b:70:b3:2e:46:07:9b:c0:3b:f6:94:49:
c3:1d:0a:1e:fd:ca:c7:e5:b6:7f:f2:40:06:bb:d6:2d:18:1b:
b6:da:20:6a:dd:f4:04:c8:59:9b:9b:cd:8a:ed:18:02:30:b5:
76:76:03:f2:16:15:1f:14:8e:64:19:09:eb:e8:e3:36:70:dc:
9e:06:f1:61:13:7a:fc:5f:40:27:98:28:d3:0a:fc:55:f1:de:
5c:1e:fe:52:e0:b4:7a:a6:77:70:e3:c8:d3:d3:89:8d:94:55:
9c:0f:d2:f8:15:79:f2:8f:23:4c:7b:c6:ad:52:50:ae:8f:dc:
25:29:02:8f:30:bb:9c:91:52:ca:23:c4:c8:64:1e:52:93:f1:
c3:1d:ac:02:4a:b6:c7:6c:8b:d9:16:7a:3a:8a:73:10:9a:46:
db:6b:d2:3f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw6AdF+bb8Cc7Tv0s+cR88MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjQyMmJiODNjN2FjZDU3MjI1YWVjYTMyNDNhMjQxNzk2M2NiYmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn782HlybMUSRPIm8ktDjAu2bDRC1
R8i3Ti05ZSRKZI8ETKhYe5T4DpPtIeHcqSdO113RaG9mVlCOGpvkeogFalgi2mJ6
nKY6ujlL8cEpLI0NrT1m5xyJsgiIwhkISJlEkDeqDymu/L3CBCcNk8k9tL1hIbo8
UXFCkHRSQnJXNDgtHda+tSnw5xFnHswb1nbieksvkt26Iak6bpC8eJ27or9t7sEg
pg+yVV3vaamt4Ey1YEVkRzYxTdvqGsA24vbx6gKnEQ1R4sSrc4ZiNEGyx849Igzg
BgprhwAh26LgCznlqS4RnX6GI6Dq650EGT/xyN3qZSQgYHt9+qxgW2yhEQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIZCK7g8es1XIlrsoyQ6JBeWPLutMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaGtJcnVEeDZ6VmNpV3V5akpEb2tGNVk4dTYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwALg
MA0GCSqGSIb3DQEBCwUAA4IBAQDHz9Ee4fNSPlvE5sSMRP8b/DoqUOHjq2qdxR1M
ijLbAve9Sh4DN92G36Ueih7v4wddINVswVjOfTfa+g1u1dVDq8+SPym2OVsOeogS
zOv+Y/pyftgDeGhZzZtVZ2o0w8x7cLMuRgebwDv2lEnDHQoe/crH5bZ/8kAGu9Yt
GBu22iBq3fQEyFmbm82K7RgCMLV2dgPyFhUfFI5kGQnr6OM2cNyeBvFhE3r8X0An
mCjTCvxV8d5cHv5S4LR6pndw48jT04mNlFWcD9L4FXnyjyNMe8atUlCuj9wlKQKP
MLuckVLKI8TIZB5Sk/HDHawCSrbHbIvZFno6inMQmkbba9I/
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:32 2024 by rpki-client on console-fra.rpki-client.org