Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iU0rWKf0oCl0cD9Gfy5iV1rpEAA.roa
File: iU0rWKf0oCl0cD9Gfy5iV1rpEAA.roa (raw, json)
Hash identifier: HPIJDzk+DJNLzyhCi0956m0+h7l0RAa36t1wCbnQ7Oo=
Subject key identifier: 89:4D:2B:58:A7:F4:A0:29:74:70:3F:46:7F:2E:62:57:5A:E9:10:00
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018A077DE2797D781C48DD0E1CBDB6FB9855
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iU0rWKf0oCl0cD9Gfy5iV1rpEAA.roa
Signing time: Fri 18 Aug 2023 07:13:25 +0000
ROA not before: Fri 18 Aug 2023 07:13:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212332
IP address blocks: 2a0e:b107:27b0::/47 maxlen: 48
2a0e:b107:27b2::/47 maxlen: 48
2a0e:b107:27b4::/47 maxlen: 48
2a0e:b107:27b6::/47 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:07:7d:e2:79:7d:78:1c:48:dd:0e:1c:bd:b6:fb:98:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 18 07:13:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=894d2b58a7f4a02974703f467f2e62575ae91000
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:83:49:1b:1f:01:11:2e:13:73:ba:23:d0:44:
1b:e2:29:be:ca:73:43:e8:1c:2d:85:ab:e2:a9:82:
9e:15:f2:de:d0:bc:05:04:77:67:8f:4d:e8:d9:32:
89:9c:17:80:20:64:0a:33:19:7b:09:cd:99:f5:f5:
65:1f:08:c3:8d:a9:00:4f:a3:ca:59:d2:d5:b3:32:
8a:02:5e:ac:b4:81:6a:ce:2b:5f:ce:6e:9f:d6:92:
09:e9:55:39:58:e5:c5:33:31:22:db:4f:03:55:e8:
45:84:8e:29:47:10:e8:42:16:fe:60:db:5b:fe:0e:
1c:7f:d5:15:72:c1:77:06:6e:ec:aa:5b:18:66:b8:
1f:23:71:d7:89:de:21:3c:d7:e2:ef:e4:35:b2:54:
7e:6e:79:dd:f8:50:37:2e:4f:58:ab:f9:b1:60:ff:
8d:00:44:b4:60:63:e4:19:d3:72:e6:0f:d0:3b:4a:
17:28:47:34:47:fd:1b:b5:70:1b:71:6e:26:5c:80:
ab:c7:d0:eb:5e:a2:68:2e:0f:c9:91:1f:ff:ca:49:
8d:5f:1e:71:5d:bf:71:3f:05:74:78:4a:bc:cb:6c:
2b:bd:ad:86:98:61:02:54:ee:d7:88:24:f2:7b:a9:
1d:06:56:56:cf:8a:a6:44:57:18:0c:55:40:6d:97:
a0:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:4D:2B:58:A7:F4:A0:29:74:70:3F:46:7F:2E:62:57:5A:E9:10:00
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iU0rWKf0oCl0cD9Gfy5iV1rpEAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:27b0::/45
Signature Algorithm: sha256WithRSAEncryption
20:03:6a:05:a7:4e:3e:6f:70:1f:09:a7:87:e1:af:4c:88:96:
ba:c4:12:15:38:68:f1:fb:05:31:10:33:0f:5d:25:42:ab:b9:
74:2a:93:13:ba:42:64:1b:8d:9b:24:92:c7:3f:84:e9:1a:3f:
22:03:26:56:9c:fd:e6:af:16:79:05:0c:79:12:b6:cb:0c:d6:
0b:66:9f:1d:b0:a7:c9:f0:f0:11:c7:00:a8:c4:90:dc:f3:d1:
8e:d2:f8:44:d9:0c:43:76:f7:e8:bd:00:26:55:ed:a3:7b:d4:
89:1b:e2:f6:f6:4e:43:b6:cd:1e:94:17:cd:1e:61:eb:c6:ef:
8f:2d:5d:a3:73:34:f8:f9:cf:26:71:95:22:7c:00:7c:5e:02:
55:76:17:8b:e3:32:63:e2:3a:b7:48:b8:cb:de:f0:e8:42:2f:
2c:04:0e:c9:14:42:49:2c:77:93:01:12:c2:9c:9e:fc:6e:d1:
3b:9c:47:8d:1c:7f:da:e1:45:72:39:54:49:9d:49:00:82:93:
0f:9b:87:b4:31:42:05:c3:4c:9a:9e:e7:92:3a:44:be:79:fa:
03:a5:61:d3:3e:4a:55:e0:8d:ac:c7:e7:58:4c:4e:cc:6c:54:
8d:45:d2:87:4c:d7:b6:86:35:c7:c1:1f:b6:e1:79:3c:a0:09:
dd:d1:af:a0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYoHfeJ5fXgcSN0OHL22+5hVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwODE4MDcxMzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTRkMmI1OGE3ZjRhMDI5NzQ3MDNmNDY3ZjJlNjI1NzVhZTkxMDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArINJGx8BES4Tc7oj0EQb4im+ynND
6BwthaviqYKeFfLe0LwFBHdnj03o2TKJnBeAIGQKMxl7Cc2Z9fVlHwjDjakAT6PK
WdLVszKKAl6stIFqzitfzm6f1pIJ6VU5WOXFMzEi208DVehFhI4pRxDoQhb+YNtb
/g4cf9UVcsF3Bm7sqlsYZrgfI3HXid4hPNfi7+Q1slR+bnnd+FA3Lk9Yq/mxYP+N
AES0YGPkGdNy5g/QO0oXKEc0R/0btXAbcW4mXICrx9DrXqJoLg/JkR//ykmNXx5x
Xb9xPwV0eEq8y2wrva2GmGECVO7XiCTye6kdBlZWz4qmRFcYDFVAbZeguQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIlNK1in9KApdHA/Rn8uYlda6RAAMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaVUwcldLZjBvQ2wwY0Q5R2Z5NWlWMXJwRUFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcDKg6xByew
MA0GCSqGSIb3DQEBCwUAA4IBAQAgA2oFp04+b3AfCaeH4a9MiJa6xBIVOGjx+wUx
EDMPXSVCq7l0KpMTukJkG42bJJLHP4TpGj8iAyZWnP3mrxZ5BQx5ErbLDNYLZp8d
sKfJ8PARxwCoxJDc89GO0vhE2QxDdvfovQAmVe2je9SJG+L29k5Dts0elBfNHmHr
xu+PLV2jczT4+c8mcZUifAB8XgJVdheL4zJj4jq3SLjL3vDoQi8sBA7JFEJJLHeT
ARLCnJ78btE7nEeNHH/a4UVyOVRJnUkAgpMPm4e0MUIFw0yanueSOkS+efoDpWHT
PkpV4I2sx+dYTE7MbFSNRdKHTNe2hjXHwR+24Xk8oAnd0a+g
-----END CERTIFICATE-----
Generated at Tue Nov 21 18:37:34 2023 by rpki-client on console-fra.rpki-client.org