Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iXILs9gubhqvF-feAmbBuBd_nHQ.roa
File: iXILs9gubhqvF-feAmbBuBd_nHQ.roa (raw, json)
Hash identifier: xZmZjEQfgqpNAogtWfydJRp7dT9HZY6NihkBolUgG9g=
Subject key identifier: 89:72:0B:B3:D8:2E:6E:1A:AF:17:E7:DE:02:66:C1:B8:17:7F:9C:74
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018A74A25F4E913F6A6CAE551E60A7BB57CA
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iXILs9gubhqvF-feAmbBuBd_nHQ.roa
Signing time: Fri 08 Sep 2023 11:51:52 +0000
ROA not before: Fri 08 Sep 2023 11:51:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202458
IP address blocks: 2a0e:97c0:c00::/44 maxlen: 48
2a0e:97c0:c01::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:74:a2:5f:4e:91:3f:6a:6c:ae:55:1e:60:a7:bb:57:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 8 11:51:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89720bb3d82e6e1aaf17e7de0266c1b8177f9c74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:7a:4d:22:32:79:26:52:cd:98:90:06:b4:05:
51:be:42:b1:5d:ce:7f:a9:10:fe:f7:d2:14:db:d5:
66:ae:de:c6:62:c0:d7:80:1c:41:07:d8:8c:d3:c1:
31:d8:f7:2f:5d:b8:3a:f2:8a:08:ff:05:8f:d4:07:
3f:f3:cd:ed:ff:06:ce:a7:10:da:8f:8d:0d:8d:71:
c0:57:73:b3:4d:2f:27:fa:c7:52:70:62:6e:7b:de:
42:28:c9:d7:3a:c0:24:fc:d8:f3:ca:10:87:b1:bd:
77:77:c8:eb:b8:aa:21:84:32:e0:03:a4:60:1d:3f:
8c:f6:f0:d8:cb:64:e9:dc:d6:23:72:ad:85:b0:da:
48:ec:10:35:13:31:b0:9c:9a:10:5c:7c:8f:6c:cd:
eb:e4:03:a2:4a:f5:8a:d8:bc:1b:86:98:ad:83:fa:
c7:c2:b9:87:20:1d:f8:10:5e:3a:f6:55:df:56:b3:
7c:b3:57:58:87:ee:33:d9:00:9e:66:0a:07:8f:11:
cb:7a:a1:24:0b:7d:d0:43:00:4f:c5:3e:44:00:29:
c3:c1:39:46:21:66:40:b8:82:6f:27:f1:1b:0d:91:
10:39:15:91:4c:93:ef:d1:ef:db:08:4b:c6:92:36:
2d:25:09:52:15:af:a4:3e:e6:11:9d:14:52:73:67:
70:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:72:0B:B3:D8:2E:6E:1A:AF:17:E7:DE:02:66:C1:B8:17:7F:9C:74
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iXILs9gubhqvF-feAmbBuBd_nHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:c00::/44
Signature Algorithm: sha256WithRSAEncryption
5c:8f:fb:43:5b:a8:a3:97:db:d4:32:f7:cc:2e:20:35:cd:0e:
4b:3d:f0:54:55:08:2d:cb:88:63:cb:47:be:6c:53:47:64:9d:
e5:cf:ad:6d:29:db:ed:9b:96:41:38:3d:c4:c2:a3:bc:0c:4c:
9e:63:48:06:35:bb:44:d7:4e:26:94:b8:ab:3a:17:91:7c:c2:
d3:7f:6c:d6:af:7d:ee:fb:c9:e8:fa:e8:74:e9:af:ca:11:2f:
6c:ca:85:3a:8c:99:5b:cb:72:42:f9:57:b2:d6:76:a9:46:c8:
a8:f8:12:29:5c:41:ad:be:4e:15:26:f4:be:e3:54:50:3b:08:
de:eb:4b:4b:ab:54:e8:72:b1:a6:72:e8:70:72:c7:c8:ac:a6:
99:c9:cf:82:f9:82:81:65:6c:dc:6a:ee:cd:6b:db:12:d4:d0:
2a:3a:55:39:cc:24:ae:0c:62:28:26:f6:18:6d:63:65:15:be:
b9:b4:1f:ed:04:54:17:45:1e:a5:33:b7:c1:3b:8f:e9:c0:44:
d1:c1:af:95:56:a9:e2:c4:a1:da:ce:77:54:a8:78:84:08:fd:
be:57:65:cc:c3:6a:9c:15:72:7c:c4:eb:9d:f3:65:05:86:f2:
10:a8:4a:99:a9:6f:5a:b2:db:8f:94:03:b2:a8:40:d3:36:a5:
55:9d:46:d1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYp0ol9OkT9qbK5VHmCnu1fKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwOTA4MTE1MTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTcyMGJiM2Q4MmU2ZTFhYWYxN2U3ZGUwMjY2YzFiODE3N2Y5Yzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2XpNIjJ5JlLNmJAGtAVRvkKxXc5/
qRD+99IU29Vmrt7GYsDXgBxBB9iM08Ex2PcvXbg68ooI/wWP1Ac/883t/wbOpxDa
j40NjXHAV3OzTS8n+sdScGJue95CKMnXOsAk/NjzyhCHsb13d8jruKohhDLgA6Rg
HT+M9vDYy2Tp3NYjcq2FsNpI7BA1EzGwnJoQXHyPbM3r5AOiSvWK2Lwbhpitg/rH
wrmHIB34EF469lXfVrN8s1dYh+4z2QCeZgoHjxHLeqEkC33QQwBPxT5EACnDwTlG
IWZAuIJvJ/EbDZEQORWRTJPv0e/bCEvGkjYtJQlSFa+kPuYRnRRSc2dwjQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIlyC7PYLm4arxfn3gJmwbgXf5x0MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaVhJTHM5Z3ViaHF2Ri1mZUFtYkJ1QmRfbkhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAwA
MA0GCSqGSIb3DQEBCwUAA4IBAQBcj/tDW6ijl9vUMvfMLiA1zQ5LPfBUVQgty4hj
y0e+bFNHZJ3lz61tKdvtm5ZBOD3EwqO8DEyeY0gGNbtE104mlLirOheRfMLTf2zW
r33u+8no+uh06a/KES9syoU6jJlby3JC+Vey1napRsio+BIpXEGtvk4VJvS+41RQ
Owje60tLq1TocrGmcuhwcsfIrKaZyc+C+YKBZWzcau7Na9sS1NAqOlU5zCSuDGIo
JvYYbWNlFb65tB/tBFQXRR6lM7fBO4/pwETRwa+VVqnixKHazndUqHiECP2+V2XM
w2qcFXJ8xOud82UFhvIQqEqZqW9astuPlAOyqEDTNqVVnUbR
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:33 2024 by rpki-client on console-fra.rpki-client.org