Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jBaJKaQ42TiEXrAfXZpSYcXZHrs.roa
File: jBaJKaQ42TiEXrAfXZpSYcXZHrs.roa (raw, json)
Hash identifier: O3Ew8T43xhcSohWmHIMD3QwhkYZCrsHg97I3DKZsZxc=
Subject key identifier: 8C:16:89:29:A4:38:D9:38:84:5E:B0:1F:5D:9A:52:61:C5:D9:1E:BB
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0188D469D5B1F8A0BD75D1814E67EDF08C95
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jBaJKaQ42TiEXrAfXZpSYcXZHrs.roa
Signing time: Mon 19 Jun 2023 16:08:05 +0000
ROA not before: Mon 19 Jun 2023 16:08:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208328
IP address blocks: 2a0e:97c0:640::/44 maxlen: 48
2a0e:97c0:643::/48 maxlen: 48
2a0e:97c0:644::/48 maxlen: 48
2a0e:97c0:644::/46 maxlen: 48
2a0e:97c0:642::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d4:69:d5:b1:f8:a0:bd:75:d1:81:4e:67:ed:f0:8c:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 19 16:08:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c168929a438d938845eb01f5d9a5261c5d91ebb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:5f:27:e8:ef:cc:78:32:d5:a9:e8:80:9f:8c:
2d:a1:7c:04:15:05:6b:84:f3:c0:6e:a3:c2:24:21:
c2:d0:ac:95:23:f5:11:6a:78:2f:78:18:12:f9:8e:
81:a8:bb:64:64:7e:9e:6f:ae:54:2b:5b:6d:fa:95:
fd:7f:ce:60:ee:7b:05:95:4e:01:c6:73:3b:e2:a7:
4a:02:b8:cb:cc:5e:59:6c:f5:e7:90:e5:b2:01:8b:
4c:98:6e:08:97:e0:a7:f5:1a:3e:bd:ae:d2:01:2d:
a9:79:71:48:2c:d8:07:95:4b:63:5f:5e:b9:d9:bb:
a4:db:01:0f:1a:e6:74:c3:f9:20:f5:ab:a8:19:35:
c7:cf:f3:bf:d5:1b:a8:96:b6:a4:89:42:bc:7a:b1:
32:c5:6b:a6:56:7a:0e:dd:79:fb:25:dd:5d:5e:dc:
77:38:a0:af:a7:a9:ef:91:d9:5c:50:f0:cf:71:db:
90:18:80:1a:59:0c:ba:c3:a4:c0:2a:b3:ee:70:96:
1b:87:ff:52:64:22:df:d4:2b:61:ee:6f:ef:e3:6b:
3c:04:06:2f:35:04:7b:88:0a:7f:f0:0d:78:d3:a7:
52:f1:bd:fb:1c:5b:6a:12:6e:a4:24:c0:23:6b:0e:
c9:8d:73:3f:65:30:24:37:4f:00:9c:de:2d:17:70:
cc:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:16:89:29:A4:38:D9:38:84:5E:B0:1F:5D:9A:52:61:C5:D9:1E:BB
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jBaJKaQ42TiEXrAfXZpSYcXZHrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:640::/44
Signature Algorithm: sha256WithRSAEncryption
18:48:d8:f4:01:ba:3e:30:20:e3:80:9c:9e:65:c8:b8:49:ac:
f9:f3:53:fb:e1:a3:2c:08:b5:16:6d:ab:b6:26:c5:f1:ca:58:
8d:d4:82:ab:bc:a4:c4:a3:69:e3:df:4c:97:4a:4d:ed:c8:f1:
ff:fc:cf:26:e4:e0:25:61:75:4d:49:f6:5e:83:85:50:f1:54:
ae:34:ab:6c:01:53:3b:d6:d9:60:a1:89:9d:7e:f0:a2:a1:0c:
1e:7c:04:49:a6:ed:96:11:59:5e:45:e0:de:61:36:3e:5d:b7:
34:1b:8c:1d:7b:9d:8a:e2:1a:db:49:31:32:95:e4:f8:3a:fb:
81:11:5a:3f:7e:40:d8:7f:63:ec:6c:4a:cb:68:bd:84:3f:e6:
b3:55:87:94:eb:e2:ed:c8:70:88:b0:4a:70:35:e7:ff:64:dc:
d5:2d:20:a5:16:c3:a5:7f:8f:9d:d3:b5:a0:e0:54:27:20:07:
8b:2d:fb:69:44:f8:90:23:11:50:9b:ff:df:ad:c0:7c:0b:5e:
14:ae:ca:45:e7:e0:01:f3:2c:17:e2:50:c6:fe:6d:50:3f:e4:
ed:4c:5c:b2:10:d2:ea:8a:ac:c0:88:20:c7:db:c0:b2:09:c3:
77:90:a0:8b:3a:35:40:97:51:ae:e3:05:5d:52:fd:46:a2:0b:
06:e7:76:62
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYjUadWx+KC9ddGBTmft8IyVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNjE5MTYwODA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzE2ODkyOWE0MzhkOTM4ODQ1ZWIwMWY1ZDlhNTI2MWM1ZDkxZWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp18n6O/MeDLVqeiAn4wtoXwEFQVr
hPPAbqPCJCHC0KyVI/URangveBgS+Y6BqLtkZH6eb65UK1tt+pX9f85g7nsFlU4B
xnM74qdKArjLzF5ZbPXnkOWyAYtMmG4Il+Cn9Ro+va7SAS2peXFILNgHlUtjX165
2buk2wEPGuZ0w/kg9auoGTXHz/O/1RuolrakiUK8erEyxWumVnoO3Xn7Jd1dXtx3
OKCvp6nvkdlcUPDPcduQGIAaWQy6w6TAKrPucJYbh/9SZCLf1Cth7m/v42s8BAYv
NQR7iAp/8A1406dS8b37HFtqEm6kJMAjaw7JjXM/ZTAkN08AnN4tF3DM2QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIwWiSmkONk4hF6wH12aUmHF2R67MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvakJhSkthUTQyVGlFWHJBZlhacFNZY1haSHJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAZA
MA0GCSqGSIb3DQEBCwUAA4IBAQAYSNj0Abo+MCDjgJyeZci4Saz581P74aMsCLUW
bau2JsXxyliN1IKrvKTEo2nj30yXSk3tyPH//M8m5OAlYXVNSfZeg4VQ8VSuNKts
AVM71tlgoYmdfvCioQwefARJpu2WEVleReDeYTY+Xbc0G4wde52K4hrbSTEyleT4
OvuBEVo/fkDYf2PsbErLaL2EP+azVYeU6+LtyHCIsEpwNef/ZNzVLSClFsOlf4+d
07Wg4FQnIAeLLftpRPiQIxFQm//frcB8C14UrspF5+AB8ywX4lDG/m1QP+TtTFyy
ENLqiqzAiCDH28CyCcN3kKCLOjVAl1Gu4wVdUv1GogsG53Zi
-----END CERTIFICATE-----
Generated at Wed Oct 11 15:59:05 2023 by rpki-client on console-ams.rpki-client.org