Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/juXnfPvIsgpnRH2hWu_P1wkeoiE.roa
File: juXnfPvIsgpnRH2hWu_P1wkeoiE.roa (raw, json)
Hash identifier: GXIZrLjyJ6JFWW6tdeHaIBroZroJ2gdqg7pSt/byjDU=
Subject key identifier: 8E:E5:E7:7C:FB:C8:B2:0A:67:44:7D:A1:5A:EF:CF:D7:09:1E:A2:21
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018A7B133CADBABD80D3FD37854937FD6746
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/juXnfPvIsgpnRH2hWu_P1wkeoiE.roa
Signing time: Sat 09 Sep 2023 17:52:52 +0000
ROA not before: Sat 09 Sep 2023 17:52:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31898
IP address blocks: 2a0e:b107:360::/48 maxlen: 48
2a0e:b107:f50::/44 maxlen: 48
2a0e:b107:362::/48 maxlen: 48
2a0e:b107:364::/48 maxlen: 48
2a0e:b107:361::/48 maxlen: 48
2a0e:b107:366::/48 maxlen: 48
2a0e:b107:363::/48 maxlen: 48
2a0e:97c0:aba::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:7b:13:3c:ad:ba:bd:80:d3:fd:37:85:49:37:fd:67:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 9 17:52:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ee5e77cfbc8b20a67447da15aefcfd7091ea221
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ad:8c:fd:81:0e:1d:ef:5d:31:8b:b2:b9:7c:
31:ba:7f:b3:17:c6:63:d0:5b:1e:b8:3e:23:d8:92:
c4:27:1b:2e:c1:1f:28:e4:79:ea:e0:da:96:75:a7:
74:2d:20:0b:e1:e6:04:da:e0:78:a0:56:a9:42:f8:
13:f8:cb:ad:8a:4e:18:79:2a:1f:1f:5a:25:45:b8:
f3:a1:4e:5c:1f:21:96:93:2f:bf:30:0b:08:fe:25:
35:20:30:cd:88:12:11:27:06:9e:7e:39:fe:54:d2:
32:1f:e7:66:79:8e:c3:3c:5a:c7:11:fb:a6:ba:76:
77:ad:d2:3b:04:d1:4f:08:bb:99:aa:05:36:e7:67:
f4:cd:72:1e:15:34:81:66:7d:0d:03:b2:a8:7f:f9:
77:76:56:ae:a2:f5:63:0e:c0:6f:8d:1e:d0:f4:12:
1c:3b:34:db:48:50:bf:df:09:24:86:03:65:f4:72:
86:d4:a7:46:b5:70:90:ca:98:d4:92:78:18:99:db:
a5:e1:06:90:bf:b8:07:30:dc:78:92:86:bf:be:a1:
02:ed:2d:70:10:b6:a8:4d:04:c4:c6:4c:f4:6b:98:
1a:de:a6:f0:cc:0b:03:12:32:a1:e9:f2:25:8f:1f:
0b:ec:f4:93:8b:af:68:0b:f6:ea:03:86:28:c2:88:
6f:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:E5:E7:7C:FB:C8:B2:0A:67:44:7D:A1:5A:EF:CF:D7:09:1E:A2:21
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/juXnfPvIsgpnRH2hWu_P1wkeoiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:aba::/48
2a0e:b107:360::-2a0e:b107:364:ffff:ffff:ffff:ffff:ffff
2a0e:b107:366::/48
2a0e:b107:f50::/44
Signature Algorithm: sha256WithRSAEncryption
a0:17:0c:5e:fe:45:39:f0:26:70:d8:59:a0:4f:8c:da:83:b7:
bd:4a:0c:2e:68:79:1e:ef:de:13:af:70:ba:35:db:0e:f4:27:
62:96:54:0a:b1:f7:bc:d2:b5:9b:a5:b4:bc:fa:6e:3e:46:bc:
15:73:b6:a2:c0:87:b3:57:f0:28:9d:1f:e8:91:2b:a5:b5:01:
68:91:d0:bf:62:28:d3:8e:b6:e8:18:e2:41:e0:c4:84:d1:18:
89:eb:27:15:63:f2:b2:a4:42:e4:9f:fc:3f:7b:ac:98:5c:48:
63:08:81:86:fc:b6:d3:93:3f:01:cd:2e:34:43:ad:10:d9:76:
31:89:29:32:88:0b:63:68:7f:54:23:ff:43:6c:e6:b3:84:09:
1c:61:8a:cf:c2:e5:bd:6b:9f:f1:3f:e5:21:34:36:34:eb:38:
eb:ca:e7:79:06:4a:57:96:84:8e:b4:1e:72:3d:58:83:fa:29:
cf:8a:18:ba:b2:1c:9e:a2:e2:d3:6b:34:f5:54:ed:c1:42:3d:
fd:b5:45:81:fb:f6:1e:66:02:7e:91:b1:ed:74:be:1f:6d:76:
c0:ea:2a:a5:c3:c9:15:bb:8e:b0:92:2b:8e:20:a0:50:f0:5b:
83:f5:8c:18:f6:b1:68:00:4a:08:53:88:1e:5a:1b:ef:af:c8:
c1:40:18:f4
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYp7Ezytur2A0/03hUk3/WdGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwOTA5MTc1MjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWU1ZTc3Y2ZiYzhiMjBhNjc0NDdkYTE1YWVmY2ZkNzA5MWVhMjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlK2M/YEOHe9dMYuyuXwxun+zF8Zj
0FseuD4j2JLEJxsuwR8o5Hnq4NqWdad0LSAL4eYE2uB4oFapQvgT+Mutik4YeSof
H1olRbjzoU5cHyGWky+/MAsI/iU1IDDNiBIRJwaefjn+VNIyH+dmeY7DPFrHEfum
unZ3rdI7BNFPCLuZqgU252f0zXIeFTSBZn0NA7Kof/l3dlauovVjDsBvjR7Q9BIc
OzTbSFC/3wkkhgNl9HKG1KdGtXCQypjUkngYmdul4QaQv7gHMNx4koa/vqEC7S1w
ELaoTQTExkz0a5ga3qbwzAsDEjKh6fIljx8L7PSTi69oC/bqA4YowohvCQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFI7l53z7yLIKZ0R9oVrvz9cJHqIhMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvanVYbmZQdklzZ3BuUkgyaFd1X1Axd2tlb2lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzA1BAIAAjAvAwcAKg6XwAq6
MBIDBwUqDrEHA2ADBwAqDrEHA2QDBwAqDrEHA2YDBwQqDrEHD1AwDQYJKoZIhvcN
AQELBQADggEBAKAXDF7+RTnwJnDYWaBPjNqDt71KDC5oeR7v3hOvcLo12w70J2KW
VAqx97zStZultLz6bj5GvBVztqLAh7NX8CidH+iRK6W1AWiR0L9iKNOOtugY4kHg
xITRGInrJxVj8rKkQuSf/D97rJhcSGMIgYb8ttOTPwHNLjRDrRDZdjGJKTKIC2No
f1Qj/0Ns5rOECRxhis/C5b1rn/E/5SE0NjTrOOvK53kGSleWhI60HnI9WIP6Kc+K
GLqyHJ6i4tNrNPVU7cFCPf21RYH79h5mAn6Rse10vh9tdsDqKqXDyRW7jrCSK44g
oFDwW4P1jBj2sWgASghTiB5aG++vyMFAGPQ=
-----END CERTIFICATE-----
Generated at Sun Sep 10 21:13:52 2023 by rpki-client on console-ams.rpki-client.org