Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/k0oZWs3iRIJbtYu55K6lAiQCW1Y.roa
File: k0oZWs3iRIJbtYu55K6lAiQCW1Y.roa (raw, json)
Hash identifier: PnV1RxSaBln0GNPUQ8Axr7hXikz4lKetuGvVGOGA+mc=
Subject key identifier: 93:4A:19:5A:CD:E2:44:82:5B:B5:8B:B9:E4:AE:A5:02:24:02:5B:56
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018BF46F60ED8D6F2E31D8E4256E1A03044F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/k0oZWs3iRIJbtYu55K6lAiQCW1Y.roa
Signing time: Wed 22 Nov 2023 00:30:21 +0000
ROA not before: Wed 22 Nov 2023 00:30:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51939
IP address blocks: 2a0e:97c0:5c5::/48 maxlen: 48
2a0e:97c0:5c0::/44 maxlen: 48
2a0e:97c0:5c8::/48 maxlen: 48
2a0e:97c0:5c0::/48 maxlen: 48
2a0e:97c0:5c3::/48 maxlen: 48
2a0e:97c0:5ce::/48 maxlen: 48
2a0e:97c0:5c1::/48 maxlen: 48
2a0e:97c0:5cf::/48 maxlen: 48
2a0e:97c0:5ca::/48 maxlen: 48
2a0e:97c0:5c2::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f4:6f:60:ed:8d:6f:2e:31:d8:e4:25:6e:1a:03:04:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 22 00:30:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=934a195acde244825bb58bb9e4aea50224025b56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f5:3a:b4:53:e1:91:56:c4:0e:49:5c:b2:28:
f1:bf:86:bc:0d:19:c9:f7:6b:b7:f9:fd:dd:5b:50:
05:f3:1d:b6:90:4c:0b:c2:64:28:14:2e:6b:9f:32:
82:e0:40:9d:ce:5b:92:2f:83:a6:33:5a:64:e3:b4:
e9:da:8c:8b:f6:a4:83:c4:cb:c3:77:0c:55:64:a1:
ee:0e:a4:12:c3:f4:cb:f1:90:74:f7:bd:93:d0:8b:
10:eb:45:d6:42:fa:c8:28:a3:bb:2e:5c:54:ba:3f:
6a:ed:2c:57:ec:4c:89:a5:f1:96:b1:f8:02:f0:2e:
2a:a2:2b:ca:e5:73:bf:93:f1:3b:06:66:3b:30:69:
1d:a0:54:9e:7b:18:6b:8e:66:92:69:a2:8d:43:9a:
bf:60:fb:79:1d:39:5b:64:45:1e:80:35:ac:8b:8e:
5b:2b:cf:e0:e3:65:a5:3c:6d:d6:20:fb:52:07:f6:
1f:39:c2:b9:9d:08:90:84:f9:03:25:b5:fd:ba:95:
6a:8e:b9:5e:28:60:b5:90:6d:14:19:cb:62:a8:c2:
ee:5e:76:65:80:bc:32:81:b3:dd:21:ac:09:d8:b5:
76:b1:3d:8a:0c:18:d8:30:39:01:15:b5:81:b3:d6:
d6:7f:95:73:4a:69:0f:45:4f:9d:88:8e:6d:6c:7c:
18:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:4A:19:5A:CD:E2:44:82:5B:B5:8B:B9:E4:AE:A5:02:24:02:5B:56
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/k0oZWs3iRIJbtYu55K6lAiQCW1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:5c0::/44
Signature Algorithm: sha256WithRSAEncryption
3d:e4:e0:97:05:c5:fb:62:08:24:1f:69:eb:58:05:34:36:75:
2a:32:47:1a:1d:df:db:d0:62:ac:d3:bb:49:e2:9c:39:53:c5:
55:2c:13:b7:b6:68:e5:f2:f1:54:fe:c3:e6:e3:fc:3c:75:37:
53:76:1a:d3:88:93:81:dd:18:dc:0e:ac:db:e4:45:24:a3:9b:
ce:87:44:4d:29:4a:15:52:40:a4:c3:23:09:4b:27:53:b6:8a:
f4:61:b2:61:bf:36:e3:93:a4:14:2d:21:ca:0a:35:08:13:68:
c6:8f:b3:c0:e8:1a:22:06:89:5a:ce:0f:d9:a4:30:cd:26:ed:
83:71:9d:e0:76:35:b3:60:fc:ae:5b:cf:7b:9d:4a:75:54:0f:
b8:9e:e8:03:25:39:f0:bd:0f:89:03:86:db:69:b7:56:8e:0e:
bd:d4:17:cf:a3:44:ac:f0:1a:b7:bf:27:18:9f:f5:52:8e:d5:
ff:e0:04:59:c7:71:fc:75:8e:4c:19:ac:5d:ba:45:eb:7e:fa:
17:36:45:fb:1a:39:40:1f:5f:7a:e5:6e:2f:09:46:42:a0:7a:
c3:27:10:2b:aa:98:d3:1a:9f:94:ec:86:d3:09:a1:9d:12:80:
fd:cf:86:8a:ec:28:25:3f:ed:cb:95:a7:48:58:d0:57:46:e0:
fd:1c:78:21
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYv0b2DtjW8uMdjkJW4aAwRPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMTIyMDAzMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzRhMTk1YWNkZTI0NDgyNWJiNThiYjllNGFlYTUwMjI0MDI1YjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/U6tFPhkVbEDklcsijxv4a8DRnJ
92u3+f3dW1AF8x22kEwLwmQoFC5rnzKC4ECdzluSL4OmM1pk47Tp2oyL9qSDxMvD
dwxVZKHuDqQSw/TL8ZB0972T0IsQ60XWQvrIKKO7LlxUuj9q7SxX7EyJpfGWsfgC
8C4qoivK5XO/k/E7BmY7MGkdoFSeexhrjmaSaaKNQ5q/YPt5HTlbZEUegDWsi45b
K8/g42WlPG3WIPtSB/YfOcK5nQiQhPkDJbX9upVqjrleKGC1kG0UGctiqMLuXnZl
gLwygbPdIawJ2LV2sT2KDBjYMDkBFbWBs9bWf5VzSmkPRU+diI5tbHwYwwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJNKGVrN4kSCW7WLueSupQIkAltWMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvazBvWldzM2lSSUpidFl1NTVLNmxBaVFDVzFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAXA
MA0GCSqGSIb3DQEBCwUAA4IBAQA95OCXBcX7YggkH2nrWAU0NnUqMkcaHd/b0GKs
07tJ4pw5U8VVLBO3tmjl8vFU/sPm4/w8dTdTdhrTiJOB3RjcDqzb5EUko5vOh0RN
KUoVUkCkwyMJSydTtor0YbJhvzbjk6QULSHKCjUIE2jGj7PA6BoiBolazg/ZpDDN
Ju2DcZ3gdjWzYPyuW897nUp1VA+4nugDJTnwvQ+JA4bbabdWjg691BfPo0Ss8Bq3
vycYn/VSjtX/4ARZx3H8dY5MGaxdukXrfvoXNkX7GjlAH1965W4vCUZCoHrDJxAr
qpjTGp+U7IbTCaGdEoD9z4aK7CglP+3LladIWNBXRuD9HHgh
-----END CERTIFICATE-----
Generated at Sun Nov 26 04:33:32 2023 by rpki-client on console-fra.rpki-client.org