Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/k8P-4SakgBBCxEvVH0khwJ5VESQ.roa
File: k8P-4SakgBBCxEvVH0khwJ5VESQ.roa (raw, json)
Hash identifier: tVCq3Cdwgu9z4BPUmGb6GW0P5ozj4V+dfPOq3fCXDqw=
Subject key identifier: 93:C3:FE:E1:26:A4:80:10:42:C4:4B:D5:1F:49:21:C0:9E:55:11:24
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48AE0F10BE81811C465BE2C50A4467A
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/k8P-4SakgBBCxEvVH0khwJ5VESQ.roa
Signing time: Tue 24 Jan 2023 16:09:44 +0000
ROA not before: Tue 24 Jan 2023 16:09:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208699
IP address blocks: 2a0e:97c0:730::/48 maxlen: 48
2a0e:97c0:731::/48 maxlen: 48
2a0e:97c0:738::/45 maxlen: 48
2a0e:b107:9fe::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:e0:f1:0b:e8:18:11:c4:65:be:2c:50:a4:46:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93c3fee126a4801042c44bd51f4921c09e551124
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:4b:09:66:32:97:15:19:c2:ed:70:19:97:ba:
20:00:a3:f3:0e:c9:a1:2d:5e:f9:2f:07:ce:ca:39:
31:5e:1c:1d:72:89:75:45:1c:43:d8:cc:b1:dd:c0:
d2:74:8d:36:0c:6c:1d:8a:70:f8:0e:0c:1a:56:6b:
55:17:b8:79:42:5f:2c:aa:62:63:3e:d3:72:b9:d5:
7a:98:d0:c9:b9:c2:af:41:fc:b2:51:fc:62:5d:53:
55:97:68:13:fd:eb:94:11:d9:df:1b:f6:f8:45:54:
4e:3e:cb:0f:cd:0c:ff:6f:cc:9e:d2:03:1f:ed:f0:
77:4b:b3:25:fb:1c:d5:be:47:0c:e1:41:7a:80:e3:
46:75:7a:eb:0b:42:d5:13:e9:2c:8a:f1:cb:95:98:
2c:cb:7c:fc:7a:5c:40:fc:94:11:cc:3c:f5:11:c2:
82:a1:22:3a:11:7b:e0:bd:19:44:ae:1a:20:31:ec:
45:29:01:1d:3d:a7:2c:4f:f8:ea:84:f3:98:ae:29:
58:02:ba:96:78:46:9d:35:8e:80:bf:6e:dc:fe:24:
02:72:83:c7:35:6f:c4:71:72:9d:81:d6:63:b9:70:
44:29:ea:a1:38:0e:36:15:05:03:5b:18:80:93:77:
c7:23:a1:1d:0d:a4:83:7c:0e:44:b3:68:03:a4:2c:
4a:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:C3:FE:E1:26:A4:80:10:42:C4:4B:D5:1F:49:21:C0:9E:55:11:24
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/k8P-4SakgBBCxEvVH0khwJ5VESQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:730::/47
2a0e:97c0:738::/45
2a0e:b107:9fe::/48
Signature Algorithm: sha256WithRSAEncryption
92:24:e5:32:fb:cf:44:2d:05:ab:0c:7c:da:25:78:c0:55:96:
e0:b3:47:62:f0:8e:90:3c:3e:b5:52:14:52:3a:e1:47:2c:59:
79:17:41:2b:c3:8c:4b:4c:60:26:df:f4:73:fb:70:73:a3:d3:
3f:eb:75:d9:7b:e3:ce:96:cf:71:aa:16:a7:33:a8:a8:f5:19:
51:47:00:57:b5:03:df:c8:33:6d:9d:bd:24:c0:5f:f6:8e:06:
07:d9:6f:50:6d:ac:6e:e8:a7:3a:61:cf:24:85:1a:05:ea:1b:
ae:44:f8:65:92:64:ae:7d:9a:7d:4e:a5:ef:a1:e3:24:06:df:
73:b7:4e:1d:c5:a3:9a:2b:29:77:bf:3a:a6:58:c2:36:b7:01:
1f:22:88:bc:99:20:a2:1d:3d:ef:e9:31:6a:f3:b8:c1:e5:67:
14:74:c4:5b:dc:72:14:08:7a:36:68:6e:1a:51:05:68:c4:4d:
11:c7:e6:b4:45:c0:ca:e0:44:42:88:13:ee:f2:2b:81:ea:4c:
ba:29:c7:12:ab:f9:bb:b4:63:7a:59:52:be:3f:b5:5f:88:03:
23:b8:cc:a7:d9:3f:dc:45:bd:f6:f2:52:a9:0e:6d:74:3d:b4:
b1:35:77:50:7b:1c:75:51:93:6b:9b:97:24:c7:25:b2:24:0e:
a7:75:58:e6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYXkiuDxC+gYEcRlvixQpEZ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2MzZmVlMTI2YTQ4MDEwNDJjNDRiZDUxZjQ5MjFjMDllNTUxMTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEsJZjKXFRnC7XAZl7ogAKPzDsmh
LV75LwfOyjkxXhwdcol1RRxD2Myx3cDSdI02DGwdinD4DgwaVmtVF7h5Ql8sqmJj
PtNyudV6mNDJucKvQfyyUfxiXVNVl2gT/euUEdnfG/b4RVROPssPzQz/b8ye0gMf
7fB3S7Ml+xzVvkcM4UF6gONGdXrrC0LVE+ksivHLlZgsy3z8elxA/JQRzDz1EcKC
oSI6EXvgvRlErhogMexFKQEdPacsT/jqhPOYrilYArqWeEadNY6Av27c/iQCcoPH
NW/EcXKdgdZjuXBEKeqhOA42FQUDWxiAk3fHI6EdDaSDfA5Es2gDpCxKhQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJPD/uEmpIAQQsRL1R9JIcCeVREkMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvazhQLTRTYWtnQkJDeEV2Vkgwa2h3SjVWRVNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcBKg6XwAcw
AwcDKg6XwAc4AwcAKg6xBwn+MA0GCSqGSIb3DQEBCwUAA4IBAQCSJOUy+89ELQWr
DHzaJXjAVZbgs0di8I6QPD61UhRSOuFHLFl5F0Erw4xLTGAm3/Rz+3Bzo9M/63XZ
e+POls9xqhanM6io9RlRRwBXtQPfyDNtnb0kwF/2jgYH2W9Qbaxu6Kc6Yc8khRoF
6huuRPhlkmSufZp9TqXvoeMkBt9zt04dxaOaKyl3vzqmWMI2twEfIoi8mSCiHT3v
6TFq87jB5WcUdMRb3HIUCHo2aG4aUQVoxE0Rx+a0RcDK4ERCiBPu8iuB6ky6KccS
q/m7tGN6WVK+P7VfiAMjuMyn2T/cRb328lKpDm10PbSxNXdQexx1UZNrm5ckxyWy
JA6ndVjm
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:33 2024 by rpki-client on console-fra.rpki-client.org