Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kP6vy9xcZ0mQKbRXrq7z2STh75Q.roa
File: kP6vy9xcZ0mQKbRXrq7z2STh75Q.roa (raw, json)
Hash identifier: R6InKGjTZsH+AoPPf2gR881wyuR4PPCl1/95vZO+3NM=
Subject key identifier: 90:FE:AF:CB:DC:5C:67:49:90:29:B4:57:AE:AE:F3:D9:24:E1:EF:94
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48AD35253E63ACA29986B2EEADC75B8
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kP6vy9xcZ0mQKbRXrq7z2STh75Q.roa
Signing time: Tue 24 Jan 2023 16:09:41 +0000
ROA not before: Tue 24 Jan 2023 16:09:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203943
IP address blocks: 2a0e:b107:5a2::/48 maxlen: 48
2a0e:b107:5a1::/48 maxlen: 48
2a0e:b107:5a3::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:d3:52:53:e6:3a:ca:29:98:6b:2e:ea:dc:75:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90feafcbdc5c67499029b457aeaef3d924e1ef94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:11:4b:53:72:8c:7c:06:7f:01:f4:71:d2:68:
40:c6:f3:07:33:aa:76:e6:9e:b7:c9:39:99:81:91:
a7:3b:63:42:d2:50:8d:c7:b2:e2:e5:ce:3b:75:8a:
cd:2c:5b:4c:0a:a2:ee:60:e0:c7:3e:dc:1b:1f:d5:
e9:f0:40:1e:c9:98:10:af:d5:ed:a4:c5:97:87:42:
13:fe:7b:75:dc:dd:e2:a4:2d:5b:fa:3d:be:88:30:
58:93:13:6b:23:86:b1:fc:1e:69:b6:dd:5e:cc:5d:
17:9b:2d:b0:b1:a6:34:6d:f0:b1:38:95:68:b3:14:
fb:8e:f1:ac:7a:cf:d7:5f:9a:78:fc:af:6c:6e:30:
95:65:0e:cb:23:fb:19:e0:b9:3b:d6:11:8e:82:66:
85:2a:4a:dc:e7:34:96:51:8f:74:a0:51:00:82:dd:
94:09:84:99:48:10:d5:11:11:ca:df:e9:f7:d3:22:
da:b0:d2:ef:f2:91:7c:4c:6f:8f:3d:3f:5a:ff:a8:
11:7e:b1:74:89:33:26:06:3f:81:c4:60:0c:9a:bc:
51:bd:58:5c:95:69:41:4f:c2:b6:0b:87:28:2f:af:
e6:7e:c0:61:b9:02:a0:83:dc:06:7b:c0:fc:22:8d:
b5:18:4a:55:b0:ba:e5:32:25:a1:0b:7d:23:a6:76:
66:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:FE:AF:CB:DC:5C:67:49:90:29:B4:57:AE:AE:F3:D9:24:E1:EF:94
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kP6vy9xcZ0mQKbRXrq7z2STh75Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:5a1::-2a0e:b107:5a3:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a5:61:94:f4:be:1e:c4:2d:e4:28:94:60:cb:35:08:1e:a6:b5:
99:7d:3b:93:d0:e2:7d:92:7f:d7:cc:f2:4f:b1:4e:cd:98:88:
3c:d1:5e:67:9e:d3:d3:95:c3:e6:f7:ef:2d:d8:9e:66:92:63:
ec:7a:1b:bf:c3:40:b7:e4:d5:a1:bf:6b:e0:70:7d:cd:5e:22:
8b:1d:c9:37:2a:fb:18:18:e1:e4:d4:c2:07:e9:8d:22:93:4e:
77:5f:91:a9:73:20:31:19:3b:a0:60:e7:6f:3f:91:0e:e1:dd:
2b:9e:bd:db:ae:cf:81:32:e5:bc:2d:09:0c:67:60:4d:86:50:
d1:a9:b6:00:8b:b6:37:b9:11:49:da:61:37:96:92:15:03:aa:
73:56:30:2e:b9:58:3b:29:6e:71:f2:d8:7d:12:5c:14:f9:2b:
7d:d3:26:b7:2a:3d:49:9e:7e:d6:d7:67:e8:c9:cf:91:bf:67:
40:39:1c:55:87:5c:29:0d:6a:95:f5:c2:e0:74:87:40:da:1b:
ab:60:0b:69:d3:78:ac:32:ee:8f:2d:ae:9c:46:ed:36:1f:95:
73:31:a5:1f:69:11:1f:b0:0d:78:c0:a3:a2:64:74:bf:b5:69:
e4:80:45:08:ce:46:3c:b0:79:79:21:67:f1:ae:54:57:98:83:
64:9e:aa:62
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYXkitNSU+Y6yimYay7q3HW4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGZlYWZjYmRjNWM2NzQ5OTAyOWI0NTdhZWFlZjNkOTI0ZTFlZjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxFLU3KMfAZ/AfRx0mhAxvMHM6p2
5p63yTmZgZGnO2NC0lCNx7Li5c47dYrNLFtMCqLuYODHPtwbH9Xp8EAeyZgQr9Xt
pMWXh0IT/nt13N3ipC1b+j2+iDBYkxNrI4ax/B5ptt1ezF0Xmy2wsaY0bfCxOJVo
sxT7jvGses/XX5p4/K9sbjCVZQ7LI/sZ4Lk71hGOgmaFKkrc5zSWUY90oFEAgt2U
CYSZSBDVERHK3+n30yLasNLv8pF8TG+PPT9a/6gRfrF0iTMmBj+BxGAMmrxRvVhc
lWlBT8K2C4coL6/mfsBhuQKgg9wGe8D8Io21GEpVsLrlMiWhC30jpnZmiQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJD+r8vcXGdJkCm0V66u89kk4e+UMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEva1A2dnk5eGNaMG1RS2JSWHJxN3oyU1RoNzVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqDrEH
BaEDBwIqDrEHBaAwDQYJKoZIhvcNAQELBQADggEBAKVhlPS+HsQt5CiUYMs1CB6m
tZl9O5PQ4n2Sf9fM8k+xTs2YiDzRXmee09OVw+b37y3YnmaSY+x6G7/DQLfk1aG/
a+Bwfc1eIosdyTcq+xgY4eTUwgfpjSKTTndfkalzIDEZO6Bg528/kQ7h3Suevduu
z4Ey5bwtCQxnYE2GUNGptgCLtje5EUnaYTeWkhUDqnNWMC65WDspbnHy2H0SXBT5
K33TJrcqPUmeftbXZ+jJz5G/Z0A5HFWHXCkNapX1wuB0h0DaG6tgC2nTeKwy7o8t
rpxG7TYflXMxpR9pER+wDXjAo6JkdL+1aeSARQjORjyweXkhZ/GuVFeYg2SeqmI=
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:51 2024 by rpki-client on console-ams.rpki-client.org