Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/khesdopxCu3wIJfcMgM1S7THFA4.roa
File: khesdopxCu3wIJfcMgM1S7THFA4.roa (raw, json)
Hash identifier: lJCsqkI7SGTGxnp6xhnLCEQ6URwE09vUlm/Q8zaxcp4=
Subject key identifier: 92:17:AC:76:8A:71:0A:ED:F0:20:97:DC:32:03:35:4B:B4:C7:14:0E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018C62AA71B79C1C3106890B17338F964DE1
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/khesdopxCu3wIJfcMgM1S7THFA4.roa
Signing time: Wed 13 Dec 2023 10:13:06 +0000
ROA not before: Wed 13 Dec 2023 10:13:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 215849
IP address blocks: 2a0e:b107:2834::/46 maxlen: 48
2a0e:b107:2830::/46 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:62:aa:71:b7:9c:1c:31:06:89:0b:17:33:8f:96:4d:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 13 10:13:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9217ac768a710aedf02097dc3203354bb4c7140e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f4:d0:24:1e:eb:9f:be:ac:af:1e:b2:18:af:
5a:2d:10:a3:70:87:1b:19:9f:02:c3:af:b4:46:5e:
49:a6:a4:d2:e8:0e:80:66:a4:a3:77:0d:ec:fa:75:
30:ae:d3:f1:81:c3:51:ec:b8:fb:c0:f8:c2:fc:11:
29:3f:28:c9:27:15:9f:ad:cb:ab:3b:ee:f1:1a:8e:
68:4d:6e:94:31:f7:57:b3:b3:1c:d6:e0:61:b4:86:
c6:4c:0f:d3:f3:18:67:e4:13:f9:99:06:dd:a3:a1:
42:de:07:7f:02:b2:87:68:f7:72:7d:fe:03:87:d9:
b1:1d:d0:d6:22:d5:4f:cf:5b:e0:76:4d:01:a0:9e:
6d:3a:5e:cf:6c:7e:3e:f8:3d:e9:9a:1c:c5:38:fa:
b8:f7:c9:81:9a:c0:b4:58:94:93:6a:50:be:83:f7:
b1:60:da:d5:9b:bd:37:59:2c:0a:3d:8c:8d:39:e3:
65:c8:7e:4e:bb:e3:b1:87:c3:96:b4:72:f0:9c:e4:
b1:12:8d:ab:78:8a:30:40:91:60:f3:7b:56:54:6b:
ab:b0:c8:08:db:4a:5e:19:18:86:7f:cf:6a:f1:0c:
b1:01:09:b4:80:11:fb:b5:0c:5b:3c:00:a6:3e:f2:
fb:17:67:10:55:d6:71:70:c7:81:05:ae:38:3f:53:
ff:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:17:AC:76:8A:71:0A:ED:F0:20:97:DC:32:03:35:4B:B4:C7:14:0E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/khesdopxCu3wIJfcMgM1S7THFA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:2830::/45
Signature Algorithm: sha256WithRSAEncryption
71:1d:21:52:73:9a:a3:b9:e1:05:e2:5a:19:af:aa:0b:06:55:
a5:4a:ad:b9:d8:42:ef:8a:14:12:13:3b:1c:51:88:0f:22:67:
ef:8c:35:80:78:9b:e9:a8:05:02:de:d5:7b:c9:a6:37:45:5d:
a0:8d:e6:45:39:60:61:6b:77:34:0c:d6:52:15:30:a8:7e:47:
90:78:30:96:b7:05:c9:b8:ef:43:7d:b0:60:2c:1a:3b:85:49:
8a:92:74:27:56:00:ce:f6:d1:64:18:cc:2e:08:46:e4:f1:3f:
cb:d4:72:2e:34:39:0a:3a:d3:f3:b0:0d:0b:48:ed:63:53:22:
b5:a4:45:8d:e2:29:02:1d:98:5e:8b:00:4a:b4:84:10:03:5a:
fe:22:ca:3e:5f:a6:0f:97:8d:68:c0:2b:84:d4:fa:ba:87:6a:
7e:4c:ad:b4:98:41:63:9b:cf:a8:2f:28:fa:b8:8e:1f:a6:1b:
95:9a:83:b9:58:82:dc:74:04:0e:a7:74:e3:9e:d6:5f:78:d5:
49:a8:79:d2:b5:6c:12:20:c2:ec:98:fa:f4:49:77:c5:60:29:
ce:f5:c3:be:76:95:7d:3d:a7:02:9e:66:74:b1:6f:37:92:c7:
7e:25:9d:17:36:f0:69:94:78:d3:f1:e3:75:b0:99:2f:0d:fd:
bc:53:31:66
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYxiqnG3nBwxBokLFzOPlk3hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMjEzMTAxMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjE3YWM3NjhhNzEwYWVkZjAyMDk3ZGMzMjAzMzU0YmI0YzcxNDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfTQJB7rn76srx6yGK9aLRCjcIcb
GZ8Cw6+0Rl5JpqTS6A6AZqSjdw3s+nUwrtPxgcNR7Lj7wPjC/BEpPyjJJxWfrcur
O+7xGo5oTW6UMfdXs7Mc1uBhtIbGTA/T8xhn5BP5mQbdo6FC3gd/ArKHaPdyff4D
h9mxHdDWItVPz1vgdk0BoJ5tOl7PbH4++D3pmhzFOPq498mBmsC0WJSTalC+g/ex
YNrVm703WSwKPYyNOeNlyH5Ou+Oxh8OWtHLwnOSxEo2reIowQJFg83tWVGursMgI
20peGRiGf89q8QyxAQm0gBH7tQxbPACmPvL7F2cQVdZxcMeBBa44P1P/rwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJIXrHaKcQrt8CCX3DIDNUu0xxQOMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEva2hlc2RvcHhDdTN3SUpmY01nTTFTN1RIRkE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcDKg6xBygw
MA0GCSqGSIb3DQEBCwUAA4IBAQBxHSFSc5qjueEF4loZr6oLBlWlSq252ELvihQS
EzscUYgPImfvjDWAeJvpqAUC3tV7yaY3RV2gjeZFOWBha3c0DNZSFTCofkeQeDCW
twXJuO9DfbBgLBo7hUmKknQnVgDO9tFkGMwuCEbk8T/L1HIuNDkKOtPzsA0LSO1j
UyK1pEWN4ikCHZheiwBKtIQQA1r+Iso+X6YPl41owCuE1Pq6h2p+TK20mEFjm8+o
Lyj6uI4fphuVmoO5WILcdAQOp3TjntZfeNVJqHnStWwSIMLsmPr0SXfFYCnO9cO+
dpV9PacCnmZ0sW83ksd+JZ0XNvBplHjT8eN1sJkvDf28UzFm
-----END CERTIFICATE-----
Generated at Thu Dec 14 12:40:41 2023 by rpki-client on console-ams.rpki-client.org