Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kpVTOJ7hZkA5qoFQ2JV_B9HMdxc.roa
File: kpVTOJ7hZkA5qoFQ2JV_B9HMdxc.roa (raw, json)
Hash identifier: bKxaU+HIibTvzn/9hJe3Qa06VxhqpMU8w0tsTfseqTU=
Subject key identifier: 92:95:53:38:9E:E1:66:40:39:AA:81:50:D8:95:7F:07:D1:CC:77:17
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48AED3EA9E6C8737A8FA7D5F85DDE39
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kpVTOJ7hZkA5qoFQ2JV_B9HMdxc.roa
Signing time: Tue 24 Jan 2023 16:09:47 +0000
ROA not before: Tue 24 Jan 2023 16:09:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210761
IP address blocks: 2a0e:b107:19c7::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 21 Feb 2023 21:08:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:ed:3e:a9:e6:c8:73:7a:8f:a7:d5:f8:5d:de:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=929553389ee1664039aa8150d8957f07d1cc7717
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:23:60:86:70:fb:35:ef:df:7e:f8:69:1f:31:
9b:44:bd:91:4a:3d:82:fd:5e:a2:b7:00:7d:a0:e5:
f5:8c:9c:91:e2:7d:f7:b8:6c:4f:1e:a4:60:fb:ed:
9c:3b:82:bf:24:e4:c1:6f:60:ff:ab:6c:fc:b7:68:
38:e0:cf:f3:ee:7a:59:f7:88:f7:a1:c4:c5:3b:fa:
69:87:a2:59:2b:cb:33:03:06:ea:89:90:36:ab:fb:
53:17:48:c1:ca:9b:49:84:73:6d:a8:c2:82:84:b8:
41:1e:1a:31:c2:40:6d:92:e5:fa:06:00:0b:61:c6:
9a:49:88:7f:12:2d:38:c4:6b:d1:ad:d4:9e:37:18:
90:d0:bc:bc:78:1c:8c:12:b2:e6:41:94:1d:2d:0b:
a5:83:2d:87:3d:f6:6b:ea:77:e3:3e:dd:7a:cc:29:
0d:e6:5d:58:51:ad:1f:47:ee:b3:97:00:ee:cf:01:
fa:52:12:8a:20:d9:83:7e:23:b3:25:3e:8a:15:a1:
b0:24:f8:15:14:0b:94:2a:81:59:df:09:13:08:64:
04:80:3b:be:a0:35:d0:5e:5c:32:4b:46:a5:01:5f:
c7:02:75:e1:54:f4:c6:dc:45:e0:da:be:8b:76:61:
d0:ba:fe:a6:23:0d:be:8b:62:a0:a5:c8:eb:a3:ac:
d3:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:95:53:38:9E:E1:66:40:39:AA:81:50:D8:95:7F:07:D1:CC:77:17
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kpVTOJ7hZkA5qoFQ2JV_B9HMdxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:19c7::/48
Signature Algorithm: sha256WithRSAEncryption
6d:ee:5d:98:e6:a7:9b:3b:8b:a5:54:21:55:d2:4e:37:76:4d:
01:7c:bb:e5:c9:4d:13:99:e3:c6:a3:c7:1c:5d:33:7b:a8:71:
c2:ad:76:1d:cf:b7:4a:73:7f:14:fa:49:b0:1f:ba:04:5b:40:
1e:39:69:01:11:26:c0:3b:8b:65:ba:c6:11:4b:4d:60:a1:f7:
95:ec:e9:9f:68:9d:4b:77:3b:d8:18:f3:64:ff:89:7c:6d:e4:
db:8f:66:36:20:33:08:dc:d4:a7:bf:47:3d:f5:9c:0f:49:2c:
b0:88:8c:bb:a5:22:df:de:1a:15:45:9f:22:66:9d:5a:83:87:
44:10:0a:ed:5b:65:53:9c:20:fa:6f:9a:fd:9c:6b:15:73:86:
96:1b:91:ac:96:b1:2a:05:52:05:70:03:52:fe:2e:6f:95:b4:
b4:75:1c:b6:b5:fe:22:2d:c9:34:f5:1f:5d:b7:32:79:37:75:
f1:bb:88:96:3a:25:be:03:fe:3a:e7:97:7e:81:de:bd:d8:ef:
48:80:a6:77:be:9d:67:b7:39:2f:cb:66:1a:2d:eb:05:48:bb:
21:a2:cf:a1:5f:bb:9a:b7:42:87:6b:81:71:c8:d2:65:56:94:
f9:63:7a:8b:06:d5:72:42:05:aa:18:49:85:f4:1f:04:fc:d7:
ec:2e:a7:17
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXkiu0+qebIc3qPp9X4Xd45MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mjk1NTMzODllZTE2NjQwMzlhYTgxNTBkODk1N2YwN2QxY2M3NzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCNghnD7Ne/ffvhpHzGbRL2RSj2C
/V6itwB9oOX1jJyR4n33uGxPHqRg++2cO4K/JOTBb2D/q2z8t2g44M/z7npZ94j3
ocTFO/pph6JZK8szAwbqiZA2q/tTF0jByptJhHNtqMKChLhBHhoxwkBtkuX6BgAL
YcaaSYh/Ei04xGvRrdSeNxiQ0Ly8eByMErLmQZQdLQulgy2HPfZr6nfjPt16zCkN
5l1YUa0fR+6zlwDuzwH6UhKKINmDfiOzJT6KFaGwJPgVFAuUKoFZ3wkTCGQEgDu+
oDXQXlwyS0alAV/HAnXhVPTG3EXg2r6LdmHQuv6mIw2+i2Kgpcjro6zTMwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJKVUzie4WZAOaqBUNiVfwfRzHcXMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEva3BWVE9KN2haa0E1cW9GUTJKVl9COUhNZHhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBxnH
MA0GCSqGSIb3DQEBCwUAA4IBAQBt7l2Y5qebO4ulVCFV0k43dk0BfLvlyU0TmePG
o8ccXTN7qHHCrXYdz7dKc38U+kmwH7oEW0AeOWkBESbAO4tlusYRS01gofeV7Omf
aJ1LdzvYGPNk/4l8beTbj2Y2IDMI3NSnv0c99ZwPSSywiIy7pSLf3hoVRZ8iZp1a
g4dEEArtW2VTnCD6b5r9nGsVc4aWG5GslrEqBVIFcANS/i5vlbS0dRy2tf4iLck0
9R9dtzJ5N3Xxu4iWOiW+A/4655d+gd692O9IgKZ3vp1ntzkvy2YaLesFSLshos+h
X7uat0KHa4FxyNJlVpT5Y3qLBtVyQgWqGEmF9B8E/NfsLqcX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:37 2024 by rpki-client on console-fra.rpki-client.org