Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lEsznsOvPADcdefnPMd3bLEXoZw.roa
File: lEsznsOvPADcdefnPMd3bLEXoZw.roa (raw, json)
Hash identifier: lNzXlJLe/1eDqzIc4xneC3Lx9dP3mRZUjUqhv9bm4cU=
Subject key identifier: 94:4B:33:9E:C3:AF:3C:00:DC:75:E7:E7:3C:C7:77:6C:B1:17:A1:9C
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48AF1A5E032259614F537328812402E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lEsznsOvPADcdefnPMd3bLEXoZw.roa
Signing time: Tue 24 Jan 2023 16:09:49 +0000
ROA not before: Tue 24 Jan 2023 16:09:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211139
IP address blocks: 2a0e:b107:1910::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:f1:a5:e0:32:25:96:14:f5:37:32:88:12:40:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=944b339ec3af3c00dc75e7e73cc7776cb117a19c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:05:bd:65:15:6a:cb:45:3d:11:fb:0b:b5:0d:
6e:1c:04:29:b5:0c:96:11:dc:1d:d8:b3:9e:cc:2d:
28:d7:e3:f7:31:0f:0b:e8:49:bd:6a:6b:01:a0:58:
24:12:ad:1b:9c:7d:10:b6:26:f5:1f:97:86:88:a5:
04:46:23:5e:5a:bb:0b:46:ed:00:31:bc:d2:dc:d6:
1d:5e:05:7c:e0:48:50:b7:84:a8:19:16:d9:f4:8e:
d5:6c:d0:10:f4:bc:ec:8a:25:5d:96:20:9a:e8:2e:
42:e3:ed:5f:d3:9b:33:cb:96:6d:f8:0f:b9:ab:12:
94:08:40:7c:f0:2c:ff:bd:21:40:97:0b:53:bf:43:
ca:7d:a7:ab:49:b7:09:cd:2c:78:51:08:cf:be:8f:
7f:6a:f4:16:8a:f9:8e:66:ef:b2:84:6e:7e:4f:78:
a9:5c:3c:db:0d:1f:9f:3d:a7:61:f3:2d:42:07:5a:
c9:96:43:34:34:a5:77:9c:bc:36:15:da:0e:33:7d:
e2:8d:b1:5c:ae:43:ca:4d:14:d2:fd:31:a9:20:f1:
ca:9d:65:4a:70:8e:66:79:82:c0:97:d5:6b:29:75:
7e:83:b8:a7:6b:20:87:6d:27:06:49:16:21:d8:f2:
9e:bc:7d:84:2a:c5:b3:41:90:1d:32:7c:3e:83:5e:
73:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:4B:33:9E:C3:AF:3C:00:DC:75:E7:E7:3C:C7:77:6C:B1:17:A1:9C
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lEsznsOvPADcdefnPMd3bLEXoZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1910::/44
Signature Algorithm: sha256WithRSAEncryption
2b:55:08:39:e2:79:6b:ca:63:5f:7b:b8:24:11:86:ad:7c:0d:
f4:3d:bc:8c:1b:f3:1f:31:33:3a:5c:bc:50:28:55:1a:9a:f8:
a8:1c:e3:8c:13:14:d8:b8:5e:1f:3c:c5:a3:94:fa:87:b2:e5:
74:30:e7:8c:48:d9:ac:73:6e:db:6c:10:c7:55:56:fb:69:d9:
d1:da:05:ab:5a:e9:8a:3f:19:31:36:82:b2:35:1a:5d:e0:a8:
87:ea:14:8f:24:e8:a9:7b:42:6c:e0:a4:1f:5d:e9:b9:f0:17:
01:08:78:ca:66:aa:93:04:94:64:ce:ef:dd:45:7d:7a:f1:77:
61:30:fd:16:61:04:a1:16:b1:49:5e:25:99:15:f3:05:09:80:
2d:21:db:4c:16:74:e4:75:cd:f5:69:5b:6f:f5:02:85:ba:3f:
95:52:3e:3b:ab:e7:b1:b9:aa:f9:08:43:2f:97:ac:82:93:9b:
ee:ee:83:17:d9:dc:de:e7:cc:e4:6c:14:01:d0:68:87:9d:64:
20:5a:e4:9f:dc:c9:39:10:c6:a6:41:e3:ab:5d:4e:02:51:38:
7a:22:e0:d0:68:43:76:90:82:31:30:7a:a7:e9:46:35:c4:f2:
f4:6f:eb:c0:ee:7a:77:83:7c:07:49:41:49:ad:8a:8e:ce:3e:
47:7d:7b:93
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXkivGl4DIllhT1NzKIEkAuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDRiMzM5ZWMzYWYzYzAwZGM3NWU3ZTczY2M3Nzc2Y2IxMTdhMTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQW9ZRVqy0U9EfsLtQ1uHAQptQyW
Edwd2LOezC0o1+P3MQ8L6Em9amsBoFgkEq0bnH0Qtib1H5eGiKUERiNeWrsLRu0A
MbzS3NYdXgV84EhQt4SoGRbZ9I7VbNAQ9LzsiiVdliCa6C5C4+1f05szy5Zt+A+5
qxKUCEB88Cz/vSFAlwtTv0PKfaerSbcJzSx4UQjPvo9/avQWivmOZu+yhG5+T3ip
XDzbDR+fPadh8y1CB1rJlkM0NKV3nLw2FdoOM33ijbFcrkPKTRTS/TGpIPHKnWVK
cI5meYLAl9VrKXV+g7inayCHbScGSRYh2PKevH2EKsWzQZAdMnw+g15zMwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJRLM57DrzwA3HXn5zzHd2yxF6GcMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbEVzem5zT3ZQQURjZGVmblBNZDNiTEVYb1p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBxkQ
MA0GCSqGSIb3DQEBCwUAA4IBAQArVQg54nlrymNfe7gkEYatfA30PbyMG/MfMTM6
XLxQKFUamvioHOOMExTYuF4fPMWjlPqHsuV0MOeMSNmsc27bbBDHVVb7adnR2gWr
WumKPxkxNoKyNRpd4KiH6hSPJOipe0Js4KQfXem58BcBCHjKZqqTBJRkzu/dRX16
8XdhMP0WYQShFrFJXiWZFfMFCYAtIdtMFnTkdc31aVtv9QKFuj+VUj47q+exuar5
CEMvl6yCk5vu7oMX2dze58zkbBQB0GiHnWQgWuSf3Mk5EMamQeOrXU4CUTh6IuDQ
aEN2kIIxMHqn6UY1xPL0b+vA7np3g3wHSUFJrYqOzj5HfXuT
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:52 2024 by rpki-client on console-ams.rpki-client.org