Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lQEAp7VDUjD9KRnlRKv06C8uFjs.roa
File: lQEAp7VDUjD9KRnlRKv06C8uFjs.roa (raw, json)
Hash identifier: 6QLp0q4exoI/6kVfessFKB397kxspgWUeiG9EQlgjc8=
Subject key identifier: 95:01:00:A7:B5:43:52:30:FD:29:19:E5:44:AB:F4:E8:2F:2E:16:3B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01885292151826037F8C6E243064B09091D9
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lQEAp7VDUjD9KRnlRKv06C8uFjs.roa
Signing time: Thu 25 May 2023 11:01:25 +0000
ROA not before: Thu 25 May 2023 11:01:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 151194
IP address blocks: 2a10:ccc0:ccc0::/44 maxlen: 48
2a10:ccc0:ccc0::/46 maxlen: 48
2a06:de00:de00::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:52:92:15:18:26:03:7f:8c:6e:24:30:64:b0:90:91:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 25 11:01:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=950100a7b5435230fd2919e544abf4e82f2e163b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:e7:be:b2:16:f8:3a:78:2f:26:da:26:01:27:
30:72:01:08:73:3e:84:fd:fd:0c:20:c4:08:ba:e1:
52:61:0a:0d:8d:af:c0:dd:18:15:2e:f7:69:d9:01:
36:f9:d2:43:62:d0:24:cc:af:2d:32:ab:16:29:33:
5c:55:0b:06:8f:ef:dd:62:82:c4:d7:0c:73:fa:c5:
82:19:b1:30:1a:d4:0d:f4:22:4b:65:e4:09:7d:27:
cb:a7:13:af:ef:90:76:2c:8d:63:ff:c7:7e:4c:69:
9c:d1:35:e9:7a:52:37:8e:4b:a0:14:31:e5:0a:31:
d6:ff:c2:b0:74:a8:8f:c9:fd:1d:10:9e:3d:b7:49:
06:70:3d:57:bb:f7:94:d7:70:2c:a3:38:88:ef:3a:
c1:eb:eb:b6:e5:ef:30:78:18:25:6b:0c:5c:9d:84:
69:ea:4d:05:39:2b:ce:32:68:a8:fe:c6:12:8d:15:
82:c0:f3:1b:eb:1e:13:7d:17:d8:41:08:77:7e:48:
b2:d1:38:9b:90:a5:a5:c7:fb:59:d5:b2:fd:20:db:
16:db:2b:66:e7:aa:59:61:53:b4:50:81:8d:26:c6:
a3:bd:74:d5:62:12:cb:0c:49:ba:e9:a7:af:0b:f6:
05:cb:49:4a:c4:2f:aa:7d:27:e0:6d:2f:1c:7e:ca:
2a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:01:00:A7:B5:43:52:30:FD:29:19:E5:44:AB:F4:E8:2F:2E:16:3B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lQEAp7VDUjD9KRnlRKv06C8uFjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de00:de00::/44
2a10:ccc0:ccc0::/44
Signature Algorithm: sha256WithRSAEncryption
97:ce:7a:77:e1:14:e7:5d:42:1c:2e:82:67:a8:68:9d:15:73:
f9:a9:6f:c8:26:fe:b3:bb:96:c9:bb:d9:6e:f4:f7:9e:6a:27:
d0:d4:52:fa:51:31:c8:86:1e:35:92:a5:2c:e7:e2:ea:bd:5c:
96:bd:50:31:b9:d4:7c:64:3e:f0:4e:99:e1:41:52:bf:f4:42:
14:b4:9b:63:8b:c4:77:0a:1c:74:83:d8:c6:c4:ac:b0:63:ab:
11:72:a3:ad:c5:09:39:9a:6e:0f:ff:4a:00:c5:68:42:98:25:
89:91:62:cd:9f:7e:66:cf:2f:c7:76:0d:40:82:89:a6:ac:e6:
e8:0b:6d:d5:46:f7:22:5c:47:18:58:d6:31:a0:0b:ac:17:3a:
2f:e9:18:73:10:7b:8f:16:ff:24:13:9b:16:d1:41:8a:a3:89:
19:a8:65:39:f2:9d:15:a9:62:48:6a:17:82:b0:22:d3:a6:98:
e2:c7:94:fb:c5:05:f1:e1:fa:dc:fe:08:30:25:8a:96:33:40:
c0:20:8f:0f:4f:85:fb:2e:4c:cb:8a:a3:6a:e7:e0:dd:7a:45:
df:90:15:36:6b:a3:c8:28:a1:34:65:38:2f:ca:08:f8:21:85:
cf:10:4c:63:da:2d:65:02:e4:ea:36:33:1b:8f:78:cb:6d:94:
01:5f:b0:d1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYhSkhUYJgN/jG4kMGSwkJHZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNTI1MTEwMTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTAxMDBhN2I1NDM1MjMwZmQyOTE5ZTU0NGFiZjRlODJmMmUxNjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ue+shb4OngvJtomAScwcgEIcz6E
/f0MIMQIuuFSYQoNja/A3RgVLvdp2QE2+dJDYtAkzK8tMqsWKTNcVQsGj+/dYoLE
1wxz+sWCGbEwGtQN9CJLZeQJfSfLpxOv75B2LI1j/8d+TGmc0TXpelI3jkugFDHl
CjHW/8KwdKiPyf0dEJ49t0kGcD1Xu/eU13AsoziI7zrB6+u25e8weBglawxcnYRp
6k0FOSvOMmio/sYSjRWCwPMb6x4TfRfYQQh3fkiy0TibkKWlx/tZ1bL9INsW2ytm
56pZYVO0UIGNJsajvXTVYhLLDEm66aevC/YFy0lKxC+qfSfgbS8cfsoq7QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJUBAKe1Q1Iw/SkZ5USr9OgvLhY7MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbFFFQXA3VkRVakQ5S1JubFJLdjA2Qzh1RmpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKgbeAN4A
AwcEKhDMwMzAMA0GCSqGSIb3DQEBCwUAA4IBAQCXznp34RTnXUIcLoJnqGidFXP5
qW/IJv6zu5bJu9lu9PeeaifQ1FL6UTHIhh41kqUs5+LqvVyWvVAxudR8ZD7wTpnh
QVK/9EIUtJtji8R3Chx0g9jGxKywY6sRcqOtxQk5mm4P/0oAxWhCmCWJkWLNn35m
zy/Hdg1AgommrOboC23VRvciXEcYWNYxoAusFzov6RhzEHuPFv8kE5sW0UGKo4kZ
qGU58p0VqWJIaheCsCLTppjix5T7xQXx4frc/ggwJYqWM0DAII8PT4X7LkzLiqNq
5+DdekXfkBU2a6PIKKE0ZTgvygj4IYXPEExj2i1lAuTqNjMbj3jLbZQBX7DR
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:52 2024 by rpki-client on console-ams.rpki-client.org