Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lxbKlDXD1qcrU7rYPJbKgr1OK80.roa
File: lxbKlDXD1qcrU7rYPJbKgr1OK80.roa (raw, json)
Hash identifier: t5ZYkfFrob5JiVFZYuN7zji404GIytmmSggK509D5Ps=
Subject key identifier: 97:16:CA:94:35:C3:D6:A7:2B:53:BA:D8:3C:96:CA:82:BD:4E:2B:CD
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185F3B78793390EE196865538F658AE5748
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lxbKlDXD1qcrU7rYPJbKgr1OK80.roa
Signing time: Fri 27 Jan 2023 14:52:49 +0000
ROA not before: Fri 27 Jan 2023 14:52:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41732
IP address blocks: 2a0e:b107:9d0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f3:b7:87:93:39:0e:e1:96:86:55:38:f6:58:ae:57:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 27 14:52:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9716ca9435c3d6a72b53bad83c96ca82bd4e2bcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:56:29:b0:9b:f0:d0:ba:e4:d2:71:3a:5f:90:
ae:f0:16:a0:9c:59:79:39:0a:b5:ac:d8:6e:16:68:
fe:ec:0c:53:e4:ea:f0:73:24:14:d5:f5:57:ae:22:
fe:86:48:5d:2d:cf:cd:9d:13:64:6c:89:4c:2e:0b:
18:08:54:ba:93:82:3f:3a:59:68:8d:53:d2:d0:74:
96:ee:10:10:4b:da:74:05:75:f2:6e:a9:6f:22:6b:
ab:f6:6b:43:29:ee:0a:4b:c1:9e:33:48:c1:2e:f9:
13:0d:b5:2a:3a:81:3b:f8:0b:5f:4a:cb:19:ca:0c:
78:9c:f4:50:d4:e5:1c:40:1c:16:85:24:1b:75:95:
22:f9:e6:3a:a4:2e:5b:7b:72:bc:c8:d6:2c:10:91:
21:77:84:5e:00:47:d0:21:ad:c9:49:57:ab:e7:7f:
b5:5f:86:dc:b7:ea:78:4a:a8:e7:ea:93:fd:6c:ed:
a7:98:b1:ea:ba:70:84:f1:4c:d2:a8:dc:6d:cf:df:
7f:f1:58:54:6d:4f:4d:40:ce:9a:2c:71:42:ac:64:
13:99:37:2a:25:8c:26:71:00:b7:21:7c:9c:0b:82:
68:6a:e7:ee:5b:c0:7b:3c:08:c1:0d:44:1b:eb:ce:
41:45:04:62:87:de:b7:02:68:e0:07:a2:e4:17:90:
b1:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:16:CA:94:35:C3:D6:A7:2B:53:BA:D8:3C:96:CA:82:BD:4E:2B:CD
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lxbKlDXD1qcrU7rYPJbKgr1OK80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:9d0::/48
Signature Algorithm: sha256WithRSAEncryption
59:7d:c7:e0:0c:fc:7c:5e:07:82:7f:5f:c0:ea:ae:9d:6c:83:
fa:83:d1:00:d3:55:3b:02:cf:da:5d:56:84:1f:c2:65:a5:29:
05:e7:4e:c3:20:11:37:49:cc:05:c6:89:04:e4:1e:a5:bc:99:
8d:40:55:d4:13:1e:8f:56:f2:45:5f:f2:9b:74:64:90:5b:24:
4a:cf:5f:f8:51:18:a4:7f:07:ff:79:b4:0e:0e:4e:91:8a:df:
a2:53:c6:94:8d:09:65:89:e7:2c:03:4d:7e:03:fc:57:06:de:
ce:fb:8c:b0:5f:59:2a:25:f6:97:39:bb:4a:b1:91:3c:f6:92:
2a:b0:ad:f4:67:44:92:12:e2:2e:78:38:98:7c:e0:83:63:55:
e5:d9:17:d6:f4:5f:f0:75:97:01:10:aa:eb:aa:e7:31:d2:c0:
f8:21:6e:6f:da:89:a9:11:71:82:db:30:6f:ac:7f:cc:91:39:
54:0f:dc:af:d9:5d:0d:04:32:20:25:e2:19:ee:2f:7c:09:96:
d8:63:77:d1:42:9b:ba:a1:5c:bd:2e:f8:3c:51:81:e8:9f:af:
62:3b:0a:fa:f8:fa:65:ea:40:0e:d0:b4:aa:ec:97:8e:d8:63:
f0:7f:bb:1c:2c:98:17:5a:f6:aa:11:33:00:ec:82:b7:31:cf:
a3:68:05:fa
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXzt4eTOQ7hloZVOPZYrldIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI3MTQ1MjQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzE2Y2E5NDM1YzNkNmE3MmI1M2JhZDgzYzk2Y2E4MmJkNGUyYmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVYpsJvw0Lrk0nE6X5Cu8BagnFl5
OQq1rNhuFmj+7AxT5OrwcyQU1fVXriL+hkhdLc/NnRNkbIlMLgsYCFS6k4I/Ollo
jVPS0HSW7hAQS9p0BXXybqlvImur9mtDKe4KS8GeM0jBLvkTDbUqOoE7+AtfSssZ
ygx4nPRQ1OUcQBwWhSQbdZUi+eY6pC5be3K8yNYsEJEhd4ReAEfQIa3JSVer53+1
X4bct+p4Sqjn6pP9bO2nmLHqunCE8UzSqNxtz99/8VhUbU9NQM6aLHFCrGQTmTcq
JYwmcQC3IXycC4JoaufuW8B7PAjBDUQb685BRQRih963AmjgB6LkF5Cx1QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJcWypQ1w9anK1O62DyWyoK9TivNMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbHhiS2xEWEQxcWNyVTdyWVBKYktncjFPSzgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBwnQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBZfcfgDPx8XgeCf1/A6q6dbIP6g9EA01U7As/a
XVaEH8JlpSkF507DIBE3ScwFxokE5B6lvJmNQFXUEx6PVvJFX/KbdGSQWyRKz1/4
URikfwf/ebQODk6Rit+iU8aUjQlliecsA01+A/xXBt7O+4ywX1kqJfaXObtKsZE8
9pIqsK30Z0SSEuIueDiYfOCDY1Xl2RfW9F/wdZcBEKrrqucx0sD4IW5v2ompEXGC
2zBvrH/MkTlUD9yv2V0NBDIgJeIZ7i98CZbYY3fRQpu6oVy9Lvg8UYHon69iOwr6
+Ppl6kAO0LSq7JeO2GPwf7scLJgXWvaqETMA7IK3Mc+jaAX6
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:03 2023 by rpki-client on console-ams.rpki-client.org