Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nQWt6S0gFofQD3cTwGTd6wEga-Y.roa
File: nQWt6S0gFofQD3cTwGTd6wEga-Y.roa (raw, json)
Hash identifier: XwlUQSUXjfkDLqtgrCPmRwD7eZjLUqcyZYHXY/5796U=
Subject key identifier: 9D:05:AD:E9:2D:20:16:87:D0:0F:77:13:C0:64:DD:EB:01:20:6B:E6
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E790E08C1BF7E0958072AE37F87293
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nQWt6S0gFofQD3cTwGTd6wEga-Y.roa
Signing time: Mon 02 Jan 2023 05:15:02 +0000
ROA not before: Mon 02 Jan 2023 05:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138211
IP address blocks: 2a0e:b107:6d0::/44 maxlen: 48
2a0e:b107:580::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:90:e0:8c:1b:f7:e0:95:80:72:ae:37:f8:72:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d05ade92d201687d00f7713c064ddeb01206be6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:9d:b1:56:6f:7b:c3:3f:7c:6f:67:a9:82:fb:
15:c1:44:a5:38:23:4c:68:4f:f2:d1:07:77:73:54:
7d:ed:25:c3:fe:50:5c:dd:a6:f0:d1:83:3d:f0:59:
ba:f7:c7:04:f3:cd:13:53:f0:7f:fd:8f:08:7b:de:
b9:4d:f8:6d:b4:fd:5e:07:c0:41:7b:9b:93:f0:c7:
3e:63:8e:ca:7c:e6:93:f0:18:5d:04:a0:ac:51:05:
6f:ea:55:9f:da:3c:94:d4:58:9f:e5:67:a8:39:3d:
29:d3:4f:33:0a:74:b9:f5:fb:7b:b1:a5:0b:7e:f6:
06:f7:07:f5:20:c1:86:32:58:4f:9f:ea:b7:64:9a:
d7:ce:e7:62:0f:19:2b:04:09:d6:0b:f7:db:c1:dd:
4e:6b:39:66:a8:54:c7:4b:f3:fe:09:f5:52:30:4e:
5b:73:20:76:c5:b3:c5:88:13:6a:e8:9b:71:ee:95:
63:c4:b6:9f:46:2f:b2:99:fb:0d:60:11:f8:b2:c9:
c7:99:5a:7e:b9:b9:20:f9:dc:e7:b0:ae:07:87:be:
50:7b:e1:1b:84:c7:6d:1f:50:7a:1b:23:ef:0f:bc:
c2:ef:a8:57:e8:21:9b:f1:59:6b:73:e4:bd:79:da:
66:bb:f9:8e:16:30:11:b8:86:29:fe:d2:9c:44:ed:
b0:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:05:AD:E9:2D:20:16:87:D0:0F:77:13:C0:64:DD:EB:01:20:6B:E6
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nQWt6S0gFofQD3cTwGTd6wEga-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:580::/44
2a0e:b107:6d0::/44
Signature Algorithm: sha256WithRSAEncryption
ac:32:44:7c:0a:14:0c:32:cd:17:c9:0c:87:66:40:00:a7:70:
4c:9f:13:ed:e9:09:c8:16:dd:a3:ce:8c:84:5c:df:14:3b:46:
5c:0d:0e:4f:1e:bf:7d:e1:13:6a:c2:3a:38:f1:bd:18:c8:6b:
b7:5f:c8:17:b6:f4:7d:7d:bd:a6:88:e5:23:d5:24:44:6b:d7:
9b:40:ee:ca:6a:fe:d5:87:a0:04:69:21:0b:93:df:47:b7:f4:
07:a1:d1:42:8c:64:c5:b1:70:0f:34:53:62:44:c6:9a:93:3d:
b3:f5:23:c4:fb:26:5f:ff:6f:05:24:0b:1b:2c:96:33:27:e1:
68:93:6a:db:26:15:c2:c1:d3:3f:21:2f:3c:60:04:b2:23:cf:
0b:46:72:6e:f8:87:aa:b7:3b:30:f6:52:91:a7:d9:bc:9a:64:
20:fc:84:65:46:44:e6:1e:ae:c7:ef:a0:88:9b:c4:e9:bd:66:
15:99:c8:65:a5:71:80:68:7f:c5:3b:50:3b:61:84:b1:9e:b5:
ad:83:91:f1:65:d7:98:ee:7f:00:97:2f:cc:ed:1d:a4:8f:92:
5d:09:1b:ff:ea:aa:38:47:31:2f:45:73:3e:e8:f4:17:55:ab:
56:ae:83:45:ad:09:09:a9:aa:5a:f3:d4:a2:f2:d3:85:37:48:
e2:98:e7:f2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw55DgjBv34JWAcq43+HKTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDA1YWRlOTJkMjAxNjg3ZDAwZjc3MTNjMDY0ZGRlYjAxMjA2YmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv52xVm97wz98b2epgvsVwUSlOCNM
aE/y0Qd3c1R97SXD/lBc3abw0YM98Fm698cE880TU/B//Y8Ie965TfhttP1eB8BB
e5uT8Mc+Y47KfOaT8BhdBKCsUQVv6lWf2jyU1Fif5WeoOT0p008zCnS59ft7saUL
fvYG9wf1IMGGMlhPn+q3ZJrXzudiDxkrBAnWC/fbwd1OazlmqFTHS/P+CfVSME5b
cyB2xbPFiBNq6Jtx7pVjxLafRi+ymfsNYBH4ssnHmVp+ubkg+dznsK4Hh75Qe+Eb
hMdtH1B6GyPvD7zC76hX6CGb8Vlrc+S9edpmu/mOFjARuIYp/tKcRO2wawIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ0FrektIBaH0A93E8Bk3esBIGvmMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvblFXdDZTMGdGb2ZRRDNjVHdHVGQ2d0VnYS1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6xBwWA
AwcEKg6xBwbQMA0GCSqGSIb3DQEBCwUAA4IBAQCsMkR8ChQMMs0XyQyHZkAAp3BM
nxPt6QnIFt2jzoyEXN8UO0ZcDQ5PHr994RNqwjo48b0YyGu3X8gXtvR9fb2miOUj
1SREa9ebQO7Kav7Vh6AEaSELk99Ht/QHodFCjGTFsXAPNFNiRMaakz2z9SPE+yZf
/28FJAsbLJYzJ+Fok2rbJhXCwdM/IS88YASyI88LRnJu+Ieqtzsw9lKRp9m8mmQg
/IRlRkTmHq7H76CIm8TpvWYVmchlpXGAaH/FO1A7YYSxnrWtg5HxZdeY7n8Aly/M
7R2kj5JdCRv/6qo4RzEvRXM+6PQXVatWroNFrQkJqapa89Si8tOFN0jimOfy
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:03 2023 by rpki-client on console-ams.rpki-client.org