Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/o0XirBAbkYARQnxds9GoyDD3MBk.roa
File: o0XirBAbkYARQnxds9GoyDD3MBk.roa (raw, json)
Hash identifier: oC5yLFjXMTaAg0U+5mRc5iCLgz+uSpcGNb7orfuRHzY=
Subject key identifier: A3:45:E2:AC:10:1B:91:80:11:42:7C:5D:B3:D1:A8:C8:30:F7:30:19
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E8173F20169C29133EFC3364873E69
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/o0XirBAbkYARQnxds9GoyDD3MBk.roa
Signing time: Mon 02 Jan 2023 05:15:36 +0000
ROA not before: Mon 02 Jan 2023 05:15:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212294
IP address blocks: 2a0e:b107:1ba0::/44 maxlen: 48
2a0e:b107:1bb0::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 23 Jan 2023 10:50:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e8:17:3f:20:16:9c:29:13:3e:fc:33:64:87:3e:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a345e2ac101b918011427c5db3d1a8c830f73019
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:66:ba:38:40:a0:87:8c:02:c7:56:43:08:20:
74:19:93:8c:fb:30:af:1b:06:bc:7f:1c:f7:76:a0:
19:f7:d5:1e:fc:cb:99:db:99:e9:b6:02:22:78:05:
4e:a6:44:67:97:e1:7a:7d:2f:37:fc:56:cd:18:75:
e5:60:f5:b3:6d:c8:8b:ce:df:bb:6a:73:c3:4b:94:
31:6e:1c:e4:60:3e:f9:a6:d6:96:7d:9e:6c:93:c1:
cd:ef:9b:8c:fe:e9:de:19:ff:db:08:de:49:50:81:
6b:a7:c6:61:6a:fc:5b:75:45:b8:ac:a7:36:bf:c9:
9b:f8:ee:d4:02:be:9c:71:e8:6a:06:d4:a9:75:34:
f0:a5:a9:96:05:5c:8b:16:d2:70:2a:55:0f:6a:68:
3f:18:52:70:0e:76:79:ba:82:ed:04:1a:58:61:c8:
57:fe:fb:bb:26:07:fb:49:cf:9b:2a:93:44:f1:3b:
8c:08:cb:04:48:0f:c9:76:ef:38:66:05:4f:b4:d4:
a2:57:fe:8f:33:3b:63:c1:3f:29:90:42:09:02:fb:
1c:14:96:81:f8:58:43:4c:7e:9d:1c:aa:ee:29:46:
90:91:ab:cc:01:da:6c:be:58:5c:fb:d6:76:5a:2b:
78:93:db:e9:cf:e2:d7:2b:8d:83:f9:73:9d:49:cd:
77:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:45:E2:AC:10:1B:91:80:11:42:7C:5D:B3:D1:A8:C8:30:F7:30:19
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/o0XirBAbkYARQnxds9GoyDD3MBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1ba0::/43
Signature Algorithm: sha256WithRSAEncryption
94:59:af:b7:c1:ac:ef:6b:02:82:df:9c:12:26:f0:3a:b1:30:
d2:ed:cf:56:78:cd:88:a4:ab:4f:01:31:97:42:41:8c:21:8b:
de:d8:06:f3:d9:d5:a5:94:b5:da:ac:64:b0:54:ee:36:ed:b4:
51:af:46:e7:9f:aa:eb:6b:b9:38:9d:69:03:1f:f7:1e:69:86:
e9:3b:95:f4:00:5d:e6:32:f5:cc:19:74:24:33:70:aa:b7:fd:
2d:82:a8:52:58:78:3a:36:9a:a8:9f:ac:b3:3d:e1:45:6f:b8:
91:af:8b:77:ce:b3:c7:92:9e:af:02:0b:cd:54:41:35:42:24:
cd:66:73:6f:7c:b6:1c:c7:76:3d:3b:a4:70:db:ae:e6:42:0d:
67:7c:53:d8:57:7c:fb:1a:1e:9f:f7:cb:d4:fe:0a:2b:87:05:
61:93:00:d7:1e:a5:6c:66:99:78:29:c1:40:80:01:6d:12:d2:
3e:8f:2a:34:33:04:61:ca:1b:17:ff:5d:98:da:cf:6f:93:b2:
dc:af:17:0a:f0:11:2d:25:6a:1f:e0:b9:85:3d:7d:a7:81:b8:
ef:12:0a:70:e5:97:bd:a4:a6:ef:be:f6:26:6c:89:d5:bd:37:
65:2a:9e:9f:a0:88:e6:be:e8:ab:d9:08:a8:8f:f6:34:f6:90:
4d:0c:7c:9f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw6Bc/IBacKRM+/DNkhz5pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzQ1ZTJhYzEwMWI5MTgwMTE0MjdjNWRiM2QxYThjODMwZjczMDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Ga6OECgh4wCx1ZDCCB0GZOM+zCv
Gwa8fxz3dqAZ99Ue/MuZ25nptgIieAVOpkRnl+F6fS83/FbNGHXlYPWzbciLzt+7
anPDS5QxbhzkYD75ptaWfZ5sk8HN75uM/uneGf/bCN5JUIFrp8ZhavxbdUW4rKc2
v8mb+O7UAr6ccehqBtSpdTTwpamWBVyLFtJwKlUPamg/GFJwDnZ5uoLtBBpYYchX
/vu7Jgf7Sc+bKpNE8TuMCMsESA/Jdu84ZgVPtNSiV/6PMztjwT8pkEIJAvscFJaB
+FhDTH6dHKruKUaQkavMAdpsvlhc+9Z2Wit4k9vpz+LXK42D+XOdSc13jwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKNF4qwQG5GAEUJ8XbPRqMgw9zAZMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbzBYaXJCQWJrWUFSUW54ZHM5R295REQzTUJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcFKg6xBxug
MA0GCSqGSIb3DQEBCwUAA4IBAQCUWa+3wazvawKC35wSJvA6sTDS7c9WeM2IpKtP
ATGXQkGMIYve2Abz2dWllLXarGSwVO427bRRr0bnn6rra7k4nWkDH/ceaYbpO5X0
AF3mMvXMGXQkM3Cqt/0tgqhSWHg6Npqon6yzPeFFb7iRr4t3zrPHkp6vAgvNVEE1
QiTNZnNvfLYcx3Y9O6Rw267mQg1nfFPYV3z7Gh6f98vU/gorhwVhkwDXHqVsZpl4
KcFAgAFtEtI+jyo0MwRhyhsX/12Y2s9vk7LcrxcK8BEtJWof4LmFPX2ngbjvEgpw
5Ze9pKbvvvYmbInVvTdlKp6foIjmvuir2Qioj/Y09pBNDHyf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:37 2024 by rpki-client on console-fra.rpki-client.org