Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oHMa9o_GDhuHMOKhFz0oJB5dGvI.roa
File: oHMa9o_GDhuHMOKhFz0oJB5dGvI.roa (raw, json)
Hash identifier: HZKpdu0cchg8zTYysEhCTKviUZz836opcqe98RUYAhc=
Subject key identifier: A0:73:1A:F6:8F:C6:0E:1B:87:30:E2:A1:17:3D:28:24:1E:5D:1A:F2
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48AC0FABED8128A2544E13FCD9E2206
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oHMa9o_GDhuHMOKhFz0oJB5dGvI.roa
Signing time: Tue 24 Jan 2023 16:09:36 +0000
ROA not before: Tue 24 Jan 2023 16:09:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58336
IP address blocks: 2a0e:97c0:550::/44 maxlen: 48
2a0e:b107:16b0::/44 maxlen: 48
2a10:cc44:100::/44 maxlen: 48
2a10:cc42:120::/44 maxlen: 48
2a10:cc42:130::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:c0:fa:be:d8:12:8a:25:44:e1:3f:cd:9e:22:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0731af68fc60e1b8730e2a1173d28241e5d1af2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:2a:ac:76:44:2a:95:1b:17:8c:c4:a8:f6:ae:
e0:fa:4e:05:c1:66:a6:90:6d:72:96:24:43:bb:13:
d4:b4:c6:b3:79:eb:ee:f9:f8:ce:8b:fc:64:77:20:
bf:88:30:95:14:bb:f2:bc:8c:25:0d:e1:ef:f2:fe:
1f:84:41:da:7d:57:fd:52:65:1d:3e:32:f5:0f:02:
21:7f:36:a0:8a:28:00:3d:52:04:65:05:a6:ff:a5:
a4:3b:28:2e:23:b8:b7:8c:74:62:37:13:a3:e9:1f:
63:97:33:a2:ea:35:c5:ab:6b:e5:3d:c4:84:df:6b:
ab:b6:75:46:67:0b:66:40:58:0b:d8:24:fc:fd:d4:
cc:42:30:92:68:bb:21:b9:4a:34:09:e4:f0:56:54:
53:07:05:34:e6:f9:58:c2:91:00:ef:96:91:8a:7e:
33:c3:7d:10:b8:e1:3a:62:4b:22:86:f6:5e:fe:8e:
c7:65:7b:ec:91:e5:f8:cb:a4:18:13:f3:37:2e:3a:
ed:4f:4b:4b:4a:94:4b:eb:33:e1:90:dd:d1:c6:b2:
be:3a:0b:da:27:55:01:c4:db:30:55:c7:06:1b:72:
ae:03:6b:93:6b:b1:20:b0:c2:82:ae:21:27:89:07:
78:df:50:9c:6d:a5:aa:6d:7d:39:59:a7:f2:86:d0:
f8:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:73:1A:F6:8F:C6:0E:1B:87:30:E2:A1:17:3D:28:24:1E:5D:1A:F2
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oHMa9o_GDhuHMOKhFz0oJB5dGvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:550::/44
2a0e:b107:16b0::/44
2a10:cc42:120::/43
2a10:cc44:100::/44
Signature Algorithm: sha256WithRSAEncryption
34:5c:d8:1e:c7:6b:26:07:3c:74:d3:32:e2:d5:f8:6a:6c:16:
9b:10:78:34:b1:bc:e5:37:e8:76:47:76:04:80:ee:ae:da:c2:
e3:7b:19:4a:68:54:15:a9:ed:74:37:77:12:29:dc:2a:78:aa:
8b:16:51:46:ad:61:cb:9f:19:d4:e5:62:0c:40:cb:ec:b7:27:
11:f4:cc:fe:01:6d:a3:68:98:96:b5:05:89:a5:57:5b:84:65:
01:2e:6b:7a:b3:d0:a5:df:46:7e:0e:fe:d2:7e:2f:70:6d:9a:
03:a1:98:fc:60:c0:86:a9:0e:28:da:64:41:5b:be:34:ac:cd:
c4:85:eb:1d:0e:52:f3:3f:29:53:e5:c6:05:1d:d4:31:3d:19:
e9:c7:51:d8:75:f5:f4:1f:bd:71:53:a0:7d:b4:c3:f2:d7:46:
66:18:ab:4f:a7:25:d1:72:91:74:6f:74:a6:6f:a4:89:ef:5d:
9c:60:53:66:d9:0d:08:48:d3:33:14:78:d4:37:03:38:61:48:
65:0b:a4:2e:94:f4:d0:25:ad:56:eb:1b:ea:21:5f:e5:a4:1b:
bc:ae:fc:86:97:ad:1d:61:d5:ff:3b:ec:93:1b:90:1a:3e:dc:
59:1a:b7:1b:f4:47:62:6a:b4:99:aa:6e:27:b9:2c:36:d9:5d:
02:6b:b7:b3
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYXkisD6vtgSiiVE4T/NniIGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDczMWFmNjhmYzYwZTFiODczMGUyYTExNzNkMjgyNDFlNWQxYWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmiqsdkQqlRsXjMSo9q7g+k4FwWam
kG1yliRDuxPUtMazeevu+fjOi/xkdyC/iDCVFLvyvIwlDeHv8v4fhEHafVf9UmUd
PjL1DwIhfzagiigAPVIEZQWm/6WkOyguI7i3jHRiNxOj6R9jlzOi6jXFq2vlPcSE
32urtnVGZwtmQFgL2CT8/dTMQjCSaLshuUo0CeTwVlRTBwU05vlYwpEA75aRin4z
w30QuOE6YksihvZe/o7HZXvskeX4y6QYE/M3LjrtT0tLSpRL6zPhkN3RxrK+Ogva
J1UBxNswVccGG3KuA2uTa7EgsMKCriEniQd431CcbaWqbX05WafyhtD4fQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKBzGvaPxg4bhzDioRc9KCQeXRryMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvb0hNYTlvX0dEaHVITU9LaEZ6MG9KQjVkR3ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcEKg6XwAVQ
AwcEKg6xBxawAwcFKhDMQgEgAwcEKhDMRAEAMA0GCSqGSIb3DQEBCwUAA4IBAQA0
XNgex2smBzx00zLi1fhqbBabEHg0sbzlN+h2R3YEgO6u2sLjexlKaFQVqe10N3cS
KdwqeKqLFlFGrWHLnxnU5WIMQMvstycR9Mz+AW2jaJiWtQWJpVdbhGUBLmt6s9Cl
30Z+Dv7Sfi9wbZoDoZj8YMCGqQ4o2mRBW740rM3EhesdDlLzPylT5cYFHdQxPRnp
x1HYdfX0H71xU6B9tMPy10ZmGKtPpyXRcpF0b3Smb6SJ712cYFNm2Q0ISNMzFHjU
NwM4YUhlC6QulPTQJa1W6xvqIV/lpBu8rvyGl60dYdX/O+yTG5AaPtxZGrcb9Edi
arSZqm4nuSw22V0Ca7ez
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:52 2024 by rpki-client on console-ams.rpki-client.org