Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oJCvuaPNtjfDg554grhw0MZPnCY.roa
File: oJCvuaPNtjfDg554grhw0MZPnCY.roa (raw, json)
Hash identifier: YzrPCsCLTbHUuQPzKR5KrsceT7UsXPCmSl7+r1D5Wro=
Subject key identifier: A0:90:AF:B9:A3:CD:B6:37:C3:83:9E:78:82:B8:70:D0:C6:4F:9C:26
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7F6DDF5FE90055271CEFDE2CDAEB8
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oJCvuaPNtjfDg554grhw0MZPnCY.roa
Signing time: Mon 02 Jan 2023 05:15:28 +0000
ROA not before: Mon 02 Jan 2023 05:15:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210969
IP address blocks: 2a0e:97c0:500::/48 maxlen: 48
2a0e:97c0:503::/48 maxlen: 48
2a0e:97c0:501::/48 maxlen: 48
2a0e:97c0:502::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:f6:dd:f5:fe:90:05:52:71:ce:fd:e2:cd:ae:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a090afb9a3cdb637c3839e7882b870d0c64f9c26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:75:78:98:70:9e:cd:01:de:ec:2d:1d:23:32:
21:2c:17:9c:0c:a0:a8:71:a1:12:5d:cb:12:69:5b:
2a:bf:35:38:c8:e4:73:eb:69:bb:e3:b1:6d:f5:be:
e3:ff:58:6e:0d:f7:c6:49:38:e2:6c:f2:2a:b0:3c:
4f:3d:18:d2:ac:bc:27:5d:6b:6c:8b:9e:41:60:6f:
f4:54:b1:1a:cd:86:6d:71:34:58:4d:09:c2:39:0d:
80:bb:43:ae:6b:87:62:33:7b:9b:f6:96:e1:f6:13:
9f:cf:ba:3e:af:c8:2d:62:83:af:94:92:f5:c0:3d:
dc:ad:e9:88:f2:ed:42:f7:3a:8e:2e:ee:fe:b0:b8:
f1:07:dd:1e:c4:95:65:7f:11:95:3f:b1:c2:5f:63:
93:3d:52:42:07:07:70:86:12:77:08:07:fb:f5:84:
6e:9c:84:21:62:1c:9f:f4:13:21:98:ed:2c:de:05:
c2:86:79:ed:ad:a5:3f:07:98:90:55:6d:13:5a:49:
cf:f5:67:84:dd:bc:60:bc:40:86:ed:68:ab:ea:4b:
c6:ce:cf:c1:81:65:b8:77:74:4f:9f:ed:65:6c:fc:
5f:7b:7f:58:75:3d:dc:b3:f4:4a:d8:d6:55:86:0b:
0c:4d:8d:ff:3c:81:9a:35:be:83:ee:4a:cd:52:08:
ff:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:90:AF:B9:A3:CD:B6:37:C3:83:9E:78:82:B8:70:D0:C6:4F:9C:26
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oJCvuaPNtjfDg554grhw0MZPnCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:500::/46
Signature Algorithm: sha256WithRSAEncryption
79:da:03:3c:1a:3d:52:c5:25:e2:11:c3:f8:85:9a:8b:2d:6b:
a5:ad:37:46:36:55:84:77:18:2b:4c:49:72:c4:c7:8d:38:02:
59:5f:2d:ce:06:47:fe:88:e1:07:3c:27:13:62:76:54:cd:dc:
c6:a9:75:05:99:66:f2:c9:cd:53:04:4d:69:07:72:b8:c3:61:
e7:65:dc:b7:d1:97:97:6d:4a:b1:5e:99:be:11:36:4e:48:6a:
ee:70:f4:ef:2d:cd:bd:dd:4e:d0:9f:c7:33:0d:d5:df:95:5a:
2d:e8:2a:e2:b3:01:fc:f8:9b:ba:f3:a4:e7:3c:84:bf:0d:85:
db:46:8a:ce:bf:85:3a:93:a3:a0:b3:37:8d:a6:5c:0b:59:79:
4f:86:2c:c5:7d:7c:2d:19:e7:6d:33:f0:81:c6:76:d4:99:53:
02:83:5e:e9:6d:cb:22:66:21:3b:74:0b:29:cc:bf:4d:8a:20:
49:87:32:c1:44:85:2a:a8:56:8e:c6:44:ce:16:39:e8:34:40:
d5:00:22:94:e6:31:b5:02:ef:32:75:92:bc:ea:1e:eb:53:8c:
b1:9f:72:b4:16:0e:16:99:01:fd:b6:5f:8f:ed:6d:1a:6c:94:
01:87:68:65:9f:a4:fa:e6:82:4b:49:fe:18:59:70:fa:76:60:
a8:3c:40:ad
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw5/bd9f6QBVJxzv3iza64MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDkwYWZiOWEzY2RiNjM3YzM4MzllNzg4MmI4NzBkMGM2NGY5YzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXV4mHCezQHe7C0dIzIhLBecDKCo
caESXcsSaVsqvzU4yORz62m747Ft9b7j/1huDffGSTjibPIqsDxPPRjSrLwnXWts
i55BYG/0VLEazYZtcTRYTQnCOQ2Au0Oua4diM3ub9pbh9hOfz7o+r8gtYoOvlJL1
wD3cremI8u1C9zqOLu7+sLjxB90exJVlfxGVP7HCX2OTPVJCBwdwhhJ3CAf79YRu
nIQhYhyf9BMhmO0s3gXChnntraU/B5iQVW0TWknP9WeE3bxgvECG7Wir6kvGzs/B
gWW4d3RPn+1lbPxfe39YdT3cs/RK2NZVhgsMTY3/PIGaNb6D7krNUgj/rQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKCQr7mjzbY3w4OeeIK4cNDGT5wmMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvb0pDdnVhUE50amZEZzU1NGdyaHcwTVpQbkNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKg6XwAUA
MA0GCSqGSIb3DQEBCwUAA4IBAQB52gM8Gj1SxSXiEcP4hZqLLWulrTdGNlWEdxgr
TElyxMeNOAJZXy3OBkf+iOEHPCcTYnZUzdzGqXUFmWbyyc1TBE1pB3K4w2HnZdy3
0ZeXbUqxXpm+ETZOSGrucPTvLc293U7Qn8czDdXflVot6CriswH8+Ju686TnPIS/
DYXbRorOv4U6k6OgszeNplwLWXlPhizFfXwtGedtM/CBxnbUmVMCg17pbcsiZiE7
dAspzL9NiiBJhzLBRIUqqFaOxkTOFjnoNEDVACKU5jG1Au8ydZK86h7rU4yxn3K0
Fg4WmQH9tl+P7W0abJQBh2hln6T65oJLSf4YWXD6dmCoPECt
-----END CERTIFICATE-----
Generated at Tue Aug 29 23:30:23 2023 by rpki-client on console-fra.rpki-client.org