Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oJMqHXs1sKC-md_86lPSaM7nNHQ.roa
File: oJMqHXs1sKC-md_86lPSaM7nNHQ.roa (raw, json)
Hash identifier: CTSgpi+lBELjte7J+NuWQhXbAz0aiMIf7ebHJsfMZYo=
Subject key identifier: A0:93:2A:1D:7B:35:B0:A0:BE:99:DF:FC:EA:53:D2:68:CE:E7:34:74
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185EFBC88A46025A8C3F2187FD4DDD55947
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oJMqHXs1sKC-md_86lPSaM7nNHQ.roa
Signing time: Thu 26 Jan 2023 20:19:48 +0000
ROA not before: Thu 26 Jan 2023 20:19:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207852
IP address blocks: 2a0e:b107:270::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ef:bc:88:a4:60:25:a8:c3:f2:18:7f:d4:dd:d5:59:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 26 20:19:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0932a1d7b35b0a0be99dffcea53d268cee73474
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ed:91:85:ae:0a:86:e8:dd:e2:cc:a6:a2:a1:
d1:52:ac:e4:85:74:2c:0b:3b:11:3f:cb:6d:2b:9e:
cc:9f:ec:32:3e:2d:1c:21:e1:c1:59:6a:07:2d:91:
84:39:f4:65:2f:44:f5:2f:c1:b8:fa:40:a1:81:03:
bb:2a:ae:2a:a6:ba:a9:ba:d7:27:c0:6f:fa:78:e5:
4f:b2:8a:a3:0f:f1:05:8b:33:eb:53:73:6e:14:71:
0a:0e:63:17:e3:5b:04:69:2c:bb:79:2e:01:e3:29:
e9:b7:ac:b7:18:85:77:3c:5b:f6:50:f6:b3:5e:1b:
8a:ae:f5:99:0a:f6:85:b5:38:29:3c:f8:a2:fd:c2:
04:c8:4d:32:d1:80:bb:26:07:d7:47:42:68:2f:02:
70:0a:a6:f6:bf:1b:f9:29:a2:b2:4f:e8:bc:ed:b9:
6a:66:92:79:78:df:1e:bf:0a:9c:d4:92:6d:fc:86:
cf:8b:7e:d4:00:73:f9:c3:e5:47:6f:26:7c:60:38:
42:57:08:18:25:06:c3:e4:62:a6:0d:0f:b1:e1:b1:
81:f3:e8:21:db:d1:08:f3:90:bc:4d:93:3f:a0:8b:
12:f6:d9:d2:a7:a8:34:ad:bc:9b:65:61:a6:60:af:
08:c7:1f:df:49:19:4a:f6:63:27:73:54:71:00:dd:
8e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:93:2A:1D:7B:35:B0:A0:BE:99:DF:FC:EA:53:D2:68:CE:E7:34:74
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oJMqHXs1sKC-md_86lPSaM7nNHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:270::/48
Signature Algorithm: sha256WithRSAEncryption
b4:96:1a:a8:f8:ed:43:0c:c4:b7:ea:4c:f2:b6:19:bb:a9:b8:
9c:61:a0:78:a9:42:e0:3f:41:14:c4:85:37:1d:00:14:18:85:
ed:d8:bf:82:29:15:8f:45:b8:51:04:ac:53:2a:3b:4f:4b:24:
2e:10:53:63:5d:f6:98:27:0e:b1:8f:5c:14:6c:c1:a3:27:78:
2c:b6:48:93:e9:81:fd:fb:69:c3:f5:85:e6:4c:dc:c2:4d:79:
bd:b7:82:6b:3a:ea:d3:70:df:f0:82:c8:23:65:cb:d9:64:24:
73:72:59:f5:3f:b1:27:92:f6:10:b2:4c:cf:25:e0:ea:af:62:
56:67:a2:f9:08:99:e9:18:35:0c:2a:1f:b8:8e:9b:89:5b:67:
34:11:fe:92:84:af:da:ee:c5:b1:54:db:e6:4d:83:9f:99:d5:
ad:1a:4e:90:da:cc:53:b5:47:c6:5a:ac:06:4a:e6:70:5f:85:
ac:ea:5b:8a:43:2f:75:ff:98:cc:de:c7:07:80:d4:68:00:16:
c9:16:67:4b:fc:f5:a9:98:6a:06:9e:29:0d:7a:ae:60:cb:26:
6c:b3:d7:19:e1:98:ea:29:fd:ba:d2:40:a5:17:e6:be:9d:dc:
b5:36:26:ba:38:86:67:0b:94:d5:35:a6:70:97:3f:93:7f:f8:
2e:31:9e:60
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXvvIikYCWow/IYf9Td1VlHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI2MjAxOTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDkzMmExZDdiMzViMGEwYmU5OWRmZmNlYTUzZDI2OGNlZTczNDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+2Rha4Khujd4symoqHRUqzkhXQs
CzsRP8ttK57Mn+wyPi0cIeHBWWoHLZGEOfRlL0T1L8G4+kChgQO7Kq4qprqputcn
wG/6eOVPsoqjD/EFizPrU3NuFHEKDmMX41sEaSy7eS4B4ynpt6y3GIV3PFv2UPaz
XhuKrvWZCvaFtTgpPPii/cIEyE0y0YC7JgfXR0JoLwJwCqb2vxv5KaKyT+i87blq
ZpJ5eN8evwqc1JJt/IbPi37UAHP5w+VHbyZ8YDhCVwgYJQbD5GKmDQ+x4bGB8+gh
29EI85C8TZM/oIsS9tnSp6g0rbybZWGmYK8Ixx/fSRlK9mMnc1RxAN2OqQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKCTKh17NbCgvpnf/OpT0mjO5zR0MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvb0pNcUhYczFzS0MtbWRfODZsUFNhTTduTkhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBwJw
MA0GCSqGSIb3DQEBCwUAA4IBAQC0lhqo+O1DDMS36kzythm7qbicYaB4qULgP0EU
xIU3HQAUGIXt2L+CKRWPRbhRBKxTKjtPSyQuEFNjXfaYJw6xj1wUbMGjJ3gstkiT
6YH9+2nD9YXmTNzCTXm9t4JrOurTcN/wgsgjZcvZZCRzcln1P7EnkvYQskzPJeDq
r2JWZ6L5CJnpGDUMKh+4jpuJW2c0Ef6ShK/a7sWxVNvmTYOfmdWtGk6Q2sxTtUfG
WqwGSuZwX4Ws6luKQy91/5jM3scHgNRoABbJFmdL/PWpmGoGnikNeq5gyyZss9cZ
4ZjqKf260kClF+a+ndy1Nia6OIZnC5TVNaZwlz+Tf/guMZ5g
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:52 2024 by rpki-client on console-ams.rpki-client.org