Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oRtRzEZEjwStuSZ4mMlS6mkrIc8.roa
File: oRtRzEZEjwStuSZ4mMlS6mkrIc8.roa (raw, json)
Hash identifier: jzepvFSIMktMSzGKPz7FtneSaWgwNBV0Lre0f9Y3uvw=
Subject key identifier: A1:1B:51:CC:46:44:8F:04:AD:B9:26:78:98:C9:52:EA:69:2B:21:CF
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018959F0AACB438238513AB2BF3278251159
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oRtRzEZEjwStuSZ4mMlS6mkrIc8.roa
Signing time: Sat 15 Jul 2023 14:24:51 +0000
ROA not before: Sat 15 Jul 2023 14:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198276
IP address blocks: 2a0e:b107:2030::/48 maxlen: 48
2a0e:b107:2032::/48 maxlen: 48
2a0e:b107:2031::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:59:f0:aa:cb:43:82:38:51:3a:b2:bf:32:78:25:11:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 15 14:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a11b51cc46448f04adb9267898c952ea692b21cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:88:a9:5b:64:7f:37:ce:0a:a7:ab:70:fe:b6:
35:88:d5:80:6d:0f:fd:6d:4a:86:9d:90:b4:bf:48:
4d:48:28:36:ca:ea:6b:18:7b:19:c5:f5:2a:2c:89:
59:9e:94:02:f2:12:9f:8d:85:57:04:fb:8d:8e:e0:
a6:af:9b:d3:e2:ec:f1:6a:53:42:0f:c7:dc:2b:fa:
ec:bb:c4:e2:f8:79:04:22:71:6e:15:71:96:a0:d1:
53:08:66:7c:87:cb:6f:ea:1b:8a:a5:dc:67:fa:6c:
6f:be:36:dc:72:65:9c:7a:1e:81:7f:88:f9:74:d9:
4f:3b:94:ce:f1:42:86:ec:da:b1:76:21:94:45:76:
08:61:e6:70:e6:8c:55:9e:d7:d5:76:f9:6c:0c:1c:
d1:ae:39:1c:f3:7f:81:cc:97:39:0f:e7:ce:26:89:
27:2d:53:73:2b:99:16:a4:76:2f:a1:88:bd:d3:0d:
fa:b6:d0:1b:41:0d:d7:05:e8:15:8c:99:1d:ac:e1:
0f:ed:58:28:03:1e:12:44:d5:f6:32:e0:b9:56:6e:
99:e6:8d:2f:78:12:a0:f3:9c:ad:2a:b2:d6:cb:1e:
28:03:e5:84:89:41:73:e2:23:c6:95:a5:6d:46:80:
92:42:a2:ae:86:05:85:9c:e0:0c:9e:18:6c:6c:ef:
8b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:1B:51:CC:46:44:8F:04:AD:B9:26:78:98:C9:52:EA:69:2B:21:CF
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oRtRzEZEjwStuSZ4mMlS6mkrIc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:2030::-2a0e:b107:2032:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
28:c0:9a:1d:a8:19:1c:ea:42:7f:3f:f1:5b:2b:4b:c3:27:e8:
fb:35:89:3f:f4:b7:2b:5d:91:51:98:83:5f:98:63:fd:b5:b1:
e7:35:4e:35:47:80:35:86:07:70:83:f1:b8:58:67:4e:80:50:
ff:73:16:58:d2:0f:96:92:a0:ba:e3:ca:69:96:45:30:38:e3:
d5:72:77:af:8a:fa:c1:ce:9f:d7:a2:9c:02:b4:e6:93:58:03:
a9:9f:af:5e:45:f2:68:80:03:64:33:4e:13:f2:e9:ae:4b:a6:
41:e1:e5:27:c4:06:aa:cd:1d:e8:bd:21:2d:1d:0b:2f:8b:4b:
e8:31:cb:df:5f:18:69:d1:a8:2e:bf:21:be:2f:aa:06:61:27:
2c:a0:c8:0d:45:4b:f5:bd:56:db:a3:16:c2:52:2a:c9:3d:f6:
b7:82:c0:73:19:26:d1:87:6f:c5:7f:06:ce:36:19:dc:cf:65:
69:e8:fb:e6:2f:23:29:e3:bd:6a:ba:06:db:f7:75:58:12:9b:
37:d8:17:60:7e:67:8f:91:76:ad:fe:5d:83:b6:6a:92:03:fe:
4e:cd:9c:92:aa:4f:36:2b:b6:22:c0:fd:ef:97:d0:09:9a:95:
38:33:65:ac:70:c4:f5:67:41:bf:bc:21:9d:b0:04:64:7f:69:
1a:9f:e1:ba
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYlZ8KrLQ4I4UTqyvzJ4JRFZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNzE1MTQyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTFiNTFjYzQ2NDQ4ZjA0YWRiOTI2Nzg5OGM5NTJlYTY5MmIyMWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4ipW2R/N84Kp6tw/rY1iNWAbQ/9
bUqGnZC0v0hNSCg2yuprGHsZxfUqLIlZnpQC8hKfjYVXBPuNjuCmr5vT4uzxalNC
D8fcK/rsu8Ti+HkEInFuFXGWoNFTCGZ8h8tv6huKpdxn+mxvvjbccmWceh6Bf4j5
dNlPO5TO8UKG7NqxdiGURXYIYeZw5oxVntfVdvlsDBzRrjkc83+BzJc5D+fOJokn
LVNzK5kWpHYvoYi90w36ttAbQQ3XBegVjJkdrOEP7VgoAx4SRNX2MuC5Vm6Z5o0v
eBKg85ytKrLWyx4oA+WEiUFz4iPGlaVtRoCSQqKuhgWFnOAMnhhsbO+LGQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKEbUcxGRI8ErbkmeJjJUuppKyHPMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvb1J0UnpFWkVqd1N0dVNaNG1NbFM2bWtySWM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwQqDrEH
IDADBwAqDrEHIDIwDQYJKoZIhvcNAQELBQADggEBACjAmh2oGRzqQn8/8VsrS8Mn
6Ps1iT/0tytdkVGYg1+YY/21sec1TjVHgDWGB3CD8bhYZ06AUP9zFljSD5aSoLrj
ymmWRTA449Vyd6+K+sHOn9einAK05pNYA6mfr15F8miAA2QzThPy6a5LpkHh5SfE
BqrNHei9IS0dCy+LS+gxy99fGGnRqC6/Ib4vqgZhJyygyA1FS/W9VtujFsJSKsk9
9reCwHMZJtGHb8V/Bs42GdzPZWno++YvIynjvWq6Btv3dVgSmzfYF2B+Z4+Rdq3+
XYO2apID/k7NnJKqTzYrtiLA/e+X0AmalTgzZaxwxPVnQb+8IZ2wBGR/aRqf4bo=
-----END CERTIFICATE-----
Generated at Fri Jul 21 09:44:01 2023 by rpki-client on console-fra.rpki-client.org