Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pOH2cB0Aeu_jraYgn2ZGW8aPfBI.roa
File: pOH2cB0Aeu_jraYgn2ZGW8aPfBI.roa (raw, json)
Hash identifier: MXpGamkzh/CR0HQYzGTkFUzyDlVL/EjBz17+7Uv/uKw=
Subject key identifier: A4:E1:F6:70:1D:00:7A:EF:E3:AD:A6:20:9F:66:46:5B:C6:8F:7C:12
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E828506C6A13F7780876306DDC3581
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pOH2cB0Aeu_jraYgn2ZGW8aPfBI.roa
Signing time: Mon 02 Jan 2023 05:15:40 +0000
ROA not before: Mon 02 Jan 2023 05:15:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213262
IP address blocks: 2a0e:b107:9d0::/48 maxlen: 48
2a0e:b107:9d5::/48 maxlen: 48
2a0e:b107:9d2::/48 maxlen: 48
2a0e:b107:9da::/48 maxlen: 48
2a0e:b107:9d7::/48 maxlen: 48
2a0e:b107:9d4::/48 maxlen: 48
2a0e:b107:9d1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e8:28:50:6c:6a:13:f7:78:08:76:30:6d:dc:35:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4e1f6701d007aefe3ada6209f66465bc68f7c12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a6:6f:92:be:7d:d1:87:d8:43:7b:78:8e:3a:
c8:83:6d:04:e7:e1:ae:ce:16:cb:e4:75:fa:91:2a:
6e:c7:5c:d1:ba:e1:ac:e3:1d:94:ca:ca:03:72:c3:
15:f1:0d:f6:a7:19:7a:34:d3:b5:b7:5b:95:ea:18:
9e:60:dd:e3:c7:78:db:43:45:70:a5:15:21:f0:4f:
ed:7b:62:f4:d2:f8:d0:06:79:fc:f2:a9:1f:3b:11:
ed:34:04:a5:29:82:36:4f:3a:47:af:50:08:71:cc:
07:74:5e:be:99:0c:00:f5:b3:e6:54:93:f4:43:cd:
cd:c1:b1:91:71:fa:e1:de:b1:09:31:24:98:e3:5b:
78:41:65:42:58:59:5f:ac:f2:2b:9f:ef:4e:96:5d:
4e:03:12:76:d5:a3:e4:d6:c2:cc:72:0e:a8:50:92:
81:7f:df:07:35:8e:fd:fa:79:f7:2c:b8:d5:bd:e2:
12:1f:08:99:58:15:31:fc:67:aa:34:44:01:65:55:
8e:02:c7:8f:d9:6b:6f:b2:03:cd:52:c2:73:e2:74:
9e:53:d3:83:8e:b2:da:b1:7f:ac:44:f7:0b:38:e9:
a6:94:de:1e:e9:dc:5c:39:97:44:b5:25:7c:e3:f5:
66:8c:a5:a9:a1:d5:06:96:cf:71:f0:9d:eb:5a:18:
56:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:E1:F6:70:1D:00:7A:EF:E3:AD:A6:20:9F:66:46:5B:C6:8F:7C:12
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pOH2cB0Aeu_jraYgn2ZGW8aPfBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:9d0::-2a0e:b107:9d2:ffff:ffff:ffff:ffff:ffff
2a0e:b107:9d4::/47
2a0e:b107:9d7::/48
2a0e:b107:9da::/48
Signature Algorithm: sha256WithRSAEncryption
35:64:e4:62:96:f1:81:d9:65:59:8e:fd:9a:6a:bf:53:61:5a:
50:3c:6f:5e:a7:55:97:3e:6f:b2:4c:e6:bb:09:5e:c7:5a:b5:
f3:18:6d:a4:f6:1a:18:b8:42:90:db:48:f6:26:79:b6:2c:52:
71:69:8a:56:a7:4d:3c:68:bb:4a:66:b1:b3:b6:ae:cf:a4:48:
3d:bb:04:76:7c:ea:84:03:56:29:80:46:6d:6e:9b:a9:19:46:
d2:a2:4c:fa:cc:4e:b5:f7:e0:6a:c1:88:be:b1:3a:c9:75:29:
95:01:c6:37:6c:b4:5b:fd:e0:42:a6:2c:a0:b8:b6:8c:5f:bb:
be:22:fa:dd:a4:80:18:39:59:74:c3:52:e0:8c:bd:a3:89:92:
73:eb:21:5a:1a:3a:8a:5c:2a:46:d2:15:fe:22:0b:5f:51:89:
34:c1:2c:db:8e:6f:c1:b5:4d:8a:d9:3a:f7:f6:84:b8:25:e0:
5a:a4:f0:2d:be:c0:b8:15:fa:31:35:2b:6c:10:1a:f8:55:10:
2e:ae:25:fa:ee:ef:1c:3d:a1:40:af:34:fc:dc:fb:a6:9a:c9:
01:b6:20:2e:f4:55:c7:a7:9d:2b:fc:89:31:97:fe:53:c4:5c:
2a:6a:5f:07:ed:ed:c5:b1:68:6b:1b:f5:60:27:81:89:c1:58:
41:2c:ba:62
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYVw6ChQbGoT93gIdjBt3DWBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGUxZjY3MDFkMDA3YWVmZTNhZGE2MjA5ZjY2NDY1YmM2OGY3YzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKZvkr590YfYQ3t4jjrIg20E5+Gu
zhbL5HX6kSpux1zRuuGs4x2UysoDcsMV8Q32pxl6NNO1t1uV6hieYN3jx3jbQ0Vw
pRUh8E/te2L00vjQBnn88qkfOxHtNASlKYI2TzpHr1AIccwHdF6+mQwA9bPmVJP0
Q83NwbGRcfrh3rEJMSSY41t4QWVCWFlfrPIrn+9Oll1OAxJ21aPk1sLMcg6oUJKB
f98HNY79+nn3LLjVveISHwiZWBUx/GeqNEQBZVWOAseP2WtvsgPNUsJz4nSeU9OD
jrLasX+sRPcLOOmmlN4e6dxcOZdEtSV84/VmjKWpodUGls9x8J3rWhhWjQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFKTh9nAdAHrv462mIJ9mRlvGj3wSMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcE9IMmNCMEFldV9qcmFZZ24yWkdXOGFQZkJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzA1BAIAAjAvMBIDBwQqDrEH
CdADBwAqDrEHCdIDBwEqDrEHCdQDBwAqDrEHCdcDBwAqDrEHCdowDQYJKoZIhvcN
AQELBQADggEBADVk5GKW8YHZZVmO/Zpqv1NhWlA8b16nVZc+b7JM5rsJXsdatfMY
baT2Ghi4QpDbSPYmebYsUnFpilanTTxou0pmsbO2rs+kSD27BHZ86oQDVimARm1u
m6kZRtKiTPrMTrX34GrBiL6xOsl1KZUBxjdstFv94EKmLKC4toxfu74i+t2kgBg5
WXTDUuCMvaOJknPrIVoaOopcKkbSFf4iC19RiTTBLNuOb8G1TYrZOvf2hLgl4Fqk
8C2+wLgV+jE1K2wQGvhVEC6uJfru7xw9oUCvNPzc+6aayQG2IC70VcennSv8iTGX
/lPEXCpqXwft7cWxaGsb9WAngYnBWEEsumI=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:19 2023 by rpki-client on console-fra.rpki-client.org