Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qAyvVcyb2j0tUroJPCiDR2z6eNg.roa
File: qAyvVcyb2j0tUroJPCiDR2z6eNg.roa (raw, json)
Hash identifier: kglq/7BmhPOryySiXL7KmMx7KEELmzbxOXwiJ/56iqU=
Subject key identifier: A8:0C:AF:55:CC:9B:DA:3D:2D:52:BA:09:3C:28:83:47:6C:FA:78:D8
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7CA8DC14BB4153F16504842C8B83F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qAyvVcyb2j0tUroJPCiDR2z6eNg.roa
Signing time: Mon 02 Jan 2023 05:15:16 +0000
ROA not before: Mon 02 Jan 2023 05:15:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207111
IP address blocks: 2a0e:b107:1900::/48 maxlen: 48
2a0e:b107:1901::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 23 Jan 2023 10:50:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:ca:8d:c1:4b:b4:15:3f:16:50:48:42:c8:b8:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a80caf55cc9bda3d2d52ba093c2883476cfa78d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:25:fe:b0:b6:af:57:4c:ee:7e:8f:15:d4:57:
a2:2d:b6:e4:b9:38:c8:c3:61:94:c5:fb:33:ef:ab:
0e:cc:47:2b:1c:e3:dc:4a:7f:fe:d3:c0:c3:f8:1e:
c1:81:6e:bd:35:9b:45:4c:7b:eb:f8:5a:e1:60:bc:
a5:c3:70:69:6e:95:f0:b6:fb:f4:34:0f:94:e6:a3:
05:11:47:da:72:ca:90:ea:a2:b6:72:5f:ca:80:82:
ea:5b:47:44:ca:55:0f:17:4a:5b:87:74:41:b5:09:
89:08:82:78:96:da:f3:b4:0c:ae:13:12:a0:31:63:
1d:c7:30:fd:1d:66:d7:1b:83:0e:85:89:6e:48:ed:
fc:6c:0c:c7:97:07:3b:d7:55:84:a3:5a:19:72:17:
83:01:f8:28:56:f0:eb:f3:45:4b:06:9a:47:41:b1:
dc:d7:68:b7:82:64:12:38:a2:17:c3:93:7c:13:e4:
59:b4:72:dc:87:f5:43:19:58:77:c1:dd:b3:f8:7c:
2d:2c:51:0b:13:49:7a:f0:61:bf:ff:fa:43:b8:16:
c7:c5:12:21:8c:41:29:b6:7f:00:8b:13:0c:f5:78:
7a:cf:7d:85:b4:5e:db:4c:ca:b8:b6:c9:00:11:ce:
a1:78:1e:6a:ad:29:a4:db:39:e4:46:b0:b1:38:8e:
ec:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:0C:AF:55:CC:9B:DA:3D:2D:52:BA:09:3C:28:83:47:6C:FA:78:D8
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qAyvVcyb2j0tUroJPCiDR2z6eNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1900::/47
Signature Algorithm: sha256WithRSAEncryption
9c:6b:75:75:18:62:39:13:82:41:c0:99:1b:b2:24:b5:41:eb:
c5:ab:c6:1e:a7:4a:9f:1f:82:a1:71:84:f2:9a:79:f8:44:28:
1e:a5:88:0d:8e:c3:cc:f3:2a:84:06:ed:97:06:cf:65:cf:11:
e0:7a:72:c1:2c:f2:c2:33:26:df:55:2a:46:7e:c8:b0:d8:b7:
7c:4d:3d:90:e9:3a:95:72:1e:08:60:f9:8d:7d:db:41:07:67:
c4:04:4e:b2:e4:d8:a2:38:6e:4e:18:47:9b:64:68:81:e1:d5:
77:33:8e:14:ac:71:0a:cf:ba:8d:ea:40:1a:c4:8f:df:de:5c:
63:ee:76:04:ca:25:aa:3a:b3:e0:a8:3b:d8:02:7f:e0:76:78:
2f:3b:4a:c8:17:33:94:92:6e:37:30:89:ca:9c:1c:17:2b:60:
6e:d6:71:d0:5d:a8:84:02:1d:92:e3:1f:52:ff:55:d3:0c:86:
bf:7b:b6:d9:84:d9:93:33:43:22:7f:93:46:f9:b4:a3:e7:2c:
26:fd:69:ff:90:08:b6:b0:10:75:d6:46:95:8e:3e:de:e1:e8:
d6:01:ba:4b:98:25:43:4d:05:fb:34:41:c5:b1:ba:0a:a5:62:
0e:47:47:da:4d:db:ce:6e:7b:80:4b:e0:af:60:40:2d:25:62:
df:ce:eb:5f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw58qNwUu0FT8WUEhCyLg/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODBjYWY1NWNjOWJkYTNkMmQ1MmJhMDkzYzI4ODM0NzZjZmE3OGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2SX+sLavV0zufo8V1FeiLbbkuTjI
w2GUxfsz76sOzEcrHOPcSn/+08DD+B7BgW69NZtFTHvr+FrhYLylw3BpbpXwtvv0
NA+U5qMFEUfacsqQ6qK2cl/KgILqW0dEylUPF0pbh3RBtQmJCIJ4ltrztAyuExKg
MWMdxzD9HWbXG4MOhYluSO38bAzHlwc711WEo1oZcheDAfgoVvDr80VLBppHQbHc
12i3gmQSOKIXw5N8E+RZtHLch/VDGVh3wd2z+HwtLFELE0l68GG///pDuBbHxRIh
jEEptn8AixMM9Xh6z32FtF7bTMq4tskAEc6heB5qrSmk2znkRrCxOI7spwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKgMr1XMm9o9LVK6CTwog0ds+njYMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcUF5dlZjeWIyajB0VXJvSlBDaURSMno2ZU5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKg6xBxkA
MA0GCSqGSIb3DQEBCwUAA4IBAQCca3V1GGI5E4JBwJkbsiS1QevFq8Yep0qfH4Kh
cYTymnn4RCgepYgNjsPM8yqEBu2XBs9lzxHgenLBLPLCMybfVSpGfsiw2Ld8TT2Q
6TqVch4IYPmNfdtBB2fEBE6y5NiiOG5OGEebZGiB4dV3M44UrHEKz7qN6kAaxI/f
3lxj7nYEyiWqOrPgqDvYAn/gdngvO0rIFzOUkm43MInKnBwXK2Bu1nHQXaiEAh2S
4x9S/1XTDIa/e7bZhNmTM0Mif5NG+bSj5ywm/Wn/kAi2sBB11kaVjj7e4ejWAbpL
mCVDTQX7NEHFsboKpWIOR0faTdvObnuAS+CvYEAtJWLfzutf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:38 2024 by rpki-client on console-fra.rpki-client.org