Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qcdh8eicRTElg7oCMOYMTbkOI44.roa
File: qcdh8eicRTElg7oCMOYMTbkOI44.roa (raw, json)
Hash identifier: bhO9SSj4YErdr952Dw+JSSjQPPmSsB9bCYYH05OxDG0=
Subject key identifier: A9:C7:61:F1:E8:9C:45:31:25:83:BA:02:30:E6:0C:4D:B9:0E:23:8E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E794B5608BE6EE81A8A5BC46AADF2D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qcdh8eicRTElg7oCMOYMTbkOI44.roa
Signing time: Mon 02 Jan 2023 05:15:03 +0000
ROA not before: Mon 02 Jan 2023 05:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 140938
IP address blocks: 2a0e:b107:bf0::/48 maxlen: 48
2a0e:b107:c90::/48 maxlen: 48
2a0e:b107:c92::/48 maxlen: 48
2a0e:b107:c9f::/48 maxlen: 48
2a0e:b107:bf4::/48 maxlen: 48
2a0e:b107:c94::/48 maxlen: 48
2a0e:b107:bf1::/48 maxlen: 48
2a0e:b107:c91::/48 maxlen: 48
2a0e:b107:bf6::/48 maxlen: 48
2a0e:b107:c96::/48 maxlen: 48
2a0e:b107:c93::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:94:b5:60:8b:e6:ee:81:a8:a5:bc:46:aa:df:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9c761f1e89c45312583ba0230e60c4db90e238e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0b:37:d2:2c:1a:ad:0a:73:32:bf:c0:f2:76:
5f:24:73:8b:8b:70:86:18:2e:31:84:04:ac:68:75:
f3:58:37:6b:78:b3:fa:66:7e:17:cd:f4:ec:72:63:
99:1f:d4:fc:8f:4f:7e:2d:ca:ce:2b:76:4a:c0:1d:
c3:33:f0:9e:f9:90:3a:d1:08:bd:04:4e:aa:2c:63:
9a:6f:03:ad:d4:05:0a:30:59:c9:f0:b0:46:f7:22:
09:89:7b:ee:d1:4a:ce:f9:8c:67:90:ec:b4:98:8d:
a9:19:34:1e:2a:7d:dd:96:3e:8b:5e:50:ac:a3:a9:
4e:f4:51:d5:60:cc:4c:ad:61:2c:d3:31:ce:28:0c:
44:e5:23:6a:c7:d4:1b:f6:ef:2e:44:0f:12:16:b6:
ba:44:85:0d:af:e4:bc:28:ee:b0:a0:d2:bf:8d:8a:
b9:39:c4:60:71:e4:3f:32:7e:ec:64:4c:5a:8b:b5:
fe:3d:6f:a3:82:ba:0e:ca:db:59:56:c7:86:27:99:
51:e0:a9:6a:08:30:de:36:d6:b1:bd:cc:6b:b7:4d:
af:5c:8b:52:2c:11:28:3d:36:b7:69:eb:32:bf:f1:
25:1f:f9:c9:78:d7:24:5e:b2:49:26:0e:e3:54:ff:
2f:be:18:33:b5:f7:2c:91:43:6c:da:2a:55:fb:fb:
5c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:C7:61:F1:E8:9C:45:31:25:83:BA:02:30:E6:0C:4D:B9:0E:23:8E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qcdh8eicRTElg7oCMOYMTbkOI44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:bf0::/47
2a0e:b107:bf4::/48
2a0e:b107:bf6::/48
2a0e:b107:c90::-2a0e:b107:c94:ffff:ffff:ffff:ffff:ffff
2a0e:b107:c96::/48
2a0e:b107:c9f::/48
Signature Algorithm: sha256WithRSAEncryption
44:56:03:29:8e:64:4f:90:0e:15:c0:cf:a9:4b:e5:18:83:fd:
f1:2b:98:fc:f3:0e:13:a9:c7:60:c3:44:fa:87:1f:df:98:c9:
a6:2b:8f:a8:7b:d3:f7:da:ed:43:70:6c:d7:58:59:e9:09:b4:
6e:c7:1b:53:81:49:87:b9:07:12:a1:47:9f:1f:44:fc:26:d8:
65:c4:08:a9:bc:7b:3b:26:d8:ea:60:f4:99:a8:26:7a:07:58:
f3:0c:5a:5f:f3:e0:0b:d2:d8:05:86:c5:e0:d8:c0:4c:c1:96:
a2:39:d0:d9:3e:b4:06:c8:ea:98:0c:50:aa:4b:84:25:7a:d9:
40:96:a0:20:16:22:8c:8c:29:b6:95:d7:a4:f8:35:93:91:7b:
24:94:8f:68:8a:a7:39:7f:39:60:a8:18:3f:51:cc:eb:6b:93:
17:df:11:2f:8c:25:7d:d0:8c:69:a4:1b:18:34:a0:77:2e:f2:
4f:9e:66:1e:0d:dc:97:d1:29:32:b3:5b:2e:88:35:d5:cb:05:
c3:1e:53:a0:d2:e5:78:67:c2:c1:37:8e:41:cb:7f:5d:00:03:
ae:00:e7:ce:e1:34:5c:4b:2b:28:6c:7b:58:ef:be:6e:d6:a5:
86:05:47:a4:98:ed:ab:2f:28:36:d1:2f:3f:de:2f:94:6f:82:
63:47:0a:56
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYVw55S1YIvm7oGopbxGqt8tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWM3NjFmMWU4OWM0NTMxMjU4M2JhMDIzMGU2MGM0ZGI5MGUyMzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgs30iwarQpzMr/A8nZfJHOLi3CG
GC4xhASsaHXzWDdreLP6Zn4XzfTscmOZH9T8j09+LcrOK3ZKwB3DM/Ce+ZA60Qi9
BE6qLGOabwOt1AUKMFnJ8LBG9yIJiXvu0UrO+YxnkOy0mI2pGTQeKn3dlj6LXlCs
o6lO9FHVYMxMrWEs0zHOKAxE5SNqx9Qb9u8uRA8SFra6RIUNr+S8KO6woNK/jYq5
OcRgceQ/Mn7sZExai7X+PW+jgroOyttZVseGJ5lR4KlqCDDeNtaxvcxrt02vXItS
LBEoPTa3aesyv/ElH/nJeNckXrJJJg7jVP8vvhgztfcskUNs2ipV+/tcOQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFKnHYfHonEUxJYO6AjDmDE25DiOOMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcWNkaDhlaWNSVEVsZzdvQ01PWU1UYmtPSTQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTBHBAIAAjBBAwcBKg6xBwvw
AwcAKg6xBwv0AwcAKg6xBwv2MBIDBwQqDrEHDJADBwAqDrEHDJQDBwAqDrEHDJYD
BwAqDrEHDJ8wDQYJKoZIhvcNAQELBQADggEBAERWAymOZE+QDhXAz6lL5RiD/fEr
mPzzDhOpx2DDRPqHH9+YyaYrj6h70/fa7UNwbNdYWekJtG7HG1OBSYe5BxKhR58f
RPwm2GXECKm8ezsm2Opg9JmoJnoHWPMMWl/z4AvS2AWGxeDYwEzBlqI50Nk+tAbI
6pgMUKpLhCV62UCWoCAWIoyMKbaV16T4NZOReySUj2iKpzl/OWCoGD9RzOtrkxff
ES+MJX3QjGmkGxg0oHcu8k+eZh4N3JfRKTKzWy6INdXLBcMeU6DS5XhnwsE3jkHL
f10AA64A587hNFxLKyhse1jvvm7WpYYFR6SY7asvKDbRLz/eL5RvgmNHClY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:03 2023 by rpki-client on console-ams.rpki-client.org