Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qmIfO5ZE482tVR9IOikbfcejuyw.roa
File: qmIfO5ZE482tVR9IOikbfcejuyw.roa (raw, json)
Hash identifier: CQ5BkSEP1vqzPMItOgdi5z9G5c6Yive2/xy3Ze2yB5c=
Subject key identifier: AA:62:1F:3B:96:44:E3:CD:AD:55:1F:48:3A:29:1B:7D:C7:A3:BB:2C
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018BBA02F43B392840CED6450B0C93B228B1
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qmIfO5ZE482tVR9IOikbfcejuyw.roa
Signing time: Fri 10 Nov 2023 16:13:57 +0000
ROA not before: Fri 10 Nov 2023 16:13:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216026
IP address blocks: 2a0e:97c0:580::/48 maxlen: 48
2a0e:97c0:583::/48 maxlen: 48
2a0e:97c0:581::/48 maxlen: 48
2a0e:97c0:584::/48 maxlen: 48
2a0e:97c0:582::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ba:02:f4:3b:39:28:40:ce:d6:45:0b:0c:93:b2:28:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 10 16:13:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa621f3b9644e3cdad551f483a291b7dc7a3bb2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:0b:38:9e:6f:36:28:89:91:45:72:21:e4:c1:
10:2a:ba:ca:e5:3a:c3:3f:17:9d:61:84:14:0c:cb:
ce:c9:a3:b0:9a:f2:24:17:03:21:6e:ac:a9:80:b2:
c4:f5:ad:0a:5f:6d:e9:37:66:6f:54:e6:4f:6f:1c:
26:d5:ca:3e:88:a9:5c:e9:e3:7b:f3:76:39:11:4b:
a8:c6:aa:92:3c:57:46:60:10:89:c9:3f:49:77:7b:
45:e4:9a:c5:41:8d:fb:a7:c9:73:40:89:f8:08:5c:
16:57:cf:1e:57:4a:87:9b:b8:7d:a7:d7:e3:a6:34:
6a:00:f3:2c:ee:c7:0b:c0:14:07:4e:56:b9:81:a4:
4a:ba:af:e9:12:75:b9:b4:fc:d0:f4:bb:0d:9c:70:
d5:3c:b4:b6:b9:95:97:07:98:13:1e:a4:f9:aa:a7:
22:c3:f1:74:20:cb:60:f0:fe:fe:81:2f:c8:01:0e:
42:97:66:1d:b0:ef:ad:4f:0a:e1:cb:17:13:f7:4f:
8d:34:12:fd:15:51:41:9a:cb:e2:15:be:76:f8:0c:
29:60:4b:40:c3:0c:75:eb:42:0b:74:9f:f1:b3:b0:
cd:8b:37:a5:b5:76:53:ee:9e:1d:48:6c:0b:3b:42:
d1:7c:9a:c0:e0:94:ca:ee:dd:6c:d3:ab:c2:06:02:
47:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:62:1F:3B:96:44:E3:CD:AD:55:1F:48:3A:29:1B:7D:C7:A3:BB:2C
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qmIfO5ZE482tVR9IOikbfcejuyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:580::-2a0e:97c0:584:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
87:91:7d:3e:2f:7b:e5:7d:4b:0d:c1:4f:48:cb:26:b4:42:cd:
14:8c:b1:c6:7f:13:67:ab:b5:9d:1c:0a:c0:61:ea:53:85:6d:
7e:59:94:39:1e:e1:f4:ab:70:e4:a6:be:06:00:1c:9c:5b:d0:
26:a1:19:8c:a2:38:ec:48:af:17:7a:c3:1a:f4:e2:46:40:df:
be:ba:ce:c6:8d:62:92:0c:e1:ae:f2:99:f1:6a:66:7d:cd:c4:
a2:b5:38:a0:e8:2b:b8:1f:8c:d0:e8:d5:ed:c5:19:15:cb:b8:
de:62:a2:8b:9d:79:52:cb:5c:03:15:cd:d7:4e:5d:cf:c3:27:
a2:d5:bb:ce:c7:4c:cf:4d:d6:18:a6:8a:2d:42:f5:a4:89:18:
bb:04:00:7a:42:92:ea:95:8f:31:3c:59:a8:5d:c7:d2:51:1f:
12:a4:21:70:95:7f:4c:2a:35:d5:29:8c:46:2f:fe:0f:a7:1b:
d7:54:f0:c6:05:19:85:88:ec:4a:20:34:18:7b:fe:c5:c1:5b:
fe:2e:44:cf:15:59:c0:b3:e8:7e:9b:a8:95:ae:b1:81:af:ef:
ce:0e:02:b6:71:2a:af:73:d0:7d:56:72:9c:3a:7a:63:cf:61:
f0:31:14:d6:8a:6e:3c:73:6c:ef:81:5b:6c:81:95:2d:2e:ac:
0f:05:61:74
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYu6AvQ7OShAztZFCwyTsiixMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMTEwMTYxMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTYyMWYzYjk2NDRlM2NkYWQ1NTFmNDgzYTI5MWI3ZGM3YTNiYjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyws4nm82KImRRXIh5MEQKrrK5TrD
PxedYYQUDMvOyaOwmvIkFwMhbqypgLLE9a0KX23pN2ZvVOZPbxwm1co+iKlc6eN7
83Y5EUuoxqqSPFdGYBCJyT9Jd3tF5JrFQY37p8lzQIn4CFwWV88eV0qHm7h9p9fj
pjRqAPMs7scLwBQHTla5gaRKuq/pEnW5tPzQ9LsNnHDVPLS2uZWXB5gTHqT5qqci
w/F0IMtg8P7+gS/IAQ5Cl2YdsO+tTwrhyxcT90+NNBL9FVFBmsviFb52+AwpYEtA
wwx160ILdJ/xs7DNizeltXZT7p4dSGwLO0LRfJrA4JTK7t1s06vCBgJHzQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKpiHzuWROPNrVUfSDopG33Ho7ssMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcW1JZk81WkU0ODJ0VlI5SU9pa2JmY2VqdXl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwcqDpfA
BYADBwAqDpfABYQwDQYJKoZIhvcNAQELBQADggEBAIeRfT4ve+V9Sw3BT0jLJrRC
zRSMscZ/E2ertZ0cCsBh6lOFbX5ZlDke4fSrcOSmvgYAHJxb0CahGYyiOOxIrxd6
wxr04kZA3766zsaNYpIM4a7ymfFqZn3NxKK1OKDoK7gfjNDo1e3FGRXLuN5iooud
eVLLXAMVzddOXc/DJ6LVu87HTM9N1himii1C9aSJGLsEAHpCkuqVjzE8Wahdx9JR
HxKkIXCVf0wqNdUpjEYv/g+nG9dU8MYFGYWI7EogNBh7/sXBW/4uRM8VWcCz6H6b
qJWusYGv784OArZxKq9z0H1Wcpw6emPPYfAxFNaKbjxzbO+BW2yBlS0urA8FYXQ=
-----END CERTIFICATE-----
Generated at Fri Nov 24 16:21:33 2023 by rpki-client on console-fra.rpki-client.org