Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/raQcheWppgZbYemYcB1aHAsiqSk.roa
File: raQcheWppgZbYemYcB1aHAsiqSk.roa (raw, json)
Hash identifier: 0GoWnPcP1NZ1vrFOWA7VIp8FLnHdNmbaEcU5nyvn/IM=
Subject key identifier: AD:A4:1C:85:E5:A9:A6:06:5B:61:E9:98:70:1D:5A:1C:0B:22:A9:29
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0186DB659B4F6C44BB42FD78C632FCE96B69
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/raQcheWppgZbYemYcB1aHAsiqSk.roa
Signing time: Mon 13 Mar 2023 14:35:14 +0000
ROA not before: Mon 13 Mar 2023 14:35:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213372
IP address blocks: 2a0e:b107:8e0::/44 maxlen: 48
2a10:2f00:128::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:db:65:9b:4f:6c:44:bb:42:fd:78:c6:32:fc:e9:6b:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 13 14:35:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ada41c85e5a9a6065b61e998701d5a1c0b22a929
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:cb:14:01:a8:69:a0:4a:88:22:2f:ae:00:ce:
fc:f9:80:56:d3:2b:d4:09:fa:a8:81:a0:ec:d2:6f:
24:36:67:f5:54:76:11:41:d2:86:70:96:d9:0c:84:
c7:75:fe:f2:bf:64:3d:6e:e8:58:6c:ef:d2:da:3a:
de:96:08:9e:90:cf:99:1d:de:ac:61:c8:00:e7:af:
77:82:58:f8:9a:d2:5a:32:37:ab:76:4b:8a:44:0f:
27:b9:4d:81:ac:1f:d9:10:47:3b:07:2d:2c:36:8a:
34:56:86:41:e5:eb:f4:5b:f6:31:4a:5a:00:37:b2:
0c:0e:e1:67:54:12:87:1c:96:10:97:6b:84:ba:d3:
87:99:35:09:4e:94:ff:8b:1a:fb:9f:2e:8f:bd:4f:
55:ef:32:e2:87:52:55:db:2c:a4:8f:d5:2c:fb:8a:
a6:8c:cb:60:9e:7e:7c:d8:d6:b2:bf:2d:64:d1:e9:
d4:1f:32:27:30:07:11:77:20:c7:ef:39:52:4b:fa:
93:9b:51:08:27:85:1d:25:7b:35:63:5b:dc:c6:bc:
4e:81:74:79:ab:8b:e8:37:38:56:5d:c1:4a:81:97:
4c:6c:32:89:d4:47:f6:16:3f:42:e3:e3:be:cc:07:
e8:4d:58:8a:4c:d1:0a:a8:f8:6f:e1:48:96:ae:02:
87:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:A4:1C:85:E5:A9:A6:06:5B:61:E9:98:70:1D:5A:1C:0B:22:A9:29
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/raQcheWppgZbYemYcB1aHAsiqSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:8e0::/44
2a10:2f00:128::/48
Signature Algorithm: sha256WithRSAEncryption
94:e3:f2:c3:14:dc:e6:ff:b6:ce:fb:42:02:78:50:fd:f3:f8:
de:79:7c:65:ff:04:fd:a6:2c:27:a8:d2:12:40:60:c8:97:f5:
1a:55:0b:85:bb:e8:ed:30:2f:6e:44:a5:6a:ed:15:d3:00:db:
0d:98:3b:88:c4:2e:9a:89:68:d5:8b:c1:b8:fe:69:3d:10:01:
28:75:c8:82:9f:9d:da:4e:4b:1b:1e:1b:2f:2b:f6:ea:d1:19:
8d:94:81:4c:6d:83:83:14:cb:cc:d7:28:85:54:cf:0c:08:4c:
fc:82:a5:36:bf:01:52:59:40:2e:b1:a7:e3:1c:05:bb:fc:78:
33:1a:84:d4:05:02:07:da:4a:bd:a7:34:9e:e7:b7:49:47:a1:
7a:d5:64:ee:08:96:53:82:c4:58:5c:7d:14:49:3f:28:c6:cf:
77:b4:67:4b:2b:ba:a4:25:3e:94:b7:5f:88:da:ef:33:23:c4:
94:a8:e0:80:72:3c:a5:15:86:84:17:32:30:1c:2d:96:a4:af:
ca:81:55:94:7a:18:bc:13:1c:f3:2a:ca:a8:e8:e7:8a:85:b7:
8b:50:cd:74:90:1a:c6:66:20:2a:d1:e1:94:0e:01:3f:6c:91:
13:c0:71:ea:6d:cb:93:0a:96:df:ba:22:52:ed:06:0a:c5:ef:
8b:1d:b6:30
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYbbZZtPbES7Qv14xjL86WtpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMzEzMTQzNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGE0MWM4NWU1YTlhNjA2NWI2MWU5OTg3MDFkNWExYzBiMjJhOTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnssUAahpoEqIIi+uAM78+YBW0yvU
CfqogaDs0m8kNmf1VHYRQdKGcJbZDITHdf7yv2Q9buhYbO/S2jrelgiekM+ZHd6s
YcgA5693glj4mtJaMjerdkuKRA8nuU2BrB/ZEEc7By0sNoo0VoZB5ev0W/YxSloA
N7IMDuFnVBKHHJYQl2uEutOHmTUJTpT/ixr7ny6PvU9V7zLih1JV2yykj9Us+4qm
jMtgnn582Nayvy1k0enUHzInMAcRdyDH7zlSS/qTm1EIJ4UdJXs1Y1vcxrxOgXR5
q4voNzhWXcFKgZdMbDKJ1Ef2Fj9C4+O+zAfoTViKTNEKqPhv4UiWrgKHiQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK2kHIXlqaYGW2HpmHAdWhwLIqkpMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcmFRY2hlV3BwZ1piWWVtWWNCMWFIQXNpcVNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6xBwjg
AwcAKhAvAAEoMA0GCSqGSIb3DQEBCwUAA4IBAQCU4/LDFNzm/7bO+0ICeFD98/je
eXxl/wT9piwnqNISQGDIl/UaVQuFu+jtMC9uRKVq7RXTANsNmDuIxC6aiWjVi8G4
/mk9EAEodciCn53aTksbHhsvK/bq0RmNlIFMbYODFMvM1yiFVM8MCEz8gqU2vwFS
WUAusafjHAW7/HgzGoTUBQIH2kq9pzSe57dJR6F61WTuCJZTgsRYXH0UST8oxs93
tGdLK7qkJT6Ut1+I2u8zI8SUqOCAcjylFYaEFzIwHC2WpK/KgVWUehi8ExzzKsqo
6OeKhbeLUM10kBrGZiAq0eGUDgE/bJETwHHqbcuTCpbfuiJS7QYKxe+LHbYw
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:33 2024 by rpki-client on console-fra.rpki-client.org