Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rjHP16epoAGITkj057vIoJqgJC0.roa
File: rjHP16epoAGITkj057vIoJqgJC0.roa (raw, json)
Hash identifier: iCpss2hvivgGhFL6Tr1HrbSsOeuaIQ22dd21+3hODJY=
Subject key identifier: AE:31:CF:D7:A7:A9:A0:01:88:4E:48:F4:E7:BB:C8:A0:9A:A0:24:2D
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018C9C2FAB68516DAC80E9ADF4701E134804
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rjHP16epoAGITkj057vIoJqgJC0.roa
Signing time: Sun 24 Dec 2023 14:16:58 +0000
ROA not before: Sun 24 Dec 2023 14:16:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 215980
IP address blocks: 2a10:ccc0:3001::/48 maxlen: 48
2a0e:97c0:e30::/48 maxlen: 48
2a10:ccc0:3002::/48 maxlen: 48
2a10:ccc0:3000::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9c:2f:ab:68:51:6d:ac:80:e9:ad:f4:70:1e:13:48:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 24 14:16:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae31cfd7a7a9a001884e48f4e7bbc8a09aa0242d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:b9:8b:59:a5:a8:8e:91:d7:70:b6:3b:10:d6:
60:42:5d:2b:d5:07:2e:71:62:89:42:98:d0:9d:b4:
e0:c1:c2:25:83:75:0e:f8:35:07:35:00:6a:72:16:
29:d6:5d:c8:09:47:2a:3e:f8:36:36:37:0e:06:43:
70:ee:fa:dd:f0:07:8f:02:20:0e:f5:de:3e:48:70:
d9:d7:50:6b:a6:f6:4c:ab:45:a6:1e:4a:90:6d:e1:
33:ab:2f:b8:a3:6b:7d:ee:7e:21:92:08:fb:09:76:
0d:78:00:8f:a3:6a:34:6a:a2:72:f3:3b:2f:7c:7e:
3c:83:a6:9b:8f:0a:23:83:dd:15:f8:3b:9f:e5:76:
e5:48:89:9f:ba:0f:60:ef:c6:fe:e8:6b:ad:de:62:
bd:11:de:a8:63:42:35:8a:e8:af:f9:13:ce:a5:76:
2a:e9:54:be:8b:a2:cd:53:0f:55:d3:62:5e:e6:14:
4e:43:33:24:0b:5d:b2:60:9d:7a:e5:18:4b:17:00:
a0:f9:8e:ac:a4:f9:da:e4:0f:3f:81:e9:04:2b:16:
1b:26:05:bf:9f:15:1f:ea:a3:a9:17:4d:a2:13:28:
d0:de:57:a9:ad:c5:df:35:21:d5:ae:0f:36:30:73:
74:42:a4:b8:f7:b2:c7:97:84:b8:d1:da:6a:a3:f7:
3a:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:31:CF:D7:A7:A9:A0:01:88:4E:48:F4:E7:BB:C8:A0:9A:A0:24:2D
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rjHP16epoAGITkj057vIoJqgJC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:e30::/48
2a10:ccc0:3000::-2a10:ccc0:3002:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
8c:3c:d3:b2:19:22:a9:dc:64:26:1c:ed:07:d9:49:cc:bd:25:
b2:73:26:97:b1:77:63:1d:58:cb:41:ef:3f:36:95:a1:8a:b6:
c6:0f:98:9d:04:c2:eb:51:cf:eb:d3:83:06:6c:9c:10:e4:38:
42:63:0a:62:71:c6:a1:9b:9a:e3:4b:0e:4a:64:7a:29:6b:49:
ba:21:cf:19:74:90:de:02:d7:c9:2a:6f:fa:e8:b2:42:26:b3:
a1:fc:6b:7c:dc:24:7c:7c:41:15:45:dd:d3:a7:f3:3b:1c:bd:
ff:03:31:5c:6b:ce:db:5b:b8:f7:65:1a:9b:23:c1:30:da:23:
96:73:ea:b8:35:a2:15:2c:a9:ef:16:d7:2d:88:c3:2a:87:05:
f8:52:b6:a2:25:f5:b4:be:87:8d:fd:9f:5d:1b:dc:da:73:d6:
47:15:ee:d1:b3:7a:e6:59:c1:42:64:87:a5:06:da:86:95:1c:
84:55:a8:71:20:2e:5e:23:6b:ad:e2:f7:ca:f1:65:a4:dd:bd:
54:90:05:d5:20:a6:77:18:e4:69:be:89:af:c5:39:1e:8e:1f:
d7:74:86:08:0e:a7:d6:25:32:5f:07:10:7d:4f:5d:98:f9:ed:
e4:c7:be:a2:89:d9:10:44:77:9e:da:08:f3:02:d3:b2:1f:8c:
05:99:d9:bc
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYycL6toUW2sgOmt9HAeE0gEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMjI0MTQxNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTMxY2ZkN2E3YTlhMDAxODg0ZTQ4ZjRlN2JiYzhhMDlhYTAyNDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7mLWaWojpHXcLY7ENZgQl0r1Qcu
cWKJQpjQnbTgwcIlg3UO+DUHNQBqchYp1l3ICUcqPvg2NjcOBkNw7vrd8AePAiAO
9d4+SHDZ11BrpvZMq0WmHkqQbeEzqy+4o2t97n4hkgj7CXYNeACPo2o0aqJy8zsv
fH48g6abjwojg90V+Duf5XblSImfug9g78b+6Gut3mK9Ed6oY0I1iuiv+RPOpXYq
6VS+i6LNUw9V02Je5hROQzMkC12yYJ165RhLFwCg+Y6spPna5A8/gekEKxYbJgW/
nxUf6qOpF02iEyjQ3leprcXfNSHVrg82MHN0QqS497LHl4S40dpqo/c6JwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFK4xz9enqaABiE5I9Oe7yKCaoCQtMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcmpIUDE2ZXBvQUdJVGtqMDU3dklvSnFnSkMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwcAKg6XwA4w
MBEDBgQqEMzAMAMHACoQzMAwAjANBgkqhkiG9w0BAQsFAAOCAQEAjDzTshkiqdxk
JhztB9lJzL0lsnMml7F3Yx1Yy0HvPzaVoYq2xg+YnQTC61HP69ODBmycEOQ4QmMK
YnHGoZua40sOSmR6KWtJuiHPGXSQ3gLXySpv+uiyQiazofxrfNwkfHxBFUXd06fz
Oxy9/wMxXGvO21u492UamyPBMNojlnPquDWiFSyp7xbXLYjDKocF+FK2oiX1tL6H
jf2fXRvc2nPWRxXu0bN65lnBQmSHpQbahpUchFWocSAuXiNrreL3yvFlpN29VJAF
1SCmdxjkab6Jr8U5Ho4f13SGCA6n1iUyXwcQfU9dmPnt5Me+oonZEER3ntoI8wLT
sh+MBZnZvA==
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:33 2024 by rpki-client on console-fra.rpki-client.org