Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rw7ZJBRuZYuir_iDJTzfkcBvcbQ.roa
File: rw7ZJBRuZYuir_iDJTzfkcBvcbQ.roa (raw, json)
Hash identifier: PrlY0WQut2EWQWd7VP1rdTJTOgDxcd4xcwcFHsueAQY=
Subject key identifier: AF:0E:D9:24:14:6E:65:8B:A2:AF:F8:83:25:3C:DF:91:C0:6F:71:B4
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7B3F5557FDC93537A28BD4F1ED5D7
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rw7ZJBRuZYuir_iDJTzfkcBvcbQ.roa
Signing time: Mon 02 Jan 2023 05:15:11 +0000
ROA not before: Mon 02 Jan 2023 05:15:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203691
IP address blocks: 2a0e:b107:1c0::/48 maxlen: 48
2a0e:b107:1c1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 23 Jan 2023 10:50:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:b3:f5:55:7f:dc:93:53:7a:28:bd:4f:1e:d5:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af0ed924146e658ba2aff883253cdf91c06f71b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:1e:17:d7:d7:60:d0:0c:78:4b:e3:2a:6a:2d:
73:2e:9c:44:38:93:c0:ef:5e:09:a4:07:9d:b2:c7:
5e:f8:53:22:58:6c:42:36:ec:59:56:07:a7:bd:fd:
8e:a8:7e:72:1c:38:6d:28:0e:34:af:db:c9:5f:e2:
12:d8:18:3f:b8:49:58:50:1b:53:cf:2a:77:32:22:
98:fc:b5:71:b8:5b:34:d4:70:a8:9f:59:81:73:15:
52:70:d1:3f:ba:8a:90:be:d8:4a:7a:67:d9:af:5c:
e5:6d:c3:d9:60:47:01:16:75:f0:1a:d8:d3:53:4b:
30:93:24:f2:4c:c2:e7:43:d7:8c:32:07:b4:6e:5d:
d0:f5:08:3d:96:4d:7e:3b:bd:64:2c:9b:65:8c:60:
f7:b8:b0:33:b7:4f:40:b7:41:7f:8e:16:c0:e3:6f:
0a:8d:84:0e:56:4f:57:72:0a:8f:68:80:28:2a:71:
f8:60:70:ad:39:03:0b:20:eb:b8:ca:3b:02:4f:36:
62:aa:43:2d:94:f4:75:65:16:0e:a2:bf:9c:4f:6c:
b4:2a:ee:ab:95:84:10:37:84:dd:30:fa:82:9c:a0:
04:e3:58:74:52:2d:93:d1:d9:17:6d:46:6c:3f:bd:
da:e7:25:42:80:88:55:66:22:48:85:50:e7:ac:20:
40:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:0E:D9:24:14:6E:65:8B:A2:AF:F8:83:25:3C:DF:91:C0:6F:71:B4
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rw7ZJBRuZYuir_iDJTzfkcBvcbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1c0::/47
Signature Algorithm: sha256WithRSAEncryption
5a:1d:03:a6:a8:58:a1:78:f8:56:e7:f0:88:aa:aa:3e:cf:7c:
9d:18:fc:96:b6:81:3a:56:d0:5f:28:15:61:05:46:6b:2c:8e:
51:60:eb:47:0d:5c:e3:2b:2c:ca:ca:97:1f:7e:92:20:aa:35:
65:2e:2b:47:98:a7:4d:ac:62:aa:07:b3:3c:55:4f:7b:19:aa:
fa:a9:45:9e:c4:41:05:bb:c5:da:58:f0:fc:2b:73:16:d0:4e:
c0:8d:7c:1c:57:b6:5a:2a:a4:41:a7:5b:ea:a9:66:7e:28:80:
8e:fa:5f:41:ee:40:af:a5:b7:d6:0d:49:7e:aa:08:07:42:6f:
bc:0c:af:24:87:42:75:5b:f1:01:71:b6:73:1d:4d:68:33:1f:
ea:f1:75:b8:71:a0:85:ba:2c:4f:06:0c:73:41:a2:82:cb:43:
e8:dc:5d:d6:8a:21:23:27:06:66:a0:fd:04:e5:04:ea:3c:4b:
9a:c5:a3:95:76:11:3c:8b:cb:1c:c7:dc:6d:77:5c:6e:d8:28:
a9:ee:ad:6f:e3:08:53:b1:b6:81:91:4e:db:c4:25:79:25:92:
74:2f:46:f4:bb:50:82:b0:41:bb:e6:7b:50:e7:da:b6:12:f3:
dd:20:c5:42:f2:d5:71:1a:99:fe:c8:54:c2:ad:5a:0b:bd:ff:
08:1c:30:da
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw57P1VX/ck1N6KL1PHtXXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjBlZDkyNDE0NmU2NThiYTJhZmY4ODMyNTNjZGY5MWMwNmY3MWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgR4X19dg0Ax4S+Mqai1zLpxEOJPA
714JpAedssde+FMiWGxCNuxZVgenvf2OqH5yHDhtKA40r9vJX+IS2Bg/uElYUBtT
zyp3MiKY/LVxuFs01HCon1mBcxVScNE/uoqQvthKemfZr1zlbcPZYEcBFnXwGtjT
U0swkyTyTMLnQ9eMMge0bl3Q9Qg9lk1+O71kLJtljGD3uLAzt09At0F/jhbA428K
jYQOVk9XcgqPaIAoKnH4YHCtOQMLIOu4yjsCTzZiqkMtlPR1ZRYOor+cT2y0Ku6r
lYQQN4TdMPqCnKAE41h0Ui2T0dkXbUZsP73a5yVCgIhVZiJIhVDnrCBASwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFK8O2SQUbmWLoq/4gyU835HAb3G0MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcnc3WkpCUnVaWXVpcl9pREpUemZrY0J2Y2JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKg6xBwHA
MA0GCSqGSIb3DQEBCwUAA4IBAQBaHQOmqFihePhW5/CIqqo+z3ydGPyWtoE6VtBf
KBVhBUZrLI5RYOtHDVzjKyzKypcffpIgqjVlLitHmKdNrGKqB7M8VU97Gar6qUWe
xEEFu8XaWPD8K3MW0E7AjXwcV7ZaKqRBp1vqqWZ+KICO+l9B7kCvpbfWDUl+qggH
Qm+8DK8kh0J1W/EBcbZzHU1oMx/q8XW4caCFuixPBgxzQaKCy0Po3F3WiiEjJwZm
oP0E5QTqPEuaxaOVdhE8i8scx9xtd1xu2Cip7q1v4whTsbaBkU7bxCV5JZJ0L0b0
u1CCsEG75ntQ59q2EvPdIMVC8tVxGpn+yFTCrVoLvf8IHDDa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:39 2024 by rpki-client on console-fra.rpki-client.org