Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rzGTmdqgMrIp3nDNkq1CD4f-2Jc.roa
File: rzGTmdqgMrIp3nDNkq1CD4f-2Jc.roa (raw, json)
Hash identifier: eSVpI5ZHM5Gi433OjxkEpWm1Glrq1QS9Tq+3SfKDlhw=
Subject key identifier: AF:31:93:99:DA:A0:32:B2:29:DE:70:CD:92:AD:42:0F:87:FE:D8:97
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0188760DC0400AC8C204004327E64339CB05
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rzGTmdqgMrIp3nDNkq1CD4f-2Jc.roa
Signing time: Thu 01 Jun 2023 08:23:12 +0000
ROA not before: Thu 01 Jun 2023 08:23:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 53667
IP address blocks: 2a10:ccc2:9c00::/38 maxlen: 48
2a06:de01:400::/38 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:76:0d:c0:40:0a:c8:c2:04:00:43:27:e6:43:39:cb:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 1 08:23:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af319399daa032b229de70cd92ad420f87fed897
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b8:13:9c:a5:0d:0d:34:bb:b8:7a:0a:c1:01:
25:80:0e:aa:fb:1f:29:88:12:9b:f1:fb:bc:30:ea:
ca:d1:c4:a9:d8:7a:9d:c4:7f:39:9f:bb:6e:cf:86:
55:2f:7f:77:21:bb:2a:ef:08:18:38:f1:fa:7a:7a:
74:ef:c7:95:1c:8c:9a:37:d1:17:4e:74:de:96:d5:
b7:50:bb:0e:8c:d2:25:bf:a0:a3:14:c4:6c:0e:d8:
b7:6b:46:31:4e:27:ae:75:87:ee:29:8a:bf:1b:c0:
a7:22:5a:bf:8b:ed:b9:d4:c4:c9:50:05:5f:21:30:
d0:41:ea:e1:e9:a7:74:ae:e3:64:33:99:6b:35:7c:
f4:f1:60:7b:ae:c6:6d:0f:b0:cb:44:bf:99:7e:69:
c5:95:3f:96:75:35:ea:67:d2:a7:bf:4e:1f:52:87:
57:64:c3:04:4b:9c:8b:88:95:fc:2c:2a:fc:a5:5e:
82:ca:32:51:0e:60:d7:79:4b:5f:ba:f0:0d:43:35:
f2:07:1e:14:f0:bc:66:10:5d:65:ee:3f:a0:02:5a:
41:23:99:25:36:90:6a:2f:1b:aa:1f:6a:9e:52:26:
e8:d2:6c:bf:25:d5:a7:fd:eb:a6:15:76:b8:13:d5:
c7:c8:58:f8:ed:8e:72:24:78:eb:40:93:97:d6:09:
d1:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:31:93:99:DA:A0:32:B2:29:DE:70:CD:92:AD:42:0F:87:FE:D8:97
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rzGTmdqgMrIp3nDNkq1CD4f-2Jc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de01:400::/38
2a10:ccc2:9c00::/38
Signature Algorithm: sha256WithRSAEncryption
b3:36:92:eb:4c:3d:ff:d5:9c:fb:d2:e9:b0:f7:94:2a:8a:5f:
e0:64:63:01:9f:c1:d3:4a:a4:9e:1f:48:ad:2c:dd:7d:55:56:
b5:32:85:eb:a7:b0:bf:b5:f9:60:f9:33:93:06:e6:2f:5d:cf:
79:d8:1f:9d:dc:cf:6f:ca:67:a3:ac:34:2b:2b:fa:25:f3:74:
64:5f:de:70:3c:0a:44:b1:ed:af:96:49:ee:44:3b:13:62:f3:
69:5a:be:64:07:56:f1:c9:42:ea:89:e6:ad:f0:fe:13:f6:3d:
2b:8a:33:b8:8f:a2:62:24:5c:ec:cc:b7:2b:e0:37:ec:28:f4:
ef:66:dc:b5:c6:d9:81:21:8f:af:2e:88:e5:95:ae:0e:bb:db:
ac:c6:f6:d9:a0:97:ea:cf:44:93:9f:f2:2f:69:73:c3:6f:dd:
60:4c:92:f0:a9:9a:28:32:b8:44:8b:dd:5a:1a:0a:d9:90:85:
67:e6:80:aa:39:ad:6a:a0:e9:d8:30:39:18:2e:1b:93:f9:0b:
10:88:dc:6c:7f:a7:96:ec:7f:58:97:e6:4f:e2:bc:ed:26:0d:
d1:fd:8d:b7:0d:4d:73:0a:97:de:00:4a:2e:94:26:c4:fd:fe:
d8:71:2a:d2:f6:43:a2:9f:a0:44:eb:65:d7:f4:02:6d:52:a7:
38:d4:1f:76
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYh2DcBACsjCBABDJ+ZDOcsFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNjAxMDgyMzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjMxOTM5OWRhYTAzMmIyMjlkZTcwY2Q5MmFkNDIwZjg3ZmVkODk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLgTnKUNDTS7uHoKwQElgA6q+x8p
iBKb8fu8MOrK0cSp2HqdxH85n7tuz4ZVL393Ibsq7wgYOPH6enp078eVHIyaN9EX
TnTeltW3ULsOjNIlv6CjFMRsDti3a0YxTieudYfuKYq/G8CnIlq/i+251MTJUAVf
ITDQQerh6ad0ruNkM5lrNXz08WB7rsZtD7DLRL+ZfmnFlT+WdTXqZ9Knv04fUodX
ZMMES5yLiJX8LCr8pV6CyjJRDmDXeUtfuvANQzXyBx4U8LxmEF1l7j+gAlpBI5kl
NpBqLxuqH2qeUibo0my/JdWn/eumFXa4E9XHyFj47Y5yJHjrQJOX1gnRqwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFK8xk5naoDKyKd5wzZKtQg+H/tiXMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcnpHVG1kcWdNcklwM25ETmtxMUNENGYtMkpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYCKgbeAQQD
BgIqEMzCnDANBgkqhkiG9w0BAQsFAAOCAQEAszaS60w9/9Wc+9LpsPeUKopf4GRj
AZ/B00qknh9IrSzdfVVWtTKF66ewv7X5YPkzkwbmL13PedgfndzPb8pno6w0Kyv6
JfN0ZF/ecDwKRLHtr5ZJ7kQ7E2LzaVq+ZAdW8clC6onmrfD+E/Y9K4ozuI+iYiRc
7My3K+A37Cj072bctcbZgSGPry6I5ZWuDrvbrMb22aCX6s9Ek5/yL2lzw2/dYEyS
8KmaKDK4RIvdWhoK2ZCFZ+aAqjmtaqDp2DA5GC4bk/kLEIjcbH+nlux/WJfmT+K8
7SYN0f2Ntw1NcwqX3gBKLpQmxP3+2HEq0vZDop+gROtl1/QCbVKnONQfdg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:20 2023 by rpki-client on console-fra.rpki-client.org