Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/s8rVnPVACGo0QiM6ypJTWe7mJ9w.roa
File: s8rVnPVACGo0QiM6ypJTWe7mJ9w.roa (raw, json)
Hash identifier: MAIy0PI5bbc1343vlImpN80Z86waKaJIFnPdbcLXRDM=
Subject key identifier: B3:CA:D5:9C:F5:40:08:6A:34:42:23:3A:CA:92:53:59:EE:E6:27:DC
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185EB1276D7DDA80253A4FC75F3FB307A8D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/s8rVnPVACGo0QiM6ypJTWe7mJ9w.roa
Signing time: Wed 25 Jan 2023 22:35:33 +0000
ROA not before: Wed 25 Jan 2023 22:35:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212196
IP address blocks: 2a0e:b107:ec0::/48 maxlen: 48
2a0e:b107:ec0::/44 maxlen: 48
2a0e:b107:ec2::/48 maxlen: 48
2a0e:b107:ecf::/48 maxlen: 48
2a0e:b107:ec1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:eb:12:76:d7:dd:a8:02:53:a4:fc:75:f3:fb:30:7a:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 25 22:35:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3cad59cf540086a3442233aca925359eee627dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c0:d8:56:5c:f4:26:4d:22:8c:6c:74:07:25:
18:e0:89:c8:b7:c8:ca:f1:6e:ee:36:15:7d:2f:e9:
fb:e3:ff:cc:9d:01:2b:8e:69:56:c2:0b:d5:b8:e8:
5a:37:30:04:d8:1e:22:aa:b3:9b:0f:8e:75:b0:a3:
4d:19:ae:25:1d:5f:5d:30:5b:48:98:78:f9:86:b4:
8d:ea:9d:b7:ee:c0:db:5f:00:d1:24:0d:92:15:0a:
06:29:bf:13:35:5a:97:0c:67:ca:0e:a8:96:2b:85:
14:7b:96:07:ef:a4:e6:1a:33:41:58:3a:20:eb:07:
db:32:bb:db:90:7c:4b:f7:82:07:21:8e:bb:64:7c:
b2:63:11:6b:dd:5c:c2:96:de:cc:b0:7a:75:a9:67:
1b:89:a7:b9:10:c3:e3:05:b3:21:b4:b4:2a:a1:02:
00:d8:39:8b:82:d1:3f:ac:8f:45:9c:4c:89:bd:9d:
d3:10:0c:42:af:61:3e:4f:b6:a9:29:a7:63:64:df:
5f:6a:99:e6:2b:08:49:ee:5e:9b:70:99:d4:29:f5:
13:85:ca:95:87:e8:37:f2:e4:29:96:8a:7e:a3:30:
cf:28:d4:c0:4b:48:0a:ac:6e:83:04:02:48:21:a5:
4b:6d:5e:59:02:82:8c:36:e9:1b:79:07:39:61:a3:
06:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:CA:D5:9C:F5:40:08:6A:34:42:23:3A:CA:92:53:59:EE:E6:27:DC
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/s8rVnPVACGo0QiM6ypJTWe7mJ9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:ec0::/44
Signature Algorithm: sha256WithRSAEncryption
c5:bf:5b:3a:e7:dd:19:02:3b:88:26:d7:a2:f2:3e:f5:d6:d0:
5d:82:91:9f:5b:36:1d:04:f2:98:25:c0:78:8f:96:a7:37:1c:
21:5c:20:72:62:fe:d0:21:c2:a5:51:5d:af:a6:6e:47:bf:97:
95:fd:78:bc:21:e1:aa:ac:e8:1c:f6:b8:56:73:4e:85:a3:b2:
4c:cb:ba:b6:00:10:9f:0c:6c:81:78:aa:97:ae:cb:7c:49:09:
3f:7d:29:c7:b6:25:21:a4:a5:9c:13:77:50:66:61:8e:3e:d8:
c3:10:97:bc:bf:ba:fe:a7:30:6f:6e:bb:f1:7c:44:31:fc:be:
1f:26:39:4e:a8:2e:0e:1c:67:d1:cb:04:bc:e9:b9:df:7e:a2:
18:46:3d:3e:ab:45:9c:67:cb:22:88:08:8c:2e:8d:86:b3:38:
dc:e7:e5:d9:06:a2:ec:cd:b0:d5:87:76:05:33:15:05:48:5d:
81:fe:80:70:ea:3e:f8:f1:9c:94:c7:f6:a2:2f:bd:e8:b2:b7:
28:97:2d:fc:3e:76:cb:a2:11:dc:60:ba:f4:76:14:8e:68:a3:
f1:fc:63:91:23:41:39:31:43:f7:8e:0d:95:33:e9:3d:69:75:
e9:81:18:49:44:6c:4f:ba:dc:af:cb:c5:12:1e:ae:af:43:c0:
28:51:38:ce
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXrEnbX3agCU6T8dfP7MHqNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI1MjIzNTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2NhZDU5Y2Y1NDAwODZhMzQ0MjIzM2FjYTkyNTM1OWVlZTYyN2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsDYVlz0Jk0ijGx0ByUY4InIt8jK
8W7uNhV9L+n74//MnQErjmlWwgvVuOhaNzAE2B4iqrObD451sKNNGa4lHV9dMFtI
mHj5hrSN6p237sDbXwDRJA2SFQoGKb8TNVqXDGfKDqiWK4UUe5YH76TmGjNBWDog
6wfbMrvbkHxL94IHIY67ZHyyYxFr3VzClt7MsHp1qWcbiae5EMPjBbMhtLQqoQIA
2DmLgtE/rI9FnEyJvZ3TEAxCr2E+T7apKadjZN9fapnmKwhJ7l6bcJnUKfUThcqV
h+g38uQplop+ozDPKNTAS0gKrG6DBAJIIaVLbV5ZAoKMNukbeQc5YaMGMwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLPK1Zz1QAhqNEIjOsqSU1nu5ifcMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvczhyVm5QVkFDR28wUWlNNnlwSlRXZTdtSjl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBw7A
MA0GCSqGSIb3DQEBCwUAA4IBAQDFv1s6590ZAjuIJtei8j711tBdgpGfWzYdBPKY
JcB4j5anNxwhXCByYv7QIcKlUV2vpm5Hv5eV/Xi8IeGqrOgc9rhWc06Fo7JMy7q2
ABCfDGyBeKqXrst8SQk/fSnHtiUhpKWcE3dQZmGOPtjDEJe8v7r+pzBvbrvxfEQx
/L4fJjlOqC4OHGfRywS86bnffqIYRj0+q0WcZ8siiAiMLo2Gszjc5+XZBqLszbDV
h3YFMxUFSF2B/oBw6j748ZyUx/aiL73osrcoly38PnbLohHcYLr0dhSOaKPx/GOR
I0E5MUP3jg2VM+k9aXXpgRhJRGxPutyvy8USHq6vQ8AoUTjO
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:52 2024 by rpki-client on console-ams.rpki-client.org