Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/sVjAGuXwaiWVMXJxlbpe7_cQJyk.roa
File: sVjAGuXwaiWVMXJxlbpe7_cQJyk.roa (raw, json)
Hash identifier: 6t1WbeDWfhs8N3+aHFK+MXNrNIZRqM05iYFtzeEjjus=
Subject key identifier: B1:58:C0:1A:E5:F0:6A:25:95:31:72:71:95:BA:5E:EF:F7:10:27:29
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018C659842E4178BBBDBB6437E88E5156F1B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/sVjAGuXwaiWVMXJxlbpe7_cQJyk.roa
Signing time: Wed 13 Dec 2023 23:52:06 +0000
ROA not before: Wed 13 Dec 2023 23:52:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212793
IP address blocks: 2a10:2f01:2d0::/44 maxlen: 48
2a10:2f00:147::/48 maxlen: 48
2a0f:e401:130::/44 maxlen: 48
2a10:2f01:2d1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:65:98:42:e4:17:8b:bb:db:b6:43:7e:88:e5:15:6f:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 13 23:52:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b158c01ae5f06a259531727195ba5eeff7102729
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:45:93:0b:95:5c:d6:b8:79:99:1d:fa:b1:5f:
71:e3:9f:c8:bd:03:59:8c:6d:d0:56:c5:3a:c1:32:
fd:ac:f1:b0:fb:f1:69:62:dc:a2:14:83:af:f9:2e:
57:ca:03:21:74:ec:91:c1:97:e0:84:9f:7e:66:e8:
63:5d:b0:b4:85:52:4f:e0:7c:93:23:cc:19:8b:96:
fb:6c:fa:ab:79:21:d4:43:d8:45:bc:06:f8:77:bc:
06:e7:7f:fd:de:c8:85:93:6d:fb:1c:48:22:cd:ee:
05:e7:2a:2b:3b:a1:ae:77:b1:c5:e0:ce:ae:11:2a:
92:1e:6e:a5:ea:59:0e:dc:d4:fc:af:fc:cc:1a:71:
5b:28:de:4e:ef:be:dc:4e:33:89:73:25:8c:df:46:
b4:da:d2:c7:1c:2a:14:67:f7:13:15:57:00:b9:c9:
35:b1:6c:92:77:0b:4e:d2:ec:5b:f1:8e:80:7d:a5:
1d:4c:c4:72:14:33:bd:63:01:6c:75:f9:5e:dd:e5:
72:f3:f8:4e:a3:1e:68:cd:3d:e0:35:cc:73:bd:ff:
ef:d8:26:f4:5b:22:8b:19:22:bd:9b:db:ac:50:95:
b3:8f:b9:9e:57:a5:5f:ce:4b:0b:e1:80:43:39:b3:
db:c3:60:b1:64:21:86:70:a0:b1:52:c0:ed:fd:aa:
de:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:58:C0:1A:E5:F0:6A:25:95:31:72:71:95:BA:5E:EF:F7:10:27:29
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/sVjAGuXwaiWVMXJxlbpe7_cQJyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e401:130::/44
2a10:2f00:147::/48
2a10:2f01:2d0::/44
Signature Algorithm: sha256WithRSAEncryption
17:c6:e5:54:ef:1f:e2:3a:c1:7d:6e:18:24:2e:5e:c3:51:07:
f3:ce:75:2e:43:25:99:8f:ae:bf:6b:fc:df:84:06:93:df:b4:
68:33:bd:3f:06:97:c6:85:51:65:38:7f:13:05:0d:c3:ae:0f:
48:d1:fd:68:a0:06:bb:52:dd:14:7a:67:ad:6c:2f:b5:17:b1:
82:7a:bf:0a:03:2f:11:8c:09:90:ed:da:d8:73:ba:6c:85:e2:
49:4a:44:ee:48:ab:d9:48:6d:bb:21:a6:02:b8:5e:00:63:42:
c9:93:6f:0d:57:dc:0c:4f:a4:2a:25:85:25:f6:3a:ff:b3:ad:
f9:0d:e8:d9:a7:c3:34:e8:dd:34:96:8f:48:c3:d0:25:e5:59:
36:d8:67:50:94:71:50:93:7a:b5:84:f5:bf:a1:b0:83:e7:43:
b5:96:03:a0:a6:cf:0f:95:c5:41:83:28:19:9d:cf:ca:56:d4:
ac:22:1c:ad:93:cd:a0:68:4d:f6:86:17:eb:00:07:fd:c0:ff:
af:04:11:f7:ce:60:bd:4f:30:42:f9:89:75:8b:ae:da:f4:27:
b2:4a:5a:b6:b0:17:a5:0c:a1:44:e1:7b:ac:c5:28:92:c5:b7:
68:e9:fc:8d:89:a9:6b:65:65:4c:27:32:7f:2c:19:07:58:f7:
5c:d4:a9:ba
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYxlmELkF4u727ZDfojlFW8bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMjEzMjM1MjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTU4YzAxYWU1ZjA2YTI1OTUzMTcyNzE5NWJhNWVlZmY3MTAyNzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUWTC5Vc1rh5mR36sV9x45/IvQNZ
jG3QVsU6wTL9rPGw+/FpYtyiFIOv+S5XygMhdOyRwZfghJ9+ZuhjXbC0hVJP4HyT
I8wZi5b7bPqreSHUQ9hFvAb4d7wG53/93siFk237HEgize4F5yorO6Gud7HF4M6u
ESqSHm6l6lkO3NT8r/zMGnFbKN5O777cTjOJcyWM30a02tLHHCoUZ/cTFVcAuck1
sWySdwtO0uxb8Y6AfaUdTMRyFDO9YwFsdfle3eVy8/hOox5ozT3gNcxzvf/v2Cb0
WyKLGSK9m9usUJWzj7meV6VfzksL4YBDObPbw2CxZCGGcKCxUsDt/areMwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLFYwBrl8GollTFycZW6Xu/3ECcpMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvc1ZqQUd1WHdhaVdWTVhKeGxicGU3X2NRSnlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcEKg/kAQEw
AwcAKhAvAAFHAwcEKhAvAQLQMA0GCSqGSIb3DQEBCwUAA4IBAQAXxuVU7x/iOsF9
bhgkLl7DUQfzznUuQyWZj66/a/zfhAaT37RoM70/BpfGhVFlOH8TBQ3Drg9I0f1o
oAa7Ut0UemetbC+1F7GCer8KAy8RjAmQ7drYc7psheJJSkTuSKvZSG27IaYCuF4A
Y0LJk28NV9wMT6QqJYUl9jr/s635DejZp8M06N00lo9Iw9Al5Vk22GdQlHFQk3q1
hPW/obCD50O1lgOgps8PlcVBgygZnc/KVtSsIhytk82gaE32hhfrAAf9wP+vBBH3
zmC9TzBC+Yl1i67a9CeySlq2sBelDKFE4XusxSiSxbdo6fyNialrZWVMJzJ/LBkH
WPdc1Km6
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:33 2024 by rpki-client on console-fra.rpki-client.org