Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/stIDSS7DKYIaqBOO4c4xlOz95pI.roa
File: stIDSS7DKYIaqBOO4c4xlOz95pI.roa (raw, json)
Hash identifier: jb9+TfS+rvYbWDUiEsdNVLCSrAddy7ytcOlwvrEEcvE=
Subject key identifier: B2:D2:03:49:2E:C3:29:82:1A:A8:13:8E:E1:CE:31:94:EC:FD:E6:92
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018AD64B35EE4D6096FE80B3E2CDB8A075A6
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/stIDSS7DKYIaqBOO4c4xlOz95pI.roa
Signing time: Wed 27 Sep 2023 10:59:27 +0000
ROA not before: Wed 27 Sep 2023 10:59:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199766
IP address blocks: 2a06:de00:11::/48 maxlen: 48
2a06:de00:18::/48 maxlen: 48
2a06:de00:10::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d6:4b:35:ee:4d:60:96:fe:80:b3:e2:cd:b8:a0:75:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 27 10:59:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2d203492ec329821aa8138ee1ce3194ecfde692
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:3e:d4:2a:47:7e:45:01:09:3b:25:43:79:e5:
6b:e1:a7:09:11:d7:84:af:c5:58:72:25:d7:c7:3e:
b9:c8:4d:1f:1f:f1:60:7c:79:21:41:c2:cb:3c:ce:
a4:92:85:99:74:c9:3e:25:c7:08:ba:17:3f:fa:32:
17:32:28:6d:58:c5:cd:ba:29:6a:fd:1c:6f:fb:34:
7b:4d:fc:b6:94:0b:16:80:4a:71:fb:89:b3:f3:dd:
81:24:94:18:2d:2e:a6:13:9f:06:39:8c:1d:82:3c:
61:57:10:92:dc:61:a0:d2:3b:83:dc:c3:ab:b5:94:
18:86:f2:6f:42:10:23:1c:5b:f7:17:22:78:40:2d:
65:1f:62:3e:25:33:52:e6:ff:70:21:16:da:9d:2a:
46:73:63:3b:4d:7e:52:80:b8:7a:02:06:88:ee:ca:
3a:f8:f8:63:cc:eb:4b:02:e9:7c:26:80:7b:b5:59:
d4:13:b1:09:ca:19:fd:6c:82:4b:ee:ff:81:13:83:
be:04:76:6e:4a:6a:e1:d8:c7:f1:03:60:53:76:6d:
30:09:6c:fa:a8:6b:d0:0c:01:e7:c4:f3:97:01:76:
bb:8d:d2:d6:14:b0:b5:f0:a6:df:50:80:ae:d4:f2:
f2:d2:e2:f0:5f:01:80:ee:5b:9b:ae:ae:46:9e:65:
f0:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:D2:03:49:2E:C3:29:82:1A:A8:13:8E:E1:CE:31:94:EC:FD:E6:92
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/stIDSS7DKYIaqBOO4c4xlOz95pI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de00:10::/47
2a06:de00:18::/48
Signature Algorithm: sha256WithRSAEncryption
07:11:97:c1:6a:38:6c:d5:79:a1:15:cc:87:4e:7e:63:02:bf:
f5:53:64:e1:a1:d6:94:e1:ae:c7:75:41:e8:de:8e:ab:59:34:
51:3d:f3:96:ed:17:d3:56:ea:b5:30:eb:d2:3b:6b:a6:23:59:
49:88:f1:42:f1:b4:b9:f5:4a:f5:ea:b9:01:2b:51:4f:95:30:
da:d8:e6:12:66:d9:4b:83:00:d1:6f:a0:22:85:92:6d:0e:ff:
82:f4:3f:9a:48:a9:73:16:0c:cd:f8:95:fc:f0:59:b1:8e:39:
28:b3:b9:c8:62:65:8b:52:52:29:a7:e3:82:4b:7e:89:93:f1:
a3:d6:fe:bc:7a:80:2e:07:ad:90:0d:cd:25:42:a1:47:fc:ba:
4a:cc:c1:c6:58:80:5a:ee:59:50:b3:bd:1a:34:d4:3f:bd:d3:
d9:42:d7:3b:de:af:bb:14:18:df:52:fe:f2:4b:c4:28:40:6d:
9a:23:93:7e:5b:15:cf:cd:16:4b:58:f7:3e:18:d2:c5:1e:ef:
11:51:55:11:98:4d:26:1a:a0:fd:88:76:be:f0:f3:ae:1d:b5:
42:87:69:bb:cc:aa:83:61:80:cb:a8:37:6c:ac:a9:70:c8:23:
97:71:73:15:b2:63:b6:85:80:b3:8d:04:1e:57:ca:39:60:fb:
5d:d1:38:37
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYrWSzXuTWCW/oCz4s24oHWmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwOTI3MTA1OTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmQyMDM0OTJlYzMyOTgyMWFhODEzOGVlMWNlMzE5NGVjZmRlNjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkj7UKkd+RQEJOyVDeeVr4acJEdeE
r8VYciXXxz65yE0fH/FgfHkhQcLLPM6kkoWZdMk+JccIuhc/+jIXMihtWMXNuilq
/Rxv+zR7Tfy2lAsWgEpx+4mz892BJJQYLS6mE58GOYwdgjxhVxCS3GGg0juD3MOr
tZQYhvJvQhAjHFv3FyJ4QC1lH2I+JTNS5v9wIRbanSpGc2M7TX5SgLh6AgaI7so6
+PhjzOtLAul8JoB7tVnUE7EJyhn9bIJL7v+BE4O+BHZuSmrh2MfxA2BTdm0wCWz6
qGvQDAHnxPOXAXa7jdLWFLC18KbfUICu1PLy0uLwXwGA7lubrq5GnmXwbwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLLSA0kuwymCGqgTjuHOMZTs/eaSMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvc3RJRFNTN0RLWUlhcUJPTzRjNHhsT3o5NXBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcBKgbeAAAQ
AwcAKgbeAAAYMA0GCSqGSIb3DQEBCwUAA4IBAQAHEZfBajhs1XmhFcyHTn5jAr/1
U2ThodaU4a7HdUHo3o6rWTRRPfOW7RfTVuq1MOvSO2umI1lJiPFC8bS59Ur16rkB
K1FPlTDa2OYSZtlLgwDRb6AihZJtDv+C9D+aSKlzFgzN+JX88Fmxjjkos7nIYmWL
UlIpp+OCS36Jk/Gj1v68eoAuB62QDc0lQqFH/LpKzMHGWIBa7llQs70aNNQ/vdPZ
Qtc73q+7FBjfUv7yS8QoQG2aI5N+WxXPzRZLWPc+GNLFHu8RUVURmE0mGqD9iHa+
8POuHbVCh2m7zKqDYYDLqDdsrKlwyCOXcXMVsmO2hYCzjQQeV8o5YPtd0Tg3
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:33 2024 by rpki-client on console-fra.rpki-client.org