Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tHK_2QQ3yLk5u2JHZy1Xam298mw.roa
File: tHK_2QQ3yLk5u2JHZy1Xam298mw.roa (raw, json)
Hash identifier: g5caFrJihIxKjgXDMfLKR1dHRdFUKBARW60M2CSgWcM=
Subject key identifier: B4:72:BF:D9:04:37:C8:B9:39:BB:62:47:67:2D:57:6A:6D:BD:F2:6C
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018C5D0214A08470B750BF56F6A26C295823
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tHK_2QQ3yLk5u2JHZy1Xam298mw.roa
Signing time: Tue 12 Dec 2023 07:51:06 +0000
ROA not before: Tue 12 Dec 2023 07:51:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60939
IP address blocks: 2a0e:97c4:13c::/48 maxlen: 48
2a0e:97c4:13c::/46 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5d:02:14:a0:84:70:b7:50:bf:56:f6:a2:6c:29:58:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 12 07:51:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b472bfd90437c8b939bb6247672d576a6dbdf26c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:27:f0:9b:0f:84:14:cb:b0:58:76:52:c6:78:
1a:0e:4a:ca:76:37:82:91:4f:d2:77:e9:89:99:9f:
6b:ad:51:2b:d9:d1:42:3c:a5:c1:96:14:ae:b2:eb:
cd:f2:ab:ee:5a:b9:5b:a7:e7:8d:7e:5a:17:56:ae:
02:ee:d5:64:4f:27:73:ab:81:ea:e0:be:b3:25:06:
74:ec:61:00:48:43:c9:d5:53:7e:9e:aa:96:4b:b8:
50:65:08:98:0f:68:c8:a9:db:81:55:04:04:fe:7b:
98:49:23:f9:7d:15:71:5b:b9:60:99:c3:98:cc:5d:
f0:17:d6:b0:27:8a:e1:7e:42:28:c1:89:4a:42:77:
70:65:d5:db:42:9b:08:45:ea:06:40:59:36:89:b6:
f6:8d:fc:71:a4:1f:29:dc:94:56:52:a4:b4:ca:b8:
1c:4a:b7:8d:51:c5:71:2d:b8:38:c9:20:20:ae:d8:
8e:cb:1e:62:23:76:e1:32:06:cf:04:fe:91:ef:d2:
0b:72:f5:58:2a:fd:53:d9:ae:f8:1f:70:2d:6f:b0:
45:f6:c1:1b:4b:df:05:29:84:21:58:d5:64:2c:56:
68:d2:2f:1b:d7:99:74:dc:76:a8:ca:04:62:25:5c:
74:11:86:f0:f0:93:04:78:20:eb:51:79:15:d6:4f:
44:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:72:BF:D9:04:37:C8:B9:39:BB:62:47:67:2D:57:6A:6D:BD:F2:6C
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tHK_2QQ3yLk5u2JHZy1Xam298mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c4:13c::/46
Signature Algorithm: sha256WithRSAEncryption
18:c2:0b:75:87:56:da:4c:65:22:bc:05:f9:1b:63:b3:df:27:
be:d6:c8:90:06:51:43:08:bc:d5:6f:9e:f9:96:73:1d:de:58:
4c:b2:70:b5:34:ff:ff:df:7e:87:2a:bd:35:ba:35:3d:9a:df:
8a:f9:8c:28:50:36:7a:14:9c:b5:69:87:5a:50:f5:9b:0d:ff:
20:f9:d0:c9:6f:97:1e:8f:97:a7:8a:a6:de:0f:ba:b8:7f:63:
54:cb:d6:cd:5d:0a:fc:ea:90:6d:83:3a:3b:43:9f:b0:2d:32:
59:18:e2:d9:22:28:7b:bb:4b:a3:7f:aa:27:70:44:c8:7b:d6:
42:ad:9e:c2:5f:8f:78:8d:e8:20:ba:22:a7:d9:07:48:05:b4:
ed:89:8f:e9:0f:98:9a:25:a9:b5:c4:28:26:13:3a:91:ca:a7:
51:22:7d:1d:b2:41:f8:b9:af:cf:6d:8c:bb:1c:d3:1e:10:d4:
ea:e0:e6:f6:27:15:02:2a:f9:89:8a:b6:d7:bf:e1:ca:24:8b:
00:ce:99:19:52:b1:f3:1f:7e:aa:0a:1c:cd:80:3a:82:45:7c:
3e:a6:53:ef:61:c2:cb:3f:ee:18:4d:c4:b5:78:05:f4:d2:a6:
d4:74:1b:38:ce:14:ad:6c:34:cd:35:93:83:66:32:38:ec:d5:
bf:93:a6:1e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYxdAhSghHC3UL9W9qJsKVgjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMjEyMDc1MTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDcyYmZkOTA0MzdjOGI5MzliYjYyNDc2NzJkNTc2YTZkYmRmMjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCfwmw+EFMuwWHZSxngaDkrKdjeC
kU/Sd+mJmZ9rrVEr2dFCPKXBlhSusuvN8qvuWrlbp+eNfloXVq4C7tVkTydzq4Hq
4L6zJQZ07GEASEPJ1VN+nqqWS7hQZQiYD2jIqduBVQQE/nuYSSP5fRVxW7lgmcOY
zF3wF9awJ4rhfkIowYlKQndwZdXbQpsIReoGQFk2ibb2jfxxpB8p3JRWUqS0yrgc
SreNUcVxLbg4ySAgrtiOyx5iI3bhMgbPBP6R79ILcvVYKv1T2a74H3Atb7BF9sEb
S98FKYQhWNVkLFZo0i8b15l03HaoygRiJVx0EYbw8JMEeCDrUXkV1k9EiwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLRyv9kEN8i5ObtiR2ctV2ptvfJsMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdEhLXzJRUTN5TGs1dTJKSFp5MVhhbTI5OG13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKg6XxAE8
MA0GCSqGSIb3DQEBCwUAA4IBAQAYwgt1h1baTGUivAX5G2Oz3ye+1siQBlFDCLzV
b575lnMd3lhMsnC1NP//336HKr01ujU9mt+K+YwoUDZ6FJy1aYdaUPWbDf8g+dDJ
b5cej5eniqbeD7q4f2NUy9bNXQr86pBtgzo7Q5+wLTJZGOLZIih7u0ujf6oncETI
e9ZCrZ7CX494jegguiKn2QdIBbTtiY/pD5iaJam1xCgmEzqRyqdRIn0dskH4ua/P
bYy7HNMeENTq4Ob2JxUCKvmJirbXv+HKJIsAzpkZUrHzH36qChzNgDqCRXw+plPv
YcLLP+4YTcS1eAX00qbUdBs4zhStbDTNNZODZjI47NW/k6Ye
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:33 2024 by rpki-client on console-fra.rpki-client.org