Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tS_kH8mTs4Hn-pghyzq4o7y4sGc.roa
File: tS_kH8mTs4Hn-pghyzq4o7y4sGc.roa (raw, json)
Hash identifier: 4qy17gh3zIUp1XPGXF0T1hPjYmJrTK5E959AsK40oso=
Subject key identifier: B5:2F:E4:1F:C9:93:B3:81:E7:FA:98:21:CB:3A:B8:A3:BC:B8:B0:67
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E81B6820E459875AF9060EB3E34196
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tS_kH8mTs4Hn-pghyzq4o7y4sGc.roa
Signing time: Mon 02 Jan 2023 05:15:37 +0000
ROA not before: Mon 02 Jan 2023 05:15:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212568
IP address blocks: 2a10:2f01:300::/44 maxlen: 48
2a10:2f00:151::/48 maxlen: 48
2a10:2f01:30a::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e8:1b:68:20:e4:59:87:5a:f9:06:0e:b3:e3:41:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b52fe41fc993b381e7fa9821cb3ab8a3bcb8b067
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e4:f4:eb:7a:75:ea:09:4c:8a:f5:04:72:29:
c3:a1:70:14:7f:40:69:0f:ef:f1:28:03:bb:bb:6f:
ff:57:40:a8:d6:99:53:27:58:f8:46:db:8b:d4:8d:
02:5c:4f:d4:0e:52:04:a3:f2:77:8f:1f:ae:7b:3c:
8c:91:50:5b:34:85:3a:97:c7:ef:7a:72:7e:07:44:
12:7f:82:93:59:6f:f7:05:d6:ca:e0:0b:0e:7b:47:
2b:0c:1c:80:5b:39:d1:92:1d:24:d5:ec:c0:f1:d6:
d1:fe:c7:37:fa:c3:95:0e:c9:b1:57:c4:b0:35:a3:
d6:f2:13:64:b2:2b:1a:87:75:e9:f4:70:48:0a:7d:
29:66:c3:b5:62:bd:87:dc:b4:68:18:e7:79:f3:ce:
89:69:3f:29:fa:36:2d:ec:63:3e:ed:13:d8:3f:e8:
6f:fb:97:20:25:f3:c8:ad:62:50:d2:2e:f5:27:ad:
47:2c:9c:e1:aa:38:37:d5:76:d6:48:a8:8c:3a:f4:
d4:bf:eb:88:9f:1a:76:fc:c3:cc:41:14:da:e9:67:
96:9b:e1:a9:91:46:e5:f4:2a:96:61:da:cc:b1:94:
1a:ce:1a:70:a1:a6:74:78:d1:dc:88:c0:8c:d3:11:
fe:31:0b:7f:e2:51:6e:ae:e5:50:10:b5:cf:ba:3d:
ba:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:2F:E4:1F:C9:93:B3:81:E7:FA:98:21:CB:3A:B8:A3:BC:B8:B0:67
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tS_kH8mTs4Hn-pghyzq4o7y4sGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:2f00:151::/48
2a10:2f01:300::/44
Signature Algorithm: sha256WithRSAEncryption
83:0a:91:4a:26:ad:cf:72:fa:84:81:92:72:6f:8d:4e:8b:7e:
62:92:c9:c2:1a:b0:c7:19:e7:91:fe:2b:cc:6b:c7:18:64:73:
31:6f:03:e4:86:bd:99:7a:c8:b9:f2:f6:85:64:dc:28:0d:28:
a2:a3:cc:2a:08:d5:6a:1d:86:eb:d9:d8:4a:02:1e:ad:dd:2b:
95:06:b1:d9:6a:fc:39:18:48:46:c3:6c:89:ea:3c:f0:cf:65:
be:f7:5d:d2:10:3b:d2:80:78:5b:02:b0:98:45:3e:8a:ac:e9:
76:cc:e1:a2:f0:95:aa:4b:21:dd:b6:67:8e:5a:3b:aa:24:d1:
39:7d:7d:a2:a6:40:0e:f3:21:af:28:e5:38:f8:00:c8:91:40:
b4:92:ff:aa:bc:f5:84:4a:30:4b:f0:e1:68:af:ad:1b:ce:04:
26:55:56:a4:98:62:ff:dc:a5:e3:78:90:1a:de:d3:37:46:28:
c3:9a:d1:90:78:0e:3f:0d:9c:be:01:f5:e9:34:cc:9b:59:9f:
0b:25:69:be:11:dd:1f:77:97:91:ca:ab:cd:ba:17:5d:e4:7c:
52:73:af:2d:0a:74:b8:83:7b:41:07:5e:c2:0b:31:43:3a:02:
37:02:45:8c:61:68:3e:b3:f3:4e:8e:a7:6e:ad:a5:98:8d:79:
5f:3a:44:4d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw6BtoIORZh1r5Bg6z40GWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTJmZTQxZmM5OTNiMzgxZTdmYTk4MjFjYjNhYjhhM2JjYjhiMDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+T063p16glMivUEcinDoXAUf0Bp
D+/xKAO7u2//V0Co1plTJ1j4RtuL1I0CXE/UDlIEo/J3jx+uezyMkVBbNIU6l8fv
enJ+B0QSf4KTWW/3BdbK4AsOe0crDByAWznRkh0k1ezA8dbR/sc3+sOVDsmxV8Sw
NaPW8hNksisah3Xp9HBICn0pZsO1Yr2H3LRoGOd5886JaT8p+jYt7GM+7RPYP+hv
+5cgJfPIrWJQ0i71J61HLJzhqjg31XbWSKiMOvTUv+uInxp2/MPMQRTa6WeWm+Gp
kUbl9CqWYdrMsZQazhpwoaZ0eNHciMCM0xH+MQt/4lFuruVQELXPuj26pwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLUv5B/Jk7OB5/qYIcs6uKO8uLBnMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdFNfa0g4bVRzNEhuLXBnaHl6cTRvN3k0c0djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhAvAAFR
AwcEKhAvAQMAMA0GCSqGSIb3DQEBCwUAA4IBAQCDCpFKJq3PcvqEgZJyb41Oi35i
ksnCGrDHGeeR/ivMa8cYZHMxbwPkhr2Zesi58vaFZNwoDSiio8wqCNVqHYbr2dhK
Ah6t3SuVBrHZavw5GEhGw2yJ6jzwz2W+913SEDvSgHhbArCYRT6KrOl2zOGi8JWq
SyHdtmeOWjuqJNE5fX2ipkAO8yGvKOU4+ADIkUC0kv+qvPWESjBL8OFor60bzgQm
VVakmGL/3KXjeJAa3tM3RijDmtGQeA4/DZy+AfXpNMybWZ8LJWm+Ed0fd5eRyqvN
uhdd5HxSc68tCnS4g3tBB17CCzFDOgI3AkWMYWg+s/NOjqduraWYjXlfOkRN
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:52 2024 by rpki-client on console-ams.rpki-client.org