Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/u6V6SkwIiXKOofTxNhAHBZMDb7w.roa
File: u6V6SkwIiXKOofTxNhAHBZMDb7w.roa (raw, json)
Hash identifier: QZa9oDXpY1F+jZ93xThnlhUIcfISbcWd4lzQ3+RkpBU=
Subject key identifier: BB:A5:7A:4A:4C:08:89:72:8E:A1:F4:F1:36:10:07:05:93:03:6F:BC
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48ACE155AAF3847AAE2AFA80F0A3955
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/u6V6SkwIiXKOofTxNhAHBZMDb7w.roa
Signing time: Tue 24 Jan 2023 16:09:40 +0000
ROA not before: Tue 24 Jan 2023 16:09:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200529
IP address blocks: 2a0e:b107:1d30::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:ce:15:5a:af:38:47:aa:e2:af:a8:0f:0a:39:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bba57a4a4c0889728ea1f4f13610070593036fbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:96:b1:cd:a4:b0:99:e0:73:cf:d1:56:51:3b:
51:2c:0b:87:0d:e3:ab:3a:14:e3:e8:fd:35:dc:22:
52:96:19:a4:ca:90:f6:7a:8d:79:2e:c6:d3:1e:3c:
05:69:c9:4c:7a:65:ae:c9:2d:7a:9a:ee:fe:9a:48:
a9:c5:23:95:46:fe:45:1b:02:92:03:1f:48:c9:91:
dd:8c:d8:64:5b:69:28:81:ce:f9:40:51:1d:7b:9b:
44:c4:3b:bb:df:fe:f6:a9:6e:0d:ee:f5:6b:40:7f:
ee:83:aa:36:20:b0:fe:25:ec:d2:78:e8:e4:a7:14:
2f:6f:08:ed:e3:64:d5:fa:87:d4:b0:60:33:12:1f:
f0:f6:89:a8:c9:94:90:d9:86:ea:18:fc:89:98:a6:
a8:8f:1b:35:b5:2f:57:fd:08:13:b1:a0:65:11:02:
57:d9:db:31:76:8f:37:46:2e:15:02:4f:9a:9d:80:
6c:6d:d9:2f:3c:11:c8:96:b7:71:77:37:cf:3f:27:
41:1d:39:69:ac:17:f9:13:8d:68:67:c4:06:33:0a:
15:88:0b:35:61:4a:c4:4d:75:1f:ff:54:10:a4:68:
f1:00:f4:39:3d:d2:28:f5:44:ea:72:68:4f:2b:59:
64:fa:e9:05:e4:24:9c:52:a0:c5:ba:69:f3:09:97:
07:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:A5:7A:4A:4C:08:89:72:8E:A1:F4:F1:36:10:07:05:93:03:6F:BC
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/u6V6SkwIiXKOofTxNhAHBZMDb7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1d30::/44
Signature Algorithm: sha256WithRSAEncryption
35:a3:41:c0:b9:b6:2f:72:ea:84:5f:03:0c:39:8e:f5:8a:ef:
fc:1f:c5:6a:3a:ac:e7:88:03:1c:8c:ff:18:de:39:33:a2:b5:
57:76:60:77:6f:3b:89:dd:80:f5:d0:cf:9d:02:fb:80:bc:e6:
9b:d2:c1:7d:a8:4d:91:91:ec:c3:71:bf:f3:58:ed:98:e8:2f:
34:dd:13:db:c3:0c:b5:a1:51:1a:92:36:a0:e0:38:42:c6:05:
dd:f4:33:40:6b:f3:28:30:fb:fe:9b:23:7b:ad:26:b5:13:d0:
b2:9d:82:77:d1:21:23:61:3f:c5:80:fc:c0:d1:e8:00:c5:41:
40:24:54:42:a9:e8:72:9b:7e:f3:66:08:e1:bd:22:e6:4c:15:
2d:f7:b9:64:ac:c7:1a:c3:a3:3f:d9:c4:1b:95:a1:87:c8:eb:
41:b7:7b:ed:16:37:72:09:97:f6:cc:2f:36:71:3c:67:bc:30:
87:a0:08:4f:06:8f:d6:34:d1:b7:eb:bd:66:ec:9d:2f:d7:be:
65:60:c9:f6:cc:eb:00:cf:21:7f:ad:a7:ca:b7:5c:61:c7:91:
84:fc:c7:fe:c5:6a:d6:51:ca:dd:fd:c6:04:32:d5:6d:79:cf:
39:5c:a0:c7:61:7c:5e:08:c0:d2:0a:e5:6c:b8:67:0c:10:9b:
b1:99:c7:ef
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXkis4VWq84R6rir6gPCjlVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmE1N2E0YTRjMDg4OTcyOGVhMWY0ZjEzNjEwMDcwNTkzMDM2ZmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJaxzaSwmeBzz9FWUTtRLAuHDeOr
OhTj6P013CJSlhmkypD2eo15LsbTHjwFaclMemWuyS16mu7+mkipxSOVRv5FGwKS
Ax9IyZHdjNhkW2kogc75QFEde5tExDu73/72qW4N7vVrQH/ug6o2ILD+JezSeOjk
pxQvbwjt42TV+ofUsGAzEh/w9omoyZSQ2YbqGPyJmKaojxs1tS9X/QgTsaBlEQJX
2dsxdo83Ri4VAk+anYBsbdkvPBHIlrdxdzfPPydBHTlprBf5E41oZ8QGMwoViAs1
YUrETXUf/1QQpGjxAPQ5PdIo9UTqcmhPK1lk+ukF5CScUqDFumnzCZcHwwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLulekpMCIlyjqH08TYQBwWTA2+8MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdTZWNlNrd0lpWEtPb2ZUeE5oQUhCWk1EYjd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBx0w
MA0GCSqGSIb3DQEBCwUAA4IBAQA1o0HAubYvcuqEXwMMOY71iu/8H8VqOqzniAMc
jP8Y3jkzorVXdmB3bzuJ3YD10M+dAvuAvOab0sF9qE2RkezDcb/zWO2Y6C803RPb
wwy1oVEakjag4DhCxgXd9DNAa/MoMPv+myN7rSa1E9CynYJ30SEjYT/FgPzA0egA
xUFAJFRCqehym37zZgjhvSLmTBUt97lkrMcaw6M/2cQblaGHyOtBt3vtFjdyCZf2
zC82cTxnvDCHoAhPBo/WNNG3671m7J0v175lYMn2zOsAzyF/rafKt1xhx5GE/Mf+
xWrWUcrd/cYEMtVtec85XKDHYXxeCMDSCuVsuGcMEJuxmcfv
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:33 2024 by rpki-client on console-fra.rpki-client.org