Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/uXutMlL99tSsI2LMyZ2CQA-M1EI.roa
File: uXutMlL99tSsI2LMyZ2CQA-M1EI.roa (raw, json)
Hash identifier: JLy0FJStBnu3pq7l2M78dsptedHAqd2YY8t9Ps21UtI=
Subject key identifier: B9:7B:AD:32:52:FD:F6:D4:AC:23:62:CC:C9:9D:82:40:0F:8C:D4:42
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7BE91E37431D031879A8D05BAD48D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/uXutMlL99tSsI2LMyZ2CQA-M1EI.roa
Signing time: Mon 02 Jan 2023 05:15:13 +0000
ROA not before: Mon 02 Jan 2023 05:15:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204729
IP address blocks: 2a0e:b107:1b9d::/48 maxlen: 48
2a0e:b107:1b9c::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 23 Jan 2023 10:50:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:be:91:e3:74:31:d0:31:87:9a:8d:05:ba:d4:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b97bad3252fdf6d4ac2362ccc99d82400f8cd442
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:33:f1:0a:58:48:68:92:4f:46:02:88:ad:72:
5f:66:1c:b4:73:30:5a:ba:ee:9c:41:a9:87:2a:c2:
e8:ee:94:8f:b8:05:d1:37:70:3e:e7:6a:16:9a:91:
aa:04:a7:e8:11:67:93:b7:d5:75:09:4c:04:23:bb:
75:86:b0:e2:ed:d8:87:2f:cc:2c:b2:de:1b:6d:70:
f5:ff:bd:b9:94:ef:30:a8:ef:f7:80:1b:7e:8d:ce:
c3:69:a8:89:da:47:73:d9:5f:ff:17:5e:b3:61:0f:
d8:33:23:d0:90:f9:c1:2b:3c:ca:4a:6d:89:87:d0:
ae:c4:21:15:a1:e2:65:bc:ca:de:86:c2:ad:86:3a:
51:f4:8e:a6:b1:3e:bc:83:1d:da:57:b4:8f:e5:6a:
8d:86:27:68:af:5f:fc:08:e5:8e:ca:96:f0:fd:d0:
74:c3:41:15:98:9c:ff:01:4e:fc:8c:30:ee:f4:23:
ff:6c:07:c7:1c:4b:6b:44:5b:56:e8:b2:81:d3:60:
f2:cf:9d:79:c6:2a:3e:26:ce:48:e3:71:3f:0a:68:
d6:21:32:12:2e:ac:31:e8:de:a1:12:6f:ce:e8:55:
0b:bd:2f:f7:08:26:50:62:b9:ad:50:e0:f9:c9:d3:
35:e4:94:89:c0:05:e3:62:a2:0e:db:05:b4:d7:50:
ce:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:7B:AD:32:52:FD:F6:D4:AC:23:62:CC:C9:9D:82:40:0F:8C:D4:42
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/uXutMlL99tSsI2LMyZ2CQA-M1EI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1b9c::/47
Signature Algorithm: sha256WithRSAEncryption
10:a8:60:aa:0b:a7:fb:db:a3:76:19:62:84:78:af:ab:54:e2:
1d:d9:7b:df:51:e1:2b:bd:14:18:c0:f7:1c:bf:04:92:4f:0a:
09:ba:18:0d:61:71:2b:0b:93:59:77:f2:fa:99:9b:5f:6c:2d:
45:36:53:55:84:a1:b2:8a:4c:0b:51:00:90:17:6c:1e:32:92:
a3:0c:ac:8c:a0:5d:7e:40:7b:c5:c3:d9:2c:7f:61:9e:b4:24:
c1:17:c6:da:9e:f0:54:0f:f3:e2:e5:27:71:36:a3:da:c0:78:
ac:9a:83:d4:ad:ca:6e:57:79:c1:e8:fd:9d:96:bf:11:d6:12:
cc:bb:96:d7:1e:d8:21:16:89:89:8e:92:54:3e:e1:ce:58:a4:
04:64:c7:a2:79:fb:54:52:5d:cf:f3:3f:04:c1:37:17:33:3e:
d7:6c:34:e7:9e:23:b5:3f:87:8d:88:a2:f9:f1:3b:1d:19:9b:
0b:5d:1f:8d:d7:88:d6:7b:12:12:23:5f:3b:0b:b3:fb:a9:91:
ff:2d:dd:88:23:38:5b:75:01:9d:d6:68:eb:a0:32:87:4c:c7:
d7:c7:70:44:8b:5f:2a:77:cb:f1:6a:f5:1a:87:66:b4:9e:d6:
8b:42:47:e6:a3:23:27:63:19:91:ce:2d:22:a3:17:30:51:74:
3e:c2:d5:5b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw576R43Qx0DGHmo0FutSNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTdiYWQzMjUyZmRmNmQ0YWMyMzYyY2NjOTlkODI0MDBmOGNkNDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzPxClhIaJJPRgKIrXJfZhy0czBa
uu6cQamHKsLo7pSPuAXRN3A+52oWmpGqBKfoEWeTt9V1CUwEI7t1hrDi7diHL8ws
st4bbXD1/725lO8wqO/3gBt+jc7DaaiJ2kdz2V//F16zYQ/YMyPQkPnBKzzKSm2J
h9CuxCEVoeJlvMrehsKthjpR9I6msT68gx3aV7SP5WqNhidor1/8COWOypbw/dB0
w0EVmJz/AU78jDDu9CP/bAfHHEtrRFtW6LKB02Dyz515xio+Js5I43E/CmjWITIS
Lqwx6N6hEm/O6FULvS/3CCZQYrmtUOD5ydM15JSJwAXjYqIO2wW011DOmwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLl7rTJS/fbUrCNizMmdgkAPjNRCMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdVh1dE1sTDk5dFNzSTJMTXlaMkNRQS1NMUVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKg6xBxuc
MA0GCSqGSIb3DQEBCwUAA4IBAQAQqGCqC6f726N2GWKEeK+rVOId2XvfUeErvRQY
wPccvwSSTwoJuhgNYXErC5NZd/L6mZtfbC1FNlNVhKGyikwLUQCQF2weMpKjDKyM
oF1+QHvFw9ksf2GetCTBF8banvBUD/Pi5SdxNqPawHismoPUrcpuV3nB6P2dlr8R
1hLMu5bXHtghFomJjpJUPuHOWKQEZMeieftUUl3P8z8EwTcXMz7XbDTnniO1P4eN
iKL58TsdGZsLXR+N14jWexISI187C7P7qZH/Ld2IIzhbdQGd1mjroDKHTMfXx3BE
i18qd8vxavUah2a0ntaLQkfmoyMnYxmRzi0ioxcwUXQ+wtVb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:33 2024 by rpki-client on console-ams.rpki-client.org