Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/uxIqN7hbh40PWKS4XaP-BEuvn7M.roa
File: uxIqN7hbh40PWKS4XaP-BEuvn7M.roa (raw, json)
Hash identifier: /yJ3VKjiai6NOvT9D6mn27XKL5LQqNqa0fI5raEfVgY=
Subject key identifier: BB:12:2A:37:B8:5B:87:8D:0F:58:A4:B8:5D:A3:FE:04:4B:AF:9F:B3
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7CC3B34B45BBE021C545A085259C9
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/uxIqN7hbh40PWKS4XaP-BEuvn7M.roa
Signing time: Mon 02 Jan 2023 05:15:17 +0000
ROA not before: Mon 02 Jan 2023 05:15:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207466
IP address blocks: 2a0e:b107:f60::/48 maxlen: 48
2a0e:b107:f68::/48 maxlen: 48
2a0e:b107:f60::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:cc:3b:34:b4:5b:be:02:1c:54:5a:08:52:59:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb122a37b85b878d0f58a4b85da3fe044baf9fb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:bc:77:f9:be:84:14:c4:08:cd:5b:b9:07:d1:
81:15:10:85:ef:99:c3:19:eb:89:ce:ba:f4:0d:6c:
f1:90:16:58:43:f4:60:38:ba:37:11:a7:d9:3e:e2:
c6:1d:27:1d:e3:71:ed:9d:79:f8:c7:f4:ae:50:8d:
c6:00:e5:3c:b0:7f:cb:d6:5b:7b:22:23:51:d8:df:
a6:85:84:48:88:ea:6b:d7:e3:46:d5:30:33:99:57:
86:d7:03:f1:f8:31:42:08:8b:c4:41:c4:ec:e7:fe:
04:d4:a8:2a:12:a2:49:e1:de:16:32:32:6c:0e:2f:
be:03:e4:d9:e3:b7:bf:e1:d8:12:59:e9:d7:1f:5b:
19:5e:c6:4c:58:08:c8:a3:dc:03:37:26:dc:0e:bc:
c6:f9:64:a3:10:76:2b:3e:4e:00:d4:e9:d4:60:5f:
12:fb:b4:fa:51:29:d8:7e:64:ee:2d:7d:3c:c4:51:
2a:6b:e6:cc:03:97:84:c7:cd:c5:ee:7c:9a:49:55:
7e:19:54:44:c3:ec:e7:2d:fa:a0:3c:d9:d3:ee:bd:
73:e0:60:c2:96:88:60:74:c7:2e:7d:4a:48:c7:35:
1f:da:34:7c:0e:6f:df:70:e6:28:07:b1:2d:50:3d:
4c:ce:9c:0c:de:dc:f8:e6:41:7b:a4:46:47:f5:a3:
92:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:12:2A:37:B8:5B:87:8D:0F:58:A4:B8:5D:A3:FE:04:4B:AF:9F:B3
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/uxIqN7hbh40PWKS4XaP-BEuvn7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:f60::/44
Signature Algorithm: sha256WithRSAEncryption
6d:f7:65:3e:96:e2:82:34:74:68:bd:54:aa:b5:50:30:2b:2f:
e6:36:d6:f1:46:e6:0b:37:c4:7b:2e:3d:e8:8d:f8:77:ff:63:
a7:40:4e:5b:ee:b0:a3:16:61:ef:74:fa:f9:a9:e2:de:b6:48:
1a:4f:c6:0c:04:05:96:27:7d:fe:d9:ef:64:5b:89:1f:33:90:
56:56:fd:3f:bf:ad:05:af:65:f0:3f:ec:5b:ef:6c:00:9e:6a:
95:a4:73:a8:13:19:77:82:07:96:63:c9:4a:6f:b3:af:f5:7c:
35:37:7d:af:2a:b8:f0:62:d4:28:7b:dd:64:e2:a0:fe:f8:95:
12:d1:a0:af:15:37:9d:c1:fc:79:c6:9b:ce:68:dc:f0:eb:6f:
65:2a:3a:d0:4c:7c:ec:a8:d5:f9:5c:8d:02:54:3b:7c:01:62:
70:fa:7a:5d:e2:b7:3d:84:01:c9:91:86:ad:52:a3:4d:cc:dd:
91:fc:41:a6:7e:47:e4:48:d3:e3:5a:2b:9e:8f:fe:62:98:8a:
d5:61:8e:c1:96:96:6e:2f:4a:52:d5:2d:0a:fd:8f:54:79:bc:
06:3c:f3:e9:33:a6:ac:84:33:7c:5e:d1:63:c4:b5:cd:ad:1a:
3d:bb:af:44:b0:76:f0:31:5a:13:19:37:d0:9d:a3:5b:9f:9d:
8e:1d:63:39
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw58w7NLRbvgIcVFoIUlnJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjEyMmEzN2I4NWI4NzhkMGY1OGE0Yjg1ZGEzZmUwNDRiYWY5ZmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbx3+b6EFMQIzVu5B9GBFRCF75nD
GeuJzrr0DWzxkBZYQ/RgOLo3EafZPuLGHScd43HtnXn4x/SuUI3GAOU8sH/L1lt7
IiNR2N+mhYRIiOpr1+NG1TAzmVeG1wPx+DFCCIvEQcTs5/4E1KgqEqJJ4d4WMjJs
Di++A+TZ47e/4dgSWenXH1sZXsZMWAjIo9wDNybcDrzG+WSjEHYrPk4A1OnUYF8S
+7T6USnYfmTuLX08xFEqa+bMA5eEx83F7nyaSVV+GVREw+znLfqgPNnT7r1z4GDC
lohgdMcufUpIxzUf2jR8Dm/fcOYoB7EtUD1MzpwM3tz45kF7pEZH9aOSRQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLsSKje4W4eND1ikuF2j/gRLr5+zMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdXhJcU43aGJoNDBQV0tTNFhhUC1CRXV2bjdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBw9g
MA0GCSqGSIb3DQEBCwUAA4IBAQBt92U+luKCNHRovVSqtVAwKy/mNtbxRuYLN8R7
Lj3ojfh3/2OnQE5b7rCjFmHvdPr5qeLetkgaT8YMBAWWJ33+2e9kW4kfM5BWVv0/
v60Fr2XwP+xb72wAnmqVpHOoExl3ggeWY8lKb7Ov9Xw1N32vKrjwYtQoe91k4qD+
+JUS0aCvFTedwfx5xpvOaNzw629lKjrQTHzsqNX5XI0CVDt8AWJw+npd4rc9hAHJ
kYatUqNNzN2R/EGmfkfkSNPjWiuej/5imIrVYY7BlpZuL0pS1S0K/Y9UebwGPPPp
M6ashDN8XtFjxLXNrRo9u69EsHbwMVoTGTfQnaNbn52OHWM5
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:20 2023 by rpki-client on console-fra.rpki-client.org