Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vTScszUoTbAl0GcQu8A81wKb4TY.roa
File: vTScszUoTbAl0GcQu8A81wKb4TY.roa (raw, json)
Hash identifier: v8RLh1kf5G8TZ+JAFqyehUASYIGV3aQ9kUaUcmDAy9k=
Subject key identifier: BD:34:9C:B3:35:28:4D:B0:25:D0:67:10:BB:C0:3C:D7:02:9B:E1:36
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018A29A51930D3F140C6F37EE88AB4A73B58
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vTScszUoTbAl0GcQu8A81wKb4TY.roa
Signing time: Thu 24 Aug 2023 22:23:20 +0000
ROA not before: Thu 24 Aug 2023 22:23:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1
IP address blocks: 2a0e:b107:27d0::/45 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:29:a5:19:30:d3:f1:40:c6:f3:7e:e8:8a:b4:a7:3b:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 24 22:23:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd349cb335284db025d06710bbc03cd7029be136
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:28:7c:61:aa:1c:cb:fa:3e:cd:0a:65:72:45:
52:31:a0:9d:a6:ec:e8:a6:40:d7:8c:88:88:c4:ae:
5c:65:9a:61:51:1d:d9:18:e3:89:cb:a1:d9:38:71:
83:cb:6f:74:7a:2c:96:a4:84:ec:8f:29:c9:11:90:
82:bb:bc:8b:7e:5f:7f:eb:58:54:fb:9e:4b:08:ef:
bf:43:62:1d:b9:ed:45:a6:e8:70:6e:2b:6e:72:41:
b9:92:1d:fc:f3:40:35:50:4b:5e:f1:b7:71:e8:52:
2e:f8:cb:25:bc:86:38:ec:48:02:d6:b9:a4:6f:73:
3e:7d:85:2a:3c:fd:11:f4:b0:86:14:fe:0d:13:b4:
4a:3d:6d:49:3e:10:57:5c:31:e0:09:2d:b1:5a:8f:
8a:4c:f9:4b:cc:44:a4:25:4b:4e:da:4b:6f:ea:54:
9d:69:b4:3a:cb:94:00:26:1b:86:c0:ec:50:af:b1:
06:21:f2:e0:60:9d:f6:48:c5:48:e7:d1:71:53:45:
22:71:10:cc:36:5c:97:35:ff:a3:99:d3:5f:bc:22:
60:d6:38:9c:ec:57:cd:eb:ab:26:56:cd:77:da:0d:
68:f4:f0:94:de:d1:52:41:c5:52:e4:e1:6c:1b:4b:
27:1d:78:b6:ca:01:a0:c7:bc:04:ee:7e:83:9d:89:
d6:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:34:9C:B3:35:28:4D:B0:25:D0:67:10:BB:C0:3C:D7:02:9B:E1:36
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vTScszUoTbAl0GcQu8A81wKb4TY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:27d0::/45
Signature Algorithm: sha256WithRSAEncryption
b2:ad:40:fa:bd:23:c0:09:8a:5d:53:70:a3:37:1e:34:27:5b:
60:69:56:e2:07:e9:5d:22:fd:42:3f:24:ff:0d:68:bc:b3:a5:
3b:e7:e5:f8:a4:46:93:ea:86:59:92:df:75:8e:14:2f:a6:ab:
75:76:f0:3e:60:e7:ff:31:7a:1d:d8:a1:7e:02:23:89:5e:5c:
3a:f1:7f:81:70:58:fa:3e:50:d6:24:69:aa:e7:4f:d4:6b:8c:
6c:1a:fa:dd:de:9a:ef:e7:03:b2:30:c8:48:15:7b:9e:b6:33:
ec:5d:cc:96:e0:b8:99:b5:00:3d:ca:05:0d:43:ab:7f:6b:66:
ea:b6:29:1d:2e:bb:6c:2a:ea:cd:7c:7a:19:af:bc:6e:8f:33:
b3:ac:1a:3c:46:16:70:06:00:32:0f:3d:7a:cb:99:0f:41:48:
56:34:77:e2:28:9f:1d:2e:6d:fc:27:12:aa:83:17:e6:b8:01:
9f:55:fc:6d:70:58:9b:60:62:06:12:6d:7e:51:c0:68:1a:4a:
6f:9c:50:b3:a9:85:d6:f8:d0:55:84:d1:c4:0d:27:a7:c2:13:
64:df:35:1f:bc:bc:e9:20:f7:22:e0:7c:f1:e8:7c:53:83:ee:
fd:1d:db:5f:cb:eb:20:7c:75:94:9c:4b:a0:11:a3:b1:fa:14:
2b:6f:fd:08
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYoppRkw0/FAxvN+6Iq0pztYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwODI0MjIyMzIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDM0OWNiMzM1Mjg0ZGIwMjVkMDY3MTBiYmMwM2NkNzAyOWJlMTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnih8Yaocy/o+zQplckVSMaCdpuzo
pkDXjIiIxK5cZZphUR3ZGOOJy6HZOHGDy290eiyWpITsjynJEZCCu7yLfl9/61hU
+55LCO+/Q2Idue1FpuhwbituckG5kh3880A1UEte8bdx6FIu+MslvIY47EgC1rmk
b3M+fYUqPP0R9LCGFP4NE7RKPW1JPhBXXDHgCS2xWo+KTPlLzESkJUtO2ktv6lSd
abQ6y5QAJhuGwOxQr7EGIfLgYJ32SMVI59FxU0UicRDMNlyXNf+jmdNfvCJg1jic
7FfN66smVs132g1o9PCU3tFSQcVS5OFsG0snHXi2ygGgx7wE7n6DnYnWFQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFL00nLM1KE2wJdBnELvAPNcCm+E2MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdlRTY3N6VW9UYkFsMEdjUXU4QTgxd0tiNFRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcDKg6xByfQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCyrUD6vSPACYpdU3CjNx40J1tgaVbiB+ldIv1C
PyT/DWi8s6U75+X4pEaT6oZZkt91jhQvpqt1dvA+YOf/MXod2KF+AiOJXlw68X+B
cFj6PlDWJGmq50/Ua4xsGvrd3prv5wOyMMhIFXuetjPsXcyW4LiZtQA9ygUNQ6t/
a2bqtikdLrtsKurNfHoZr7xujzOzrBo8RhZwBgAyDz16y5kPQUhWNHfiKJ8dLm38
JxKqgxfmuAGfVfxtcFibYGIGEm1+UcBoGkpvnFCzqYXW+NBVhNHEDSenwhNk3zUf
vLzpIPci4Hzx6HxTg+79Hdtfy+sgfHWUnEugEaOx+hQrb/0I
-----END CERTIFICATE-----
Generated at Tue Aug 29 21:38:16 2023 by rpki-client on console-ams.rpki-client.org