Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vyLg9xUyJS0GsVqWh7hX-NbZCyo.roa
File: vyLg9xUyJS0GsVqWh7hX-NbZCyo.roa (raw, json)
Hash identifier: 2uDl+gWFhabqO9xx+O6svP17V8rIsiOEVWPW5XnXdRM=
Subject key identifier: BF:22:E0:F7:15:32:25:2D:06:B1:5A:96:87:B8:57:F8:D6:D9:0B:2A
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E795F15C83699D58C90C88104DBB7D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vyLg9xUyJS0GsVqWh7hX-NbZCyo.roa
Signing time: Mon 02 Jan 2023 05:15:03 +0000
ROA not before: Mon 02 Jan 2023 05:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 142130
IP address blocks: 2a0e:b107:1200::/48 maxlen: 48
2a0e:b107:1202::/48 maxlen: 48
2a0e:b107:120f::/48 maxlen: 48
2a0e:b107:1204::/48 maxlen: 48
2a0e:b107:1201::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:95:f1:5c:83:69:9d:58:c9:0c:88:10:4d:bb:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf22e0f71532252d06b15a9687b857f8d6d90b2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:08:07:7f:e3:16:d0:29:de:4f:1b:09:e3:16:
ef:7f:6a:42:a4:0b:d1:d9:0d:64:af:18:9c:a9:a7:
2c:07:87:38:ae:f3:e5:a2:92:75:27:ce:71:59:22:
81:d7:e1:c7:33:80:0f:bc:f0:01:36:53:24:ed:ac:
2f:0e:92:42:a7:9f:6f:3e:2c:cd:90:cc:b3:b2:e4:
8c:0c:6d:01:4b:bd:23:1b:2e:b9:30:60:51:91:b3:
84:0b:b8:df:47:51:66:ae:96:5d:2b:14:3b:bf:39:
c1:73:05:4b:a7:9f:cf:c7:0c:a6:ec:1e:0e:33:0c:
79:45:ae:e6:96:68:71:8d:ad:07:b8:f3:10:ef:9b:
7d:40:84:b4:2a:13:9e:6b:b6:68:6e:22:8e:d4:f1:
51:61:e1:b0:39:92:b7:30:c6:6c:18:66:1a:b8:04:
fc:5a:2e:33:a9:3c:a1:f6:3d:c1:b5:19:8e:e7:de:
71:c4:1d:48:1c:1b:16:fb:ab:7f:43:a5:73:34:3a:
87:32:3a:65:ed:16:06:34:35:6a:e7:ba:f6:95:53:
5e:8b:a6:0f:82:0c:1b:b3:d8:ca:5d:82:3a:5d:87:
2f:06:1d:6c:86:dd:b0:a6:ae:ae:5c:30:33:a7:84:
d2:b3:de:df:b6:55:b4:80:e0:ba:b0:20:13:6f:84:
66:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:22:E0:F7:15:32:25:2D:06:B1:5A:96:87:B8:57:F8:D6:D9:0B:2A
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vyLg9xUyJS0GsVqWh7hX-NbZCyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1200::-2a0e:b107:1202:ffff:ffff:ffff:ffff:ffff
2a0e:b107:1204::/48
2a0e:b107:120f::/48
Signature Algorithm: sha256WithRSAEncryption
b8:20:c6:3a:2b:82:0d:11:7b:54:51:5c:7b:b7:5c:7f:fe:a9:
a5:c8:34:82:39:a3:ca:37:fb:4e:83:a1:4a:78:70:c5:1e:61:
b4:15:88:66:c2:d3:63:1f:0c:87:20:9a:1a:f6:8e:cc:f0:28:
a1:40:5a:96:04:bc:8e:68:c7:b0:63:59:35:6f:f5:bb:84:8c:
76:a8:d0:72:d0:d1:51:4d:5f:c3:c2:26:cd:3a:c8:fd:40:c8:
14:4c:c7:5a:10:d7:50:51:c1:58:bc:5c:29:48:a2:9b:16:24:
a2:1b:a4:29:c7:80:61:5f:67:4d:37:64:65:a5:df:08:b6:b9:
40:a2:ad:40:9d:d6:0d:21:d3:d6:39:38:98:c9:40:d4:f0:9f:
cc:f6:d4:e8:14:d5:6c:8e:47:13:ff:f1:67:12:58:5d:a7:14:
40:5d:87:c2:70:c7:36:53:8e:9a:01:17:85:74:6a:4e:37:3e:
ee:a8:82:e7:1c:88:e5:28:a2:b1:b2:f4:42:9f:51:29:bb:a5:
b9:2c:5a:14:01:91:8a:a7:10:bd:03:fa:bc:09:1e:be:60:b7:
df:4a:bd:3b:5c:27:11:0e:e7:0b:fa:c9:f7:ec:ef:c2:de:95:
e9:0f:b5:10:a1:5f:db:85:51:58:21:f6:79:69:dc:80:8c:19:
66:11:7c:bf
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYVw55XxXINpnVjJDIgQTbt9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjIyZTBmNzE1MzIyNTJkMDZiMTVhOTY4N2I4NTdmOGQ2ZDkwYjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQgHf+MW0CneTxsJ4xbvf2pCpAvR
2Q1krxicqacsB4c4rvPlopJ1J85xWSKB1+HHM4APvPABNlMk7awvDpJCp59vPizN
kMyzsuSMDG0BS70jGy65MGBRkbOEC7jfR1FmrpZdKxQ7vznBcwVLp5/Pxwym7B4O
Mwx5Ra7mlmhxja0HuPMQ75t9QIS0KhOea7ZobiKO1PFRYeGwOZK3MMZsGGYauAT8
Wi4zqTyh9j3BtRmO595xxB1IHBsW+6t/Q6VzNDqHMjpl7RYGNDVq57r2lVNei6YP
ggwbs9jKXYI6XYcvBh1sht2wpq6uXDAzp4TSs97ftlW0gOC6sCATb4RmewIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFL8i4PcVMiUtBrFaloe4V/jW2QsqMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdnlMZzl4VXlKUzBHc1ZxV2g3aFgtTmJaQ3lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTArBAIAAjAlMBEDBgEqDrEH
EgMHACoOsQcSAgMHACoOsQcSBAMHACoOsQcSDzANBgkqhkiG9w0BAQsFAAOCAQEA
uCDGOiuCDRF7VFFce7dcf/6ppcg0gjmjyjf7ToOhSnhwxR5htBWIZsLTYx8MhyCa
GvaOzPAooUBalgS8jmjHsGNZNW/1u4SMdqjQctDRUU1fw8ImzTrI/UDIFEzHWhDX
UFHBWLxcKUiimxYkohukKceAYV9nTTdkZaXfCLa5QKKtQJ3WDSHT1jk4mMlA1PCf
zPbU6BTVbI5HE//xZxJYXacUQF2HwnDHNlOOmgEXhXRqTjc+7qiC5xyI5SiisbL0
Qp9RKbuluSxaFAGRiqcQvQP6vAkevmC330q9O1wnEQ7nC/rJ9+zvwt6V6Q+1EKFf
24VRWCH2eWncgIwZZhF8vw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:04 2023 by rpki-client on console-ams.rpki-client.org