Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/wBE5B-8wzsSLtTKWr_EN4WWjfYc.roa
File: wBE5B-8wzsSLtTKWr_EN4WWjfYc.roa (raw, json)
Hash identifier: WFXOL6S0NIDsPOusySQKsEoNCsGLttdNTBtZ8SCiaeU=
Subject key identifier: C0:11:39:07:EF:30:CE:C4:8B:B5:32:96:AF:F1:0D:E1:65:A3:7D:87
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018A89155317176109AD876C3D2410680BEE
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/wBE5B-8wzsSLtTKWr_EN4WWjfYc.roa
Signing time: Tue 12 Sep 2023 11:09:50 +0000
ROA not before: Tue 12 Sep 2023 11:09:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202256
IP address blocks: 2a10:ccc7:9000::/40 maxlen: 48
2a10:ccc7:9200::/40 maxlen: 48
2a10:ccc7:9300::/40 maxlen: 48
2a06:de01:800::/38 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:89:15:53:17:17:61:09:ad:87:6c:3d:24:10:68:0b:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 12 11:09:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0113907ef30cec48bb53296aff10de165a37d87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ae:99:73:aa:6c:6f:03:a7:97:b6:a9:32:ac:
16:d9:a0:3e:74:08:f2:bb:28:2b:fd:2d:66:5d:0f:
6b:f1:b7:22:91:d1:8a:37:2e:d3:a0:e6:d5:79:f3:
95:5c:ef:ec:43:6b:86:b8:da:f9:2e:7f:68:dd:38:
87:44:bc:8c:a6:75:c1:2c:fc:66:70:87:a5:53:af:
9e:d3:c5:71:5b:4c:c4:ce:e5:0f:fc:cd:23:27:a9:
8e:fb:18:8a:03:67:2f:fb:1c:a2:7c:3c:c6:f8:70:
f5:f7:59:07:4c:89:81:af:8f:6e:3f:01:17:1f:e1:
8f:de:d3:e0:20:4c:68:e3:72:81:7e:02:c0:fe:be:
69:d5:b5:b4:97:9d:a3:0e:bb:26:18:8e:d3:74:9d:
ed:f7:8c:1c:af:ad:cd:36:57:fd:f6:09:e9:73:b1:
70:90:81:55:3e:5c:d2:45:82:8e:b2:46:6c:bb:98:
80:c2:dd:b1:ab:cf:10:4e:64:be:f9:54:43:8d:9a:
aa:82:65:ce:a2:03:5b:9f:4c:56:0a:fe:81:7e:d0:
61:f4:d1:ed:41:a7:e5:08:33:dc:cb:5a:33:61:fa:
f6:cf:34:2f:db:ff:ee:3d:ed:54:09:d5:22:45:7c:
08:a3:89:ed:05:6b:b7:6f:59:3d:d7:c0:31:aa:31:
d1:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:11:39:07:EF:30:CE:C4:8B:B5:32:96:AF:F1:0D:E1:65:A3:7D:87
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/wBE5B-8wzsSLtTKWr_EN4WWjfYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de01:800::/38
2a10:ccc7:9000::/40
2a10:ccc7:9200::/39
Signature Algorithm: sha256WithRSAEncryption
a1:96:7a:c6:14:4c:de:2b:d1:9f:3e:9b:09:3f:2d:b4:ef:8b:
b1:a9:8b:6c:bc:43:a0:13:30:58:a4:d3:74:64:bd:69:4d:a8:
e3:a8:b3:c7:38:13:46:ba:ca:55:9f:05:8e:85:b9:a3:4f:ac:
6a:b8:72:ec:c7:53:bd:fc:76:1f:01:b8:7e:d5:59:1a:62:f5:
03:10:0e:e6:3e:99:f0:00:9d:d1:20:e6:c4:74:66:21:1d:eb:
50:ff:0f:7c:b0:9a:81:e1:34:26:cc:07:0e:c0:f4:6c:68:ec:
46:7e:c9:99:83:88:ca:dd:30:6b:b7:1a:51:77:fa:4f:91:b9:
33:01:30:e8:05:b1:9e:2a:4e:e5:c7:9b:20:d8:22:ab:24:f2:
35:3d:d0:61:19:68:46:b6:43:7f:89:ec:79:17:e5:0f:c5:58:
25:ce:53:57:6d:5e:9c:f9:c9:2e:bc:09:7a:7c:7c:53:8a:8a:
21:18:7d:d4:32:2e:ef:30:73:d7:04:71:ca:e6:0a:5e:a2:a2:
83:39:da:e3:92:16:b2:9d:e0:6b:18:c0:c9:66:c4:40:38:54:
4b:3d:37:a1:89:4b:87:6e:a0:ce:51:64:d0:72:ef:b0:9b:2f:
4c:c6:ea:0f:5d:26:2c:5a:42:a4:2f:9b:49:fe:71:5b:80:74:
28:01:13:87
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYqJFVMXF2EJrYdsPSQQaAvuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwOTEyMTEwOTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDExMzkwN2VmMzBjZWM0OGJiNTMyOTZhZmYxMGRlMTY1YTM3ZDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn66Zc6psbwOnl7apMqwW2aA+dAjy
uygr/S1mXQ9r8bcikdGKNy7ToObVefOVXO/sQ2uGuNr5Ln9o3TiHRLyMpnXBLPxm
cIelU6+e08VxW0zEzuUP/M0jJ6mO+xiKA2cv+xyifDzG+HD191kHTImBr49uPwEX
H+GP3tPgIExo43KBfgLA/r5p1bW0l52jDrsmGI7TdJ3t94wcr63NNlf99gnpc7Fw
kIFVPlzSRYKOskZsu5iAwt2xq88QTmS++VRDjZqqgmXOogNbn0xWCv6BftBh9NHt
QaflCDPcy1ozYfr2zzQv2//uPe1UCdUiRXwIo4ntBWu3b1k918AxqjHRwQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMAROQfvMM7Ei7Uylq/xDeFlo32HMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvd0JFNUItOHd6c1NMdFRLV3JfRU40V1dqZlljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAAjAYAwYCKgbeAQgD
BgAqEMzHkAMGASoQzMeSMA0GCSqGSIb3DQEBCwUAA4IBAQChlnrGFEzeK9GfPpsJ
Py2074uxqYtsvEOgEzBYpNN0ZL1pTajjqLPHOBNGuspVnwWOhbmjT6xquHLsx1O9
/HYfAbh+1VkaYvUDEA7mPpnwAJ3RIObEdGYhHetQ/w98sJqB4TQmzAcOwPRsaOxG
fsmZg4jK3TBrtxpRd/pPkbkzATDoBbGeKk7lx5sg2CKrJPI1PdBhGWhGtkN/iex5
F+UPxVglzlNXbV6c+ckuvAl6fHxTioohGH3UMi7vMHPXBHHK5gpeoqKDOdrjkhay
neBrGMDJZsRAOFRLPTehiUuHbqDOUWTQcu+wmy9MxuoPXSYsWkKkL5tJ/nFbgHQo
AROH
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:52 2024 by rpki-client on console-ams.rpki-client.org