Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/wZseZnpqYTLvjM4heRHlH92x6ag.roa
File: wZseZnpqYTLvjM4heRHlH92x6ag.roa (raw, json)
Hash identifier: 2a/2eTGUAhdpnyhxvmJ/LnBIaaTm1Ble2U7VBhhNm/g=
Subject key identifier: C1:9B:1E:66:7A:6A:61:32:EF:8C:CE:21:79:11:E5:1F:DD:B1:E9:A8
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185DE40ADC24658C66DC84751858BA0681B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/wZseZnpqYTLvjM4heRHlH92x6ag.roa
Signing time: Mon 23 Jan 2023 10:50:58 +0000
ROA not before: Mon 23 Jan 2023 10:50:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208699
IP address blocks: 2a0e:97c0:730::/48 maxlen: 48
2a0e:97c0:731::/48 maxlen: 48
2a0e:97c0:738::/45 maxlen: 48
Validation: Failed, certificate revoked on Tue 24 Jan 2023 16:09:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:de:40:ad:c2:46:58:c6:6d:c8:47:51:85:8b:a0:68:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 23 10:50:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c19b1e667a6a6132ef8cce217911e51fddb1e9a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:60:e0:06:9d:7d:e0:a9:1a:65:94:36:16:95:
ca:e4:10:b7:15:0b:6c:9c:b9:62:af:0c:7b:73:e7:
df:b2:a0:c0:cc:47:3e:eb:c7:6d:d5:f2:73:81:89:
13:cd:20:b9:9a:1a:af:fc:35:8a:bc:45:39:5e:fa:
7e:fb:95:81:d4:82:55:5e:8c:70:ef:ac:bf:a6:69:
e5:41:a0:2a:3d:69:93:36:5c:1e:02:80:2c:70:f8:
16:72:19:34:d0:35:9c:fc:1c:9d:48:c0:4c:4d:e8:
e3:20:95:16:07:d6:ae:5a:d4:89:da:ed:49:bf:cb:
37:e3:1c:d8:4d:ec:f7:5f:a5:e2:18:26:f4:9f:95:
e6:a4:2f:39:47:37:b3:7b:92:14:6a:88:cb:00:2f:
29:c0:2e:5b:46:0f:c8:ce:23:8d:f6:27:2d:2c:ce:
92:d4:e3:09:71:23:d6:09:e0:86:bb:63:a3:ea:e6:
fd:4b:7c:9b:03:6b:4a:68:bd:83:44:39:2e:00:05:
99:3d:17:00:9c:88:a7:85:d4:a6:a8:28:87:5e:96:
91:27:ec:a4:6a:a0:ba:a9:91:f2:47:a8:c2:22:5c:
0f:b5:37:b7:36:4b:64:d9:d5:41:bb:cb:b1:64:25:
b7:b3:bc:e5:2a:c9:de:4e:28:51:e9:de:36:77:7c:
ed:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:9B:1E:66:7A:6A:61:32:EF:8C:CE:21:79:11:E5:1F:DD:B1:E9:A8
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/wZseZnpqYTLvjM4heRHlH92x6ag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:730::/47
2a0e:97c0:738::/45
Signature Algorithm: sha256WithRSAEncryption
a4:67:8c:79:c4:2c:3c:72:ca:15:20:5a:20:51:db:e5:38:5d:
78:69:fb:a8:d5:dd:76:9a:1e:df:f7:11:94:62:ae:eb:23:60:
47:9e:40:9b:2e:d0:a3:78:21:2c:39:ac:92:76:30:98:97:ed:
d9:5e:06:74:c4:4b:e0:b6:56:35:f3:ee:46:69:06:ce:87:05:
3a:94:cb:84:77:7d:eb:ee:d5:56:bf:30:a4:7d:47:5e:0d:cd:
ed:16:e7:23:dc:2d:a1:27:62:31:e5:3f:fc:0f:f6:73:5d:9c:
ea:67:61:8c:e5:4e:f6:0e:b8:67:af:70:31:eb:01:c0:cb:b5:
60:33:3d:54:c0:31:ff:60:19:85:00:1e:07:08:41:52:d4:2e:
3e:17:3f:7d:40:0e:cb:a6:a3:30:59:e8:fa:eb:90:d7:b6:bd:
2c:0d:61:5d:ff:80:df:63:74:15:cb:5e:5d:7c:1c:d2:a9:56:
5e:06:04:d5:af:1e:d8:6f:14:fe:2b:b8:5b:9b:c2:38:03:30:
6a:f0:19:d6:d6:45:5f:7b:d9:c7:26:6f:21:91:c7:73:12:a2:
c5:ac:a1:ed:fc:42:a0:b2:55:b6:84:09:39:07:09:7a:ec:78:
67:b7:0e:62:1f:de:45:6d:2a:25:44:62:31:0f:aa:95:a5:b1:
8a:ef:1a:b9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXeQK3CRljGbchHUYWLoGgbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTIzMTA1MDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTliMWU2NjdhNmE2MTMyZWY4Y2NlMjE3OTExZTUxZmRkYjFlOWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWDgBp194KkaZZQ2FpXK5BC3FQts
nLlirwx7c+ffsqDAzEc+68dt1fJzgYkTzSC5mhqv/DWKvEU5Xvp++5WB1IJVXoxw
76y/pmnlQaAqPWmTNlweAoAscPgWchk00DWc/BydSMBMTejjIJUWB9auWtSJ2u1J
v8s34xzYTez3X6XiGCb0n5XmpC85Rzeze5IUaojLAC8pwC5bRg/IziON9ictLM6S
1OMJcSPWCeCGu2Oj6ub9S3ybA2tKaL2DRDkuAAWZPRcAnIinhdSmqCiHXpaRJ+yk
aqC6qZHyR6jCIlwPtTe3Nktk2dVBu8uxZCW3s7zlKsneTihR6d42d3ztqQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMGbHmZ6amEy74zOIXkR5R/dsemoMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvd1pzZVpucHFZVEx2ak00aGVSSGxIOTJ4NmFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcBKg6XwAcw
AwcDKg6XwAc4MA0GCSqGSIb3DQEBCwUAA4IBAQCkZ4x5xCw8csoVIFogUdvlOF14
afuo1d12mh7f9xGUYq7rI2BHnkCbLtCjeCEsOaySdjCYl+3ZXgZ0xEvgtlY18+5G
aQbOhwU6lMuEd33r7tVWvzCkfUdeDc3tFucj3C2hJ2Ix5T/8D/ZzXZzqZ2GM5U72
Drhnr3Ax6wHAy7VgMz1UwDH/YBmFAB4HCEFS1C4+Fz99QA7LpqMwWej665DXtr0s
DWFd/4DfY3QVy15dfBzSqVZeBgTVrx7YbxT+K7hbm8I4AzBq8BnW1kVfe9nHJm8h
kcdzEqLFrKHt/EKgslW2hAk5Bwl67Hhntw5iH95FbSolRGIxD6qVpbGK7xq5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:34 2024 by rpki-client on console-ams.rpki-client.org