Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/wt3idMGZquOOu5BkwLivM26uH8Q.roa
File: wt3idMGZquOOu5BkwLivM26uH8Q.roa (raw, json)
Hash identifier: 6JUAa83JFXyKR17LrMSRYAnfwiwY0GsPEXEu1N/1iXI=
Subject key identifier: C2:DD:E2:74:C1:99:AA:E3:8E:BB:90:64:C0:B8:AF:33:6E:AE:1F:C4
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7EB19AA65D5611947FCBF9A0478C6
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/wt3idMGZquOOu5BkwLivM26uH8Q.roa
Signing time: Mon 02 Jan 2023 05:15:25 +0000
ROA not before: Mon 02 Jan 2023 05:15:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210542
IP address blocks: 2a0e:97c0:332::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:eb:19:aa:65:d5:61:19:47:fc:bf:9a:04:78:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c2dde274c199aae38ebb9064c0b8af336eae1fc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:0f:e1:04:7a:cd:62:82:02:9e:ba:05:6e:ae:
63:39:81:f3:25:92:54:6c:6f:ac:ef:79:65:89:2a:
16:ed:5c:5b:ee:83:43:93:99:1a:7a:ff:98:8e:7f:
02:d3:3a:2c:34:8d:a8:71:52:3b:4b:f9:a0:61:91:
ff:87:7c:1d:80:8f:5d:b6:72:7f:88:78:47:62:e2:
58:5c:10:43:65:4c:b0:fa:8a:22:11:4b:44:52:6b:
32:d8:b2:8f:58:36:f4:59:a3:65:23:83:91:66:5b:
a9:e4:b8:c0:03:8f:f7:6d:0a:7c:62:87:68:df:55:
cf:d6:a5:41:10:36:7b:04:5a:7a:d2:90:18:65:33:
e3:c8:80:5a:fe:06:6c:f1:d1:af:bb:b8:98:1e:e0:
05:e5:fc:88:12:a3:a3:b2:40:18:61:5c:e9:b9:51:
70:c8:31:a7:b4:a7:a5:5f:a0:00:4f:d0:35:f5:de:
41:bb:76:00:db:68:f9:f6:27:e1:37:fd:b0:b4:19:
7b:81:8c:64:e4:e7:39:7e:57:eb:f4:77:d9:1b:72:
ff:2d:96:f0:1b:5d:7c:f7:41:8d:e6:4c:69:e3:da:
66:fd:5b:db:6d:79:29:ee:f2:eb:50:02:81:f3:bd:
74:23:c4:90:5c:1c:38:2d:a3:c8:fd:db:cb:2b:1d:
d4:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:DD:E2:74:C1:99:AA:E3:8E:BB:90:64:C0:B8:AF:33:6E:AE:1F:C4
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/wt3idMGZquOOu5BkwLivM26uH8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:332::/48
Signature Algorithm: sha256WithRSAEncryption
1f:09:7a:be:2c:7b:09:23:1d:30:1f:70:49:0a:86:c2:cb:aa:
b9:c8:9e:a4:4b:19:02:e0:49:14:cc:72:f4:8c:47:90:c4:66:
68:df:6f:4f:d3:87:4b:20:29:4c:a2:fd:dd:7f:9e:b4:ca:d7:
aa:c3:a6:63:37:89:96:f1:fb:ed:1f:c6:1c:db:40:a2:72:3b:
90:ec:4c:93:42:5b:31:55:25:0e:90:31:de:74:31:27:33:cf:
a3:f8:47:e1:34:88:6f:60:ef:66:7f:c9:34:69:5a:d0:1f:cc:
cc:6d:71:3b:f8:be:86:3a:a0:c3:cd:18:88:ef:30:2e:56:20:
86:67:51:35:00:27:99:46:89:9f:88:ec:2b:71:17:d7:cc:dc:
4c:54:0d:8d:c6:c6:28:f5:80:02:02:ea:df:bc:b5:9d:8d:03:
d3:19:08:58:31:24:36:45:89:b6:e1:e4:e9:18:fd:80:40:1f:
9c:58:7f:71:80:3f:da:69:66:f8:73:85:ec:8f:38:48:30:18:
40:98:12:3d:20:d3:12:38:fa:48:42:1a:50:ae:5a:33:c8:50:
ab:0c:66:33:df:6b:e4:6a:b9:99:5d:3c:68:cb:02:7b:b9:37:
92:19:4b:77:4e:fb:ac:d4:95:8f:a8:b9:91:1a:47:ad:2a:88:
18:23:da:88
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw5+sZqmXVYRlH/L+aBHjGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmRkZTI3NGMxOTlhYWUzOGViYjkwNjRjMGI4YWYzMzZlYWUxZmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxg/hBHrNYoICnroFbq5jOYHzJZJU
bG+s73lliSoW7Vxb7oNDk5kaev+Yjn8C0zosNI2ocVI7S/mgYZH/h3wdgI9dtnJ/
iHhHYuJYXBBDZUyw+ooiEUtEUmsy2LKPWDb0WaNlI4ORZlup5LjAA4/3bQp8Yodo
31XP1qVBEDZ7BFp60pAYZTPjyIBa/gZs8dGvu7iYHuAF5fyIEqOjskAYYVzpuVFw
yDGntKelX6AAT9A19d5Bu3YA22j59ifhN/2wtBl7gYxk5Oc5flfr9HfZG3L/LZbw
G11890GN5kxp49pm/VvbbXkp7vLrUAKB8710I8SQXBw4LaPI/dvLKx3USwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMLd4nTBmarjjruQZMC4rzNurh/EMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvd3QzaWRNR1pxdU9PdTVCa3dMaXZNMjZ1SDhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6XwAMy
MA0GCSqGSIb3DQEBCwUAA4IBAQAfCXq+LHsJIx0wH3BJCobCy6q5yJ6kSxkC4EkU
zHL0jEeQxGZo329P04dLIClMov3df560yteqw6ZjN4mW8fvtH8Yc20CicjuQ7EyT
QlsxVSUOkDHedDEnM8+j+EfhNIhvYO9mf8k0aVrQH8zMbXE7+L6GOqDDzRiI7zAu
ViCGZ1E1ACeZRomfiOwrcRfXzNxMVA2NxsYo9YACAurfvLWdjQPTGQhYMSQ2RYm2
4eTpGP2AQB+cWH9xgD/aaWb4c4XsjzhIMBhAmBI9INMSOPpIQhpQrlozyFCrDGYz
32vkarmZXTxoywJ7uTeSGUt3Tvus1JWPqLmRGketKogYI9qI
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:33 2024 by rpki-client on console-fra.rpki-client.org