Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xeF51rPynfcuZjJiOFMPbz6Jl0I.roa
File: xeF51rPynfcuZjJiOFMPbz6Jl0I.roa (raw, json)
Hash identifier: aYP0qJc7MhViMSzgmgtUAkNxYGENpKWPC6WfIQq9i2Y=
Subject key identifier: C5:E1:79:D6:B3:F2:9D:F7:2E:66:32:62:38:53:0F:6F:3E:89:97:42
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E79924E544CEEF3A00B2BFF1787E25
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xeF51rPynfcuZjJiOFMPbz6Jl0I.roa
Signing time: Mon 02 Jan 2023 05:15:04 +0000
ROA not before: Mon 02 Jan 2023 05:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 142553
IP address blocks: 2a0e:b107:17f0::/44 maxlen: 48
2a0e:b107:1787::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:99:24:e5:44:ce:ef:3a:00:b2:bf:f1:78:7e:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5e179d6b3f29df72e66326238530f6f3e899742
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:b3:70:e3:29:4a:39:65:18:86:0a:04:00:29:
d6:42:4d:34:d9:6e:4e:91:5a:ea:b1:b1:83:6b:30:
b0:de:14:ff:69:9e:65:9b:82:14:3b:38:f4:55:03:
20:ff:e0:b1:ed:bb:af:0c:be:88:fd:8a:b5:e3:d2:
f4:a8:0e:40:c0:63:ac:03:75:b6:f8:cb:ee:b0:bc:
bd:e0:b5:c7:2b:64:11:c2:8c:d7:f6:1a:0f:78:b6:
72:02:cc:71:91:20:bc:b6:03:6d:8a:fe:ae:4c:c4:
68:8e:f8:8e:82:dd:13:49:13:31:4b:2d:f7:dd:b8:
8c:ae:3b:34:36:a9:4d:bb:25:71:8c:b2:77:ab:0b:
b6:08:db:d8:38:c2:06:d2:0c:90:b7:7d:0a:04:29:
94:e1:86:bd:e3:38:95:c6:b7:3c:9f:55:a6:67:65:
71:c1:f9:23:1f:01:ec:9c:a3:48:16:e2:31:57:d0:
ea:10:79:da:43:be:fd:f8:cd:b4:c2:91:b6:2c:a7:
66:d4:43:71:7a:78:f1:cc:40:10:e7:da:aa:bb:e1:
44:a8:4c:94:c6:bf:dc:7e:ba:65:d8:a0:da:2c:86:
da:df:8e:3c:d3:d8:e2:69:c9:dd:38:3a:29:98:2c:
92:96:69:d3:1b:30:16:56:c4:e1:4d:54:ff:60:f6:
bd:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:E1:79:D6:B3:F2:9D:F7:2E:66:32:62:38:53:0F:6F:3E:89:97:42
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xeF51rPynfcuZjJiOFMPbz6Jl0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1787::/48
2a0e:b107:17f0::/44
Signature Algorithm: sha256WithRSAEncryption
87:f3:51:e5:e3:a1:df:18:dd:6d:13:38:6a:36:d0:76:68:fc:
22:2e:59:32:8c:c0:a3:ee:67:eb:b8:ce:f4:e0:ba:d3:7a:56:
61:32:31:32:dd:0b:66:e1:d5:36:4e:3b:73:00:77:28:26:56:
e6:df:b0:43:d8:dc:58:20:a7:66:2b:15:8d:8f:59:dd:b4:38:
c6:57:19:61:eb:ec:7f:ec:b5:45:f8:95:13:28:a2:69:76:f2:
56:f5:ca:7b:8c:0c:69:61:b0:45:81:bf:ac:ac:13:1d:72:5b:
89:68:13:6f:db:43:a8:1a:38:9d:02:89:81:c8:39:ec:6b:58:
95:1f:46:cc:0b:f7:78:f9:d6:26:2c:48:46:a0:53:7b:68:ec:
7c:bb:74:71:5e:c0:05:10:34:8a:b2:11:9d:ec:67:05:36:81:
7f:1e:02:d7:ba:dc:f9:db:c1:36:d6:d1:7a:87:89:b1:b7:6c:
cd:ef:f8:18:4f:2e:75:e4:22:87:c2:65:eb:f7:14:e9:e1:9c:
57:a5:53:51:5a:4a:e0:b1:3e:d7:30:f8:48:eb:b6:16:b5:40:
c3:df:c3:c1:20:2a:f7:00:61:eb:e0:1d:e6:82:f6:51:36:23:
75:35:69:65:46:db:ff:74:d3:f0:f0:5b:89:4e:d5:81:d8:ee:
ec:a8:3a:ac
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw55kk5UTO7zoAsr/xeH4lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWUxNzlkNmIzZjI5ZGY3MmU2NjMyNjIzODUzMGY2ZjNlODk5NzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLNw4ylKOWUYhgoEACnWQk002W5O
kVrqsbGDazCw3hT/aZ5lm4IUOzj0VQMg/+Cx7buvDL6I/Yq149L0qA5AwGOsA3W2
+MvusLy94LXHK2QRwozX9hoPeLZyAsxxkSC8tgNtiv6uTMRojviOgt0TSRMxSy33
3biMrjs0NqlNuyVxjLJ3qwu2CNvYOMIG0gyQt30KBCmU4Ya94ziVxrc8n1WmZ2Vx
wfkjHwHsnKNIFuIxV9DqEHnaQ779+M20wpG2LKdm1ENxenjxzEAQ59qqu+FEqEyU
xr/cfrpl2KDaLIba344809jiacndODopmCySlmnTGzAWVsThTVT/YPa9tQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMXhedaz8p33LmYyYjhTD28+iZdCMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveGVGNTFyUHluZmN1WmpKaU9GTVBiejZKbDBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6xBxeH
AwcEKg6xBxfwMA0GCSqGSIb3DQEBCwUAA4IBAQCH81Hl46HfGN1tEzhqNtB2aPwi
LlkyjMCj7mfruM704LrTelZhMjEy3Qtm4dU2TjtzAHcoJlbm37BD2NxYIKdmKxWN
j1ndtDjGVxlh6+x/7LVF+JUTKKJpdvJW9cp7jAxpYbBFgb+srBMdcluJaBNv20Oo
GjidAomByDnsa1iVH0bMC/d4+dYmLEhGoFN7aOx8u3RxXsAFEDSKshGd7GcFNoF/
HgLXutz528E21tF6h4mxt2zN7/gYTy515CKHwmXr9xTp4ZxXpVNRWkrgsT7XMPhI
67YWtUDD38PBICr3AGHr4B3mgvZRNiN1NWllRtv/dNPw8FuJTtWB2O7sqDqs
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:04 2023 by rpki-client on console-ams.rpki-client.org