Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xfujy8hrxBiwmhWH1_tUl6TLGAw.roa
File: xfujy8hrxBiwmhWH1_tUl6TLGAw.roa (raw, json)
Hash identifier: vsmycve3pLUIvBVfVfbSMx0ehZtlCp/lRD0gLxOYQVk=
Subject key identifier: C5:FB:A3:CB:C8:6B:C4:18:B0:9A:15:87:D7:FB:54:97:A4:CB:18:0C
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7ACC1E13BD9A098A29099761E5D68
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xfujy8hrxBiwmhWH1_tUl6TLGAw.roa
Signing time: Mon 02 Jan 2023 05:15:09 +0000
ROA not before: Mon 02 Jan 2023 05:15:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202941
IP address blocks: 2a0e:b107:1a20::/48 maxlen: 48
2a10:2f00:187::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:ac:c1:e1:3b:d9:a0:98:a2:90:99:76:1e:5d:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5fba3cbc86bc418b09a1587d7fb5497a4cb180c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:9e:5f:f3:35:e6:35:d4:e7:03:f1:42:95:80:
6f:87:3c:8d:6c:d1:53:22:80:d3:0a:58:3b:5d:67:
1d:aa:f0:59:7c:49:84:bd:b2:6c:05:fd:cf:ee:5f:
c9:ae:40:f2:c1:2f:97:34:24:1f:20:48:a2:15:14:
4a:df:02:e9:e3:4f:d4:2a:14:eb:9b:ab:89:9a:5c:
02:1f:5d:4f:af:d6:6d:10:d4:3b:72:6c:03:4e:83:
49:fb:2c:01:02:2a:a6:e9:d2:af:13:77:78:ed:e7:
b5:57:6a:0f:a5:ea:65:ea:13:e7:f4:46:b7:34:3c:
cc:ad:4a:a6:22:9f:e1:06:6e:3b:05:b8:5b:4c:cc:
34:6a:da:2d:08:1e:d1:50:cb:59:c6:a9:3d:fd:46:
ee:e6:04:fb:58:aa:9f:36:fa:f9:15:42:91:93:f1:
a6:07:0d:95:72:ae:57:77:48:a3:0d:34:ea:73:53:
fd:b4:b8:36:ac:81:a1:23:6a:db:9c:d0:a3:bc:11:
1d:cc:33:99:1f:fc:96:a6:db:2b:91:30:04:c6:9b:
48:e0:89:9d:4c:ba:84:2a:e8:cc:37:91:a9:4d:29:
6b:a0:2e:40:71:65:2d:de:50:77:2c:4f:70:45:6e:
0f:f1:b5:48:29:8b:a6:9f:c1:81:01:0b:1f:a4:57:
d6:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:FB:A3:CB:C8:6B:C4:18:B0:9A:15:87:D7:FB:54:97:A4:CB:18:0C
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xfujy8hrxBiwmhWH1_tUl6TLGAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1a20::/48
2a10:2f00:187::/48
Signature Algorithm: sha256WithRSAEncryption
a6:ec:6f:8b:a0:a7:36:e2:86:b4:28:e4:33:4f:aa:7e:58:b1:
a1:18:16:6f:56:29:77:48:74:cc:b4:0b:76:5c:38:c6:a4:4e:
bf:3e:33:90:5c:a9:cd:32:4a:72:6d:3f:6a:36:db:09:fc:96:
dc:51:07:0d:5b:f9:b4:a4:17:b2:2e:cb:8c:36:d4:da:41:c9:
41:25:40:c4:a1:df:96:f6:0c:24:90:0f:85:bc:d1:6c:37:aa:
89:0f:98:77:4f:25:91:f3:f1:87:b2:6c:e6:7b:fa:33:2c:dc:
a0:be:c3:af:69:c2:fb:d3:40:67:99:c8:88:1a:86:89:5e:0d:
54:c1:9a:72:c8:b8:49:b7:b4:3c:e9:9e:77:a6:03:20:d2:4f:
c6:a8:d2:13:01:66:51:2f:c8:bf:c8:15:25:86:ea:02:44:5c:
64:5d:23:f6:d1:58:97:de:96:9c:1f:b4:51:77:f8:bc:7f:a4:
8c:33:e0:be:7a:cb:69:db:2b:3f:cd:21:61:6c:8e:d3:54:6f:
4e:21:66:61:cb:3c:7b:02:c9:27:13:b6:eb:e1:0e:e2:3a:57:
71:42:69:80:59:90:eb:6a:83:ad:a5:0b:b6:57:92:8e:b0:f8:
d6:92:db:46:49:75:33:35:0c:07:84:7c:aa:2e:32:cb:20:e8:
06:d3:52:19
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw56zB4TvZoJiikJl2Hl1oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWZiYTNjYmM4NmJjNDE4YjA5YTE1ODdkN2ZiNTQ5N2E0Y2IxODBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg55f8zXmNdTnA/FClYBvhzyNbNFT
IoDTClg7XWcdqvBZfEmEvbJsBf3P7l/JrkDywS+XNCQfIEiiFRRK3wLp40/UKhTr
m6uJmlwCH11Pr9ZtENQ7cmwDToNJ+ywBAiqm6dKvE3d47ee1V2oPpepl6hPn9Ea3
NDzMrUqmIp/hBm47BbhbTMw0atotCB7RUMtZxqk9/Ubu5gT7WKqfNvr5FUKRk/Gm
Bw2Vcq5Xd0ijDTTqc1P9tLg2rIGhI2rbnNCjvBEdzDOZH/yWptsrkTAExptI4Imd
TLqEKujMN5GpTSlroC5AcWUt3lB3LE9wRW4P8bVIKYumn8GBAQsfpFfW7QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMX7o8vIa8QYsJoVh9f7VJekyxgMMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveGZ1ank4aHJ4Qml3bWhXSDFfdFVsNlRMR0F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6xBxog
AwcAKhAvAAGHMA0GCSqGSIb3DQEBCwUAA4IBAQCm7G+LoKc24oa0KOQzT6p+WLGh
GBZvVil3SHTMtAt2XDjGpE6/PjOQXKnNMkpybT9qNtsJ/JbcUQcNW/m0pBeyLsuM
NtTaQclBJUDEod+W9gwkkA+FvNFsN6qJD5h3TyWR8/GHsmzme/ozLNygvsOvacL7
00BnmciIGoaJXg1UwZpyyLhJt7Q86Z53pgMg0k/GqNITAWZRL8i/yBUlhuoCRFxk
XSP20ViX3pacH7RRd/i8f6SMM+C+estp2ys/zSFhbI7TVG9OIWZhyzx7AsknE7br
4Q7iOldxQmmAWZDraoOtpQu2V5KOsPjWkttGSXUzNQwHhHyqLjLLIOgG01IZ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:04 2023 by rpki-client on console-ams.rpki-client.org