Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/y2wIZkJ8WuFj9N-wEV95y4GVeCs.roa
File: y2wIZkJ8WuFj9N-wEV95y4GVeCs.roa (raw, json)
Hash identifier: /6yFZnO9tJrZjq5xZZLoLSSl+I04Qt4fb/qgbFYJ6us=
Subject key identifier: CB:6C:08:66:42:7C:5A:E1:63:F4:DF:B0:11:5F:79:CB:81:95:78:2B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018924FF7DDCCD7FC327D5E38749CBA1AC19
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/y2wIZkJ8WuFj9N-wEV95y4GVeCs.roa
Signing time: Wed 05 Jul 2023 07:41:10 +0000
ROA not before: Wed 05 Jul 2023 07:41:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13101
IP address blocks: 2a06:de00:20::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:24:ff:7d:dc:cd:7f:c3:27:d5:e3:87:49:cb:a1:ac:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 5 07:41:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb6c0866427c5ae163f4dfb0115f79cb8195782b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:14:b9:f4:9e:10:c2:81:d4:47:f2:da:c1:60:
ab:cd:a2:8d:4f:84:65:39:49:51:9e:12:a6:7c:c5:
47:8a:be:bd:2e:29:8e:c4:fb:7d:4d:48:80:de:ca:
01:5a:10:a4:53:76:a7:d2:46:9d:cb:9d:bf:0b:24:
82:26:2e:02:b6:61:37:ff:6e:2b:de:3d:2d:f1:49:
aa:b0:31:be:9d:13:92:1f:7d:44:53:d4:c5:fd:ca:
5c:07:2d:f5:a4:68:3a:5f:95:e4:82:a7:8c:41:67:
83:e4:47:f4:87:b9:50:2b:8f:bd:81:1c:6e:72:c2:
25:89:5b:ed:d2:19:5f:38:f3:06:ab:a5:be:e7:fb:
f8:96:af:9a:67:f6:34:01:f2:cf:d7:c1:65:17:dd:
3d:64:7f:b7:b6:58:49:d6:3d:0f:1e:84:13:eb:09:
d1:7c:89:58:50:bb:0a:ed:a1:d6:4a:a8:d1:8d:1f:
2f:17:6d:25:f0:0d:64:2d:9b:f0:ea:93:da:43:d8:
2f:3d:5d:64:30:39:28:d8:ed:a5:35:9e:4d:ea:90:
04:4c:d8:b1:91:a5:7d:e8:fe:bc:b7:0a:72:07:66:
38:3e:7f:e5:2d:85:5f:2f:eb:3c:f2:db:f2:04:8b:
75:2e:63:43:81:c3:70:89:e5:f8:d5:b8:04:97:80:
14:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:6C:08:66:42:7C:5A:E1:63:F4:DF:B0:11:5F:79:CB:81:95:78:2B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/y2wIZkJ8WuFj9N-wEV95y4GVeCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de00:20::/44
Signature Algorithm: sha256WithRSAEncryption
b9:c9:e1:7e:cd:34:3c:34:de:f5:73:21:71:a2:f0:d8:89:1a:
86:bb:b6:85:37:5f:cb:f5:db:64:25:1c:8b:6c:5e:93:86:bf:
e7:60:45:66:0b:d7:88:de:43:0c:bd:48:24:8f:c9:cb:84:60:
73:1d:16:15:ce:c8:fc:37:a4:e8:b0:39:3b:59:75:1e:50:01:
fc:a4:ef:c0:1e:a1:28:26:aa:d4:fc:a6:11:3a:a8:b6:9f:3d:
97:e0:96:de:0a:62:37:1d:eb:0e:34:9c:4b:d1:cf:62:e2:f0:
82:06:cf:7b:1d:88:2c:81:9c:0f:f0:48:9e:2f:cd:e5:09:f6:
13:9f:83:9f:7e:26:a9:9f:80:01:08:ed:a9:28:5e:49:3a:fd:
6f:77:02:a0:66:e0:ff:4c:bc:e5:52:e7:27:1b:47:4f:11:16:
60:0f:28:f8:b4:3a:1f:90:b2:ae:ad:76:2e:d9:c9:bf:f2:00:
19:b7:1d:ae:fd:c8:11:2e:e8:ad:f5:09:3d:5c:b7:5f:a2:ae:
53:e4:bd:c0:e4:75:d1:03:7c:45:da:9d:6a:cc:d5:2c:29:f8:
44:5d:e1:b8:34:14:c6:60:50:30:b1:04:08:86:fe:b7:e5:cd:
33:a9:0f:2a:e2:3d:08:fe:12:ba:ed:35:89:a9:9c:87:f5:84:
e4:a2:88:85
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYkk/33czX/DJ9Xjh0nLoawZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNzA1MDc0MTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjZjMDg2NjQyN2M1YWUxNjNmNGRmYjAxMTVmNzljYjgxOTU3ODJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBS59J4QwoHUR/LawWCrzaKNT4Rl
OUlRnhKmfMVHir69LimOxPt9TUiA3soBWhCkU3an0kady52/CySCJi4CtmE3/24r
3j0t8UmqsDG+nROSH31EU9TF/cpcBy31pGg6X5XkgqeMQWeD5Ef0h7lQK4+9gRxu
csIliVvt0hlfOPMGq6W+5/v4lq+aZ/Y0AfLP18FlF909ZH+3tlhJ1j0PHoQT6wnR
fIlYULsK7aHWSqjRjR8vF20l8A1kLZvw6pPaQ9gvPV1kMDko2O2lNZ5N6pAETNix
kaV96P68twpyB2Y4Pn/lLYVfL+s88tvyBIt1LmNDgcNwieX41bgEl4AUnQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMtsCGZCfFrhY/TfsBFfecuBlXgrMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveTJ3SVprSjhXdUZqOU4td0VWOTV5NEdWZUNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgbeAAAg
MA0GCSqGSIb3DQEBCwUAA4IBAQC5yeF+zTQ8NN71cyFxovDYiRqGu7aFN1/L9dtk
JRyLbF6Thr/nYEVmC9eI3kMMvUgkj8nLhGBzHRYVzsj8N6TosDk7WXUeUAH8pO/A
HqEoJqrU/KYROqi2nz2X4JbeCmI3HesONJxL0c9i4vCCBs97HYgsgZwP8EieL83l
CfYTn4Offiapn4ABCO2pKF5JOv1vdwKgZuD/TLzlUucnG0dPERZgDyj4tDofkLKu
rXYu2cm/8gAZtx2u/cgRLuit9Qk9XLdfoq5T5L3A5HXRA3xF2p1qzNUsKfhEXeG4
NBTGYFAwsQQIhv635c0zqQ8q4j0I/hK67TWJqZyH9YTkooiF
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:52 2024 by rpki-client on console-ams.rpki-client.org