Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yIduLRf9LKLMAkB-y-cnPp3cTsw.roa
File: yIduLRf9LKLMAkB-y-cnPp3cTsw.roa (raw, json)
Hash identifier: RDT5r7b0h5Ozn6oB3qqxg7OU2UiwNBa75zNHdsenOMU=
Subject key identifier: C8:87:6E:2D:17:FD:2C:A2:CC:02:40:7E:CB:E7:27:3E:9D:DC:4E:CC
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E80FD7060A7612887FCD904B119205
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yIduLRf9LKLMAkB-y-cnPp3cTsw.roa
Signing time: Mon 02 Jan 2023 05:15:34 +0000
ROA not before: Mon 02 Jan 2023 05:15:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211972
IP address blocks: 2a0e:97c0:130::/44 maxlen: 48
2a0e:b107:100::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e8:0f:d7:06:0a:76:12:88:7f:cd:90:4b:11:92:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8876e2d17fd2ca2cc02407ecbe7273e9ddc4ecc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5d:ad:29:0a:b8:86:c0:13:d3:36:f0:f5:0c:
d5:5e:48:3e:38:4a:cd:e5:ec:6b:d2:11:08:8c:03:
59:39:00:f9:a1:77:e7:88:50:0b:2e:44:2d:8d:05:
a0:28:22:f6:34:03:26:db:5b:c1:30:4c:79:f0:2b:
cf:18:96:59:7f:a2:f1:92:3a:b8:97:f5:09:c3:78:
26:6b:83:cc:05:37:f5:27:b6:45:82:b6:1e:01:69:
db:b0:a2:84:e2:5d:e4:1f:22:e9:71:63:48:c5:f8:
3c:8d:4d:ff:b3:e5:45:c2:0a:de:8b:16:d8:2a:f7:
13:27:da:b8:59:36:91:ad:08:01:3d:9d:d7:20:f1:
6b:5b:39:5a:e4:14:5b:de:e6:0f:3f:b2:aa:d4:92:
2d:67:2f:f6:de:77:d4:6b:85:c3:07:30:f7:f1:80:
36:a3:9c:bb:b2:51:06:92:1b:d2:0d:79:70:93:5d:
53:dc:1d:01:ba:5e:b4:45:3f:ff:1e:af:a2:c1:40:
1b:e2:66:b7:96:ed:3a:ce:b4:67:14:17:aa:7a:81:
32:7f:5a:c6:2e:48:f1:14:ce:81:a4:fd:ed:93:3f:
f7:80:40:f9:8e:03:1a:4a:b5:f3:dc:d3:38:02:65:
42:2d:54:fe:89:a0:18:a0:96:28:d3:ec:89:f0:2e:
0c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:87:6E:2D:17:FD:2C:A2:CC:02:40:7E:CB:E7:27:3E:9D:DC:4E:CC
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yIduLRf9LKLMAkB-y-cnPp3cTsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:130::/44
2a0e:b107:100::/44
Signature Algorithm: sha256WithRSAEncryption
4b:d5:2c:c0:65:10:fd:dd:2b:2b:ef:45:d3:b5:2a:96:fc:f1:
88:81:41:4c:9b:a2:6e:72:4e:75:7e:a7:5a:c6:7f:36:9c:9c:
be:fd:dc:90:fb:e4:9a:bf:24:1c:9b:d5:9b:e6:06:58:7c:a5:
fd:e8:af:67:4d:82:97:05:d4:59:e6:ba:92:b6:9d:24:05:ee:
d0:ac:52:e9:f8:25:f8:7d:4d:4a:e7:bb:e0:54:ee:23:76:c3:
3b:bd:07:cb:82:46:e6:9b:33:86:8b:fb:5f:38:75:25:e2:6a:
db:f1:11:41:22:4d:84:f9:f3:96:5a:b2:e3:91:76:2a:55:5e:
3d:2a:ae:4f:2c:62:3d:f0:1f:b1:c7:87:8c:a3:b6:fd:e0:d0:
4a:d3:b5:65:3e:5e:01:b6:ac:5c:3e:52:fa:7d:63:0e:c5:25:
c1:cc:84:22:49:22:b6:5e:9a:ec:35:5c:ef:10:96:54:f6:8d:
61:96:14:5a:f1:9c:87:4f:e7:0d:d6:c8:98:74:bd:4e:22:a6:
73:2f:8b:e6:bf:6b:03:0d:c8:e5:78:97:64:dc:83:1d:8d:5c:
48:4f:c8:bf:4e:ce:1e:29:6d:c2:01:8d:35:71:b8:98:28:1f:
4c:f7:7c:e5:16:90:72:2a:19:55:e4:be:12:03:7b:bf:a6:90:
41:d0:9c:5d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw6A/XBgp2Eoh/zZBLEZIFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODg3NmUyZDE3ZmQyY2EyY2MwMjQwN2VjYmU3MjczZTlkZGM0ZWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr12tKQq4hsAT0zbw9QzVXkg+OErN
5exr0hEIjANZOQD5oXfniFALLkQtjQWgKCL2NAMm21vBMEx58CvPGJZZf6Lxkjq4
l/UJw3gma4PMBTf1J7ZFgrYeAWnbsKKE4l3kHyLpcWNIxfg8jU3/s+VFwgreixbY
KvcTJ9q4WTaRrQgBPZ3XIPFrWzla5BRb3uYPP7Kq1JItZy/23nfUa4XDBzD38YA2
o5y7slEGkhvSDXlwk11T3B0Bul60RT//Hq+iwUAb4ma3lu06zrRnFBeqeoEyf1rG
LkjxFM6BpP3tkz/3gED5jgMaSrXz3NM4AmVCLVT+iaAYoJYo0+yJ8C4MswIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMiHbi0X/SyizAJAfsvnJz6d3E7MMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveUlkdUxSZjlMS0xNQWtCLXktY25QcDNjVHN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6XwAEw
AwcEKg6xBwEAMA0GCSqGSIb3DQEBCwUAA4IBAQBL1SzAZRD93Ssr70XTtSqW/PGI
gUFMm6Juck51fqdaxn82nJy+/dyQ++SavyQcm9Wb5gZYfKX96K9nTYKXBdRZ5rqS
tp0kBe7QrFLp+CX4fU1K57vgVO4jdsM7vQfLgkbmmzOGi/tfOHUl4mrb8RFBIk2E
+fOWWrLjkXYqVV49Kq5PLGI98B+xx4eMo7b94NBK07VlPl4BtqxcPlL6fWMOxSXB
zIQiSSK2XprsNVzvEJZU9o1hlhRa8ZyHT+cN1siYdL1OIqZzL4vmv2sDDcjleJdk
3IMdjVxIT8i/Ts4eKW3CAY01cbiYKB9M93zlFpByKhlV5L4SA3u/ppBB0Jxd
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:21 2023 by rpki-client on console-fra.rpki-client.org