Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zDKMeKeQH1nijEByuRbOl5ra_XA.roa
File: zDKMeKeQH1nijEByuRbOl5ra_XA.roa (raw, json)
Hash identifier: We2clLKm9/w9wx1hVjsxVU6wyvVdTFrStXeSxI4+cx4=
Subject key identifier: CC:32:8C:78:A7:90:1F:59:E2:8C:40:72:B9:16:CE:97:9A:DA:FD:70
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0187DD7D89066C2126EAADCA10D261C1CF63
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zDKMeKeQH1nijEByuRbOl5ra_XA.roa
Signing time: Tue 02 May 2023 17:23:24 +0000
ROA not before: Tue 02 May 2023 17:23:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199266
IP address blocks: 2a0e:97c0:2f0::/44 maxlen: 48
2a0e:b103::/43 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:dd:7d:89:06:6c:21:26:ea:ad:ca:10:d2:61:c1:cf:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 2 17:23:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc328c78a7901f59e28c4072b916ce979adafd70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ae:07:07:87:60:7b:80:76:c8:3f:ff:0f:60:
16:61:f5:99:9e:4b:7f:0b:cd:2e:dd:9d:c0:0a:da:
47:78:a4:d8:5a:47:79:4a:2d:10:d6:e4:0f:9b:de:
b9:66:6a:10:70:b3:0a:2c:95:b9:5b:2e:ba:13:ce:
13:e6:32:2d:57:bc:8e:1f:99:1b:98:f4:26:1b:fd:
f6:f8:9c:d2:62:59:4d:9f:19:08:b1:1d:0d:1d:31:
15:33:b9:59:60:ff:73:c1:52:9e:53:c8:d7:d6:d6:
46:6f:6a:88:7a:b0:2d:d4:1e:d5:78:a3:88:d9:05:
34:a9:41:c0:65:d1:09:6f:00:6d:b5:14:d7:2f:88:
e4:20:41:62:4b:e9:4c:9e:fe:f9:10:c7:8e:a1:f9:
35:f6:c8:9b:a1:e2:24:c3:46:6b:3c:c8:4d:cc:39:
f9:a2:41:1f:bb:fd:45:1d:02:f2:2c:5f:f9:5f:aa:
98:57:ff:83:c4:7b:22:07:53:22:47:36:5b:0d:60:
1f:59:9f:1b:df:b3:2b:02:3a:c5:da:10:d8:b5:4e:
44:83:b7:7e:2c:7b:76:9f:1e:f8:17:87:3b:72:46:
43:82:65:4d:7f:66:28:d9:18:d4:78:fa:dc:f1:ba:
b8:4e:00:14:8a:ec:6e:f9:bb:dd:95:35:16:9e:f8:
fe:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:32:8C:78:A7:90:1F:59:E2:8C:40:72:B9:16:CE:97:9A:DA:FD:70
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zDKMeKeQH1nijEByuRbOl5ra_XA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:2f0::/44
2a0e:b103::/43
Signature Algorithm: sha256WithRSAEncryption
a7:bb:92:1d:70:1e:f1:62:1d:c7:d7:b1:1a:63:c8:35:a7:ee:
1f:cf:22:5a:6a:21:9d:4b:4e:b3:88:0c:2f:0e:b4:f3:ad:ab:
60:3b:6a:2e:8e:27:37:ae:8e:74:60:07:df:7b:05:1b:ea:5a:
10:a0:0c:10:d5:d0:cd:8d:15:8a:26:84:8d:53:33:7e:05:a7:
18:74:08:71:a1:50:18:11:03:68:ff:74:2d:65:81:90:d6:f7:
4a:cf:d3:aa:72:b1:3f:cf:6f:40:63:5a:77:36:95:a9:27:fd:
82:2e:1d:cf:f1:68:bd:77:07:aa:9f:bb:b7:cc:c9:6c:a6:80:
87:fa:16:49:15:95:65:b8:d4:98:e2:79:0e:9e:95:54:ca:36:
73:bf:13:ff:ea:74:9d:e2:50:73:f0:47:66:f8:19:32:16:05:
69:13:3a:a8:8c:a0:d7:06:3d:4d:10:d3:9e:9d:cd:7b:b4:34:
3b:1a:62:4e:8b:53:aa:14:8a:a5:bd:19:cf:c9:10:77:5e:60:
d6:ce:1d:46:09:3a:4f:81:fa:73:b0:2e:b3:ee:fa:a6:d3:b6:
54:fa:a6:26:b0:20:f8:de:83:75:79:12:fd:ae:63:c6:61:a4:
81:58:18:3d:58:b1:37:95:05:84:1b:bf:2c:4d:3c:aa:ba:fa:
cd:d9:2d:a6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYfdfYkGbCEm6q3KENJhwc9jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNTAyMTcyMzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzMyOGM3OGE3OTAxZjU5ZTI4YzQwNzJiOTE2Y2U5NzlhZGFmZDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh64HB4dge4B2yD//D2AWYfWZnkt/
C80u3Z3ACtpHeKTYWkd5Si0Q1uQPm965ZmoQcLMKLJW5Wy66E84T5jItV7yOH5kb
mPQmG/32+JzSYllNnxkIsR0NHTEVM7lZYP9zwVKeU8jX1tZGb2qIerAt1B7VeKOI
2QU0qUHAZdEJbwBttRTXL4jkIEFiS+lMnv75EMeOofk19siboeIkw0ZrPMhNzDn5
okEfu/1FHQLyLF/5X6qYV/+DxHsiB1MiRzZbDWAfWZ8b37MrAjrF2hDYtU5Eg7d+
LHt2nx74F4c7ckZDgmVNf2Yo2RjUePrc8bq4TgAUiuxu+bvdlTUWnvj+MQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMwyjHinkB9Z4oxAcrkWzpea2v1wMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvekRLTWVLZVFIMW5pakVCeXVSYk9sNXJhX1hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6XwALw
AwcFKg6xAwAAMA0GCSqGSIb3DQEBCwUAA4IBAQCnu5IdcB7xYh3H17EaY8g1p+4f
zyJaaiGdS06ziAwvDrTzratgO2oujic3ro50YAffewUb6loQoAwQ1dDNjRWKJoSN
UzN+BacYdAhxoVAYEQNo/3QtZYGQ1vdKz9OqcrE/z29AY1p3NpWpJ/2CLh3P8Wi9
dweqn7u3zMlspoCH+hZJFZVluNSY4nkOnpVUyjZzvxP/6nSd4lBz8Edm+BkyFgVp
EzqojKDXBj1NENOenc17tDQ7GmJOi1OqFIqlvRnPyRB3XmDWzh1GCTpPgfpzsC6z
7vqm07ZU+qYmsCD43oN1eRL9rmPGYaSBWBg9WLE3lQWEG78sTTyquvrN2S2m
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:34 2024 by rpki-client on console-fra.rpki-client.org