Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zOpw9-cXFYlWXRhUJdbv0se8ZIM.roa
File: zOpw9-cXFYlWXRhUJdbv0se8ZIM.roa (raw, json)
Hash identifier: Uwx3pBKGLZTMaYellGQIyCE4mCgbgwh4MTh0iaPs6Nc=
Subject key identifier: CC:EA:70:F7:E7:17:15:89:56:5D:18:54:25:D6:EF:D2:C7:BC:64:83
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E80B3E9FB8A3707AA57C5E677B74A6
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zOpw9-cXFYlWXRhUJdbv0se8ZIM.roa
Signing time: Mon 02 Jan 2023 05:15:33 +0000
ROA not before: Mon 02 Jan 2023 05:15:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211685
IP address blocks: 2a0e:97c0:250::/44 maxlen: 48
2a0e:97c0:250::/48 maxlen: 48
2a0e:97c0:251::/48 maxlen: 48
2a0e:97c0:252::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e8:0b:3e:9f:b8:a3:70:7a:a5:7c:5e:67:7b:74:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ccea70f7e7171589565d185425d6efd2c7bc6483
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:c2:b1:14:b7:ac:9e:3a:12:64:87:85:ff:58:
4a:11:3e:50:58:ac:6b:c1:4a:9b:29:49:7c:94:f8:
54:bd:35:4b:da:75:dc:05:53:74:25:41:4d:01:bc:
a2:91:0b:ea:d1:04:2d:d8:e2:e0:f9:a0:73:57:80:
44:11:8b:7e:ab:9b:59:62:d4:8d:9d:d6:21:66:da:
af:40:be:3f:b7:5b:3f:d0:de:e4:c3:50:ed:1a:c9:
d2:a4:34:f9:97:74:03:0e:21:d5:2e:06:bf:c6:09:
c8:72:97:e2:c9:1a:d4:c5:a0:55:d3:68:8f:da:da:
87:8f:98:cd:33:d2:94:bd:84:00:f1:1e:ef:50:f4:
d8:86:77:80:16:6e:69:28:3e:fa:76:3d:cd:34:3d:
91:25:2b:a9:9c:f8:f2:ea:71:1a:2c:7a:a6:7d:ac:
1c:25:cb:4c:30:ca:74:09:6a:49:b5:be:fe:00:62:
45:15:cb:3c:58:03:1a:2a:6a:1f:6d:74:32:f7:da:
0b:c4:a8:77:b3:45:46:61:b1:6d:51:27:de:3a:9a:
1d:a9:ea:54:d8:a7:98:35:65:0f:de:da:c0:3c:63:
58:d3:fb:8f:b3:87:59:3d:11:83:4f:c2:07:ca:cd:
8c:c6:73:f5:6e:ef:d1:3a:b7:77:1c:22:96:bb:9e:
a7:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:EA:70:F7:E7:17:15:89:56:5D:18:54:25:D6:EF:D2:C7:BC:64:83
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zOpw9-cXFYlWXRhUJdbv0se8ZIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:250::/44
Signature Algorithm: sha256WithRSAEncryption
7b:8c:18:6e:d5:a5:50:b0:8f:ea:eb:d9:14:69:52:2f:b5:a4:
30:0d:d5:2c:1a:ac:82:10:9d:fc:f9:38:d6:e2:3b:62:01:2e:
3c:64:51:12:f9:0a:df:3e:58:45:cb:35:f0:e8:98:a0:69:bf:
dd:da:20:5b:e1:17:51:70:17:f9:64:8b:32:b4:8a:06:99:e4:
6f:69:49:bf:4b:7a:c6:4a:ce:85:4d:0a:30:92:66:0c:80:d0:
21:0a:68:28:25:56:e2:47:a6:a5:07:1c:a0:e3:83:9e:c7:06:
f9:39:64:da:9d:04:58:c6:a1:ef:2c:08:8d:70:de:1d:76:7e:
18:0c:da:12:1b:ff:7a:6d:18:79:65:7f:d1:36:bc:69:26:c6:
12:08:a6:1c:eb:8c:69:e1:e5:b7:8e:5e:12:ba:6a:c0:19:ff:
d5:16:2b:c1:db:0b:61:59:71:51:e5:91:11:7d:d8:bf:93:dd:
f3:5a:8f:c6:f1:65:67:ef:2d:b4:65:67:56:20:25:11:2a:11:
f4:eb:55:22:d1:3f:01:22:f3:6e:a7:ce:52:0b:78:ba:04:7f:
77:73:91:97:55:f1:79:21:61:5e:37:1e:4f:95:89:e2:b6:7d:
cd:58:bf:85:33:b4:83:07:a7:46:26:b5:52:27:ed:45:ae:86:
ce:4d:34:9d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw6As+n7ijcHqlfF5ne3SmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2VhNzBmN2U3MTcxNTg5NTY1ZDE4NTQyNWQ2ZWZkMmM3YmM2NDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisKxFLesnjoSZIeF/1hKET5QWKxr
wUqbKUl8lPhUvTVL2nXcBVN0JUFNAbyikQvq0QQt2OLg+aBzV4BEEYt+q5tZYtSN
ndYhZtqvQL4/t1s/0N7kw1DtGsnSpDT5l3QDDiHVLga/xgnIcpfiyRrUxaBV02iP
2tqHj5jNM9KUvYQA8R7vUPTYhneAFm5pKD76dj3NND2RJSupnPjy6nEaLHqmfawc
JctMMMp0CWpJtb7+AGJFFcs8WAMaKmofbXQy99oLxKh3s0VGYbFtUSfeOpodqepU
2KeYNWUP3trAPGNY0/uPs4dZPRGDT8IHys2MxnP1bu/ROrd3HCKWu56nAQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMzqcPfnFxWJVl0YVCXW79LHvGSDMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvek9wdzktY1hGWWxXWFJoVUpkYnYwc2U4WklNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAJQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB7jBhu1aVQsI/q69kUaVIvtaQwDdUsGqyCEJ38
+TjW4jtiAS48ZFES+QrfPlhFyzXw6Jigab/d2iBb4RdRcBf5ZIsytIoGmeRvaUm/
S3rGSs6FTQowkmYMgNAhCmgoJVbiR6alBxyg44Oexwb5OWTanQRYxqHvLAiNcN4d
dn4YDNoSG/96bRh5ZX/RNrxpJsYSCKYc64xp4eW3jl4SumrAGf/VFivB2wthWXFR
5ZERfdi/k93zWo/G8WVn7y20ZWdWICURKhH061Ui0T8BIvNup85SC3i6BH93c5GX
VfF5IWFeNx5PlYnitn3NWL+FM7SDB6dGJrVSJ+1FrobOTTSd
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:52 2024 by rpki-client on console-ams.rpki-client.org