Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zXPKvgcNwI7EGxSQf23IY9SsIcg.roa
File: zXPKvgcNwI7EGxSQf23IY9SsIcg.roa (raw, json)
Hash identifier: d33CO/eGcpCy4kA6L4qZ5nlJepPz1wnhO+pc6rA0zwg=
Subject key identifier: CD:73:CA:BE:07:0D:C0:8E:C4:1B:14:90:7F:6D:C8:63:D4:AC:21:C8
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185836AF2F02C3D8615B1A709DD024C8011
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zXPKvgcNwI7EGxSQf23IY9SsIcg.roa
Signing time: Thu 05 Jan 2023 19:31:42 +0000
ROA not before: Thu 05 Jan 2023 19:31:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210667
IP address blocks: 2a0e:b107:1788::/48 maxlen: 48
2a0e:97c0:a40::/44 maxlen: 48
2a0e:97c0:a48::/48 maxlen: 48
2a0e:97c0:a43::/48 maxlen: 48
2a0e:97c0:a41::/48 maxlen: 48
2a0e:97c0:a44::/48 maxlen: 48
2a0e:97c0:a47::/48 maxlen: 48
2a0e:97c0:a42::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:83:6a:f2:f0:2c:3d:86:15:b1:a7:09:dd:02:4c:80:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 5 19:31:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd73cabe070dc08ec41b14907f6dc863d4ac21c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:29:eb:59:c4:30:8f:0f:97:ca:c0:79:5a:69:
6f:f3:63:d1:67:75:3f:1c:a3:a4:0e:7e:70:29:1c:
a6:af:be:89:a3:d6:f1:a5:14:38:65:aa:5f:13:81:
a1:f9:14:81:45:52:e1:f4:94:ef:46:4d:0d:52:60:
92:75:43:a1:63:9b:5b:d5:ec:1a:85:38:16:57:0d:
dc:79:91:78:b3:e3:b4:5a:e3:6a:c3:bd:fb:81:50:
e0:ec:f5:88:0e:8b:03:30:fa:6c:56:c9:ce:07:9e:
c8:fe:e1:2a:fa:2f:c3:75:c7:84:ab:a8:f7:e6:c8:
70:d7:c8:ec:6f:77:60:c0:9a:f2:c7:7c:42:f4:e9:
90:81:c8:38:d5:64:08:42:1d:05:6f:73:37:8e:7f:
ee:34:5e:1a:29:84:43:79:4a:b9:50:ba:5e:3d:72:
41:50:3a:7c:87:a1:a8:e5:e8:d4:01:5c:93:89:cf:
6c:02:cc:31:2d:c5:0e:0c:e3:b8:f0:ed:d9:a1:61:
d3:99:2f:45:af:ea:26:0b:be:e1:98:5d:25:75:71:
bc:1d:ff:5d:46:6b:9f:34:c3:01:67:93:49:60:cb:
6c:45:74:27:9f:ad:8c:90:67:ee:12:df:40:48:37:
4d:49:30:95:8b:d9:51:f3:7a:33:2a:7e:ac:f4:bb:
21:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:73:CA:BE:07:0D:C0:8E:C4:1B:14:90:7F:6D:C8:63:D4:AC:21:C8
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zXPKvgcNwI7EGxSQf23IY9SsIcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:a40::/44
2a0e:b107:1788::/48
Signature Algorithm: sha256WithRSAEncryption
67:4f:b6:e4:36:ba:d8:0b:4c:0a:95:5e:ce:32:36:29:d0:42:
79:35:ca:bf:ad:5e:af:c1:4a:62:15:71:51:82:0e:a4:c3:e7:
e2:76:17:29:86:a7:8d:bd:8b:75:f4:56:7e:03:f8:f8:ad:3c:
ea:9e:d7:8c:4a:41:0c:aa:5c:42:a1:4c:bd:5b:9e:33:e9:d0:
b0:d2:08:27:b0:4e:24:3b:17:d1:21:87:2e:58:58:01:9c:e2:
54:37:da:9b:9a:cf:f5:bf:9b:3a:57:7b:e0:54:10:13:82:7f:
28:0b:b8:c6:a6:7c:32:eb:87:2d:87:20:9d:56:3c:fe:85:ee:
4f:ac:c0:43:00:36:2b:5d:8a:0b:42:63:60:6e:94:2b:18:3c:
99:4f:c9:1f:6e:b7:4c:49:2d:f6:62:3d:fa:7f:87:a5:9e:a2:
b9:f9:7a:b5:12:3e:37:38:f6:55:f3:68:50:30:1b:da:33:ce:
4d:54:30:11:81:77:f2:b9:86:a4:f2:18:e7:2f:15:ef:46:72:
82:de:5d:38:4e:3d:c6:0b:49:f8:23:02:7c:b1:fa:8e:b9:25:
98:43:b5:79:41:f0:e1:50:47:73:ef:dc:32:1b:94:e2:62:27:
a2:f2:55:60:12:05:11:34:01:a4:a6:1b:71:5a:3c:82:95:07:
77:ed:9b:38
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYWDavLwLD2GFbGnCd0CTIARMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTA1MTkzMTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDczY2FiZTA3MGRjMDhlYzQxYjE0OTA3ZjZkYzg2M2Q0YWMyMWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoinrWcQwjw+XysB5Wmlv82PRZ3U/
HKOkDn5wKRymr76Jo9bxpRQ4ZapfE4Gh+RSBRVLh9JTvRk0NUmCSdUOhY5tb1ewa
hTgWVw3ceZF4s+O0WuNqw737gVDg7PWIDosDMPpsVsnOB57I/uEq+i/DdceEq6j3
5shw18jsb3dgwJryx3xC9OmQgcg41WQIQh0Fb3M3jn/uNF4aKYRDeUq5ULpePXJB
UDp8h6Go5ejUAVyTic9sAswxLcUODOO48O3ZoWHTmS9Fr+omC77hmF0ldXG8Hf9d
RmufNMMBZ5NJYMtsRXQnn62MkGfuEt9ASDdNSTCVi9lR83ozKn6s9LshxQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM1zyr4HDcCOxBsUkH9tyGPUrCHIMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvelhQS3ZnY053STdFR3hTUWYyM0lZOVNzSWNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6XwApA
AwcAKg6xBxeIMA0GCSqGSIb3DQEBCwUAA4IBAQBnT7bkNrrYC0wKlV7OMjYp0EJ5
Ncq/rV6vwUpiFXFRgg6kw+fidhcphqeNvYt19FZ+A/j4rTzqnteMSkEMqlxCoUy9
W54z6dCw0ggnsE4kOxfRIYcuWFgBnOJUN9qbms/1v5s6V3vgVBATgn8oC7jGpnwy
64cthyCdVjz+he5PrMBDADYrXYoLQmNgbpQrGDyZT8kfbrdMSS32Yj36f4elnqK5
+Xq1Ej43OPZV82hQMBvaM85NVDARgXfyuYak8hjnLxXvRnKC3l04Tj3GC0n4IwJ8
sfqOuSWYQ7V5QfDhUEdz79wyG5TiYiei8lVgEgURNAGkphtxWjyClQd37Zs4
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:05 2023 by rpki-client on console-ams.rpki-client.org