Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c5e52a-8023-47ac-b27a-4aebefac49b1/1/aPf99ZlkkyHw6X2wQfxcdXecY2Q.roa
File: aPf99ZlkkyHw6X2wQfxcdXecY2Q.roa (raw, json)
Hash identifier: bZXdTDA8/EIaZ3T9u0/8QGbSx0V9uOkVG4a9JE4gtBA=
Subject key identifier: 68:F7:FD:F5:99:64:93:21:F0:E9:7D:B0:41:FC:5C:75:77:9C:63:64
Certificate issuer: /CN=45b5004ec3cf5c1a755185d6f40683c646cc94ec
Certificate serial: 01870941E80452984FE233201650F6FA211A
Authority key identifier: 45:B5:00:4E:C3:CF:5C:1A:75:51:85:D6:F4:06:83:C6:46:CC:94:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RbUATsPPXBp1UYXW9AaDxkbMlOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c5e52a-8023-47ac-b27a-4aebefac49b1/1/aPf99ZlkkyHw6X2wQfxcdXecY2Q.roa
Signing time: Wed 22 Mar 2023 12:18:46 +0000
ROA not before: Wed 22 Mar 2023 12:18:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200494
IP address blocks: 2a13:5dc0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:09:41:e8:04:52:98:4f:e2:33:20:16:50:f6:fa:21:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45b5004ec3cf5c1a755185d6f40683c646cc94ec
Validity
Not Before: Mar 22 12:18:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68f7fdf599649321f0e97db041fc5c75779c6364
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:4a:f9:32:7e:53:b4:2e:7c:a1:aa:85:e0:0b:
78:f5:d3:0f:65:41:1b:f7:de:4c:74:ea:83:b3:15:
8c:8e:fd:4d:af:e4:d6:3b:2b:e1:c5:78:22:3b:7f:
43:04:38:ad:86:d3:e0:6b:ae:c3:a4:ec:18:55:aa:
80:92:d5:10:bd:1d:87:ce:7b:46:bb:f7:ed:9f:32:
ab:05:ce:f5:08:63:21:7d:af:8c:e7:d7:f9:d1:ec:
a2:34:97:d8:a0:35:c5:03:a8:34:68:20:f0:48:83:
d8:23:a7:74:d0:ef:5a:56:02:a3:13:0c:35:3b:87:
30:8f:43:2d:fa:17:20:36:3a:73:f4:f2:83:d6:84:
4e:b2:c6:b2:f8:8e:2e:a8:ea:01:b9:30:2e:dd:34:
d4:18:42:70:81:21:18:95:e1:0c:15:46:cb:f5:f1:
7e:8d:3e:8e:d9:ba:1d:8e:8a:9f:8a:7c:0b:eb:e5:
b2:32:e3:98:11:0f:dc:0e:16:07:17:1f:71:01:71:
d7:c1:d9:a5:de:d8:75:40:1e:6a:cc:9e:f1:79:aa:
4e:b2:cc:5f:d9:3a:ef:00:bf:80:a4:4f:1f:aa:69:
0f:a8:5c:8a:68:dc:08:71:5e:09:67:c4:0b:90:43:
e9:e4:c2:92:48:fa:4a:e6:15:37:b2:4a:6b:1d:54:
d3:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:F7:FD:F5:99:64:93:21:F0:E9:7D:B0:41:FC:5C:75:77:9C:63:64
X509v3 Authority Key Identifier:
keyid:45:B5:00:4E:C3:CF:5C:1A:75:51:85:D6:F4:06:83:C6:46:CC:94:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RbUATsPPXBp1UYXW9AaDxkbMlOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c5e52a-8023-47ac-b27a-4aebefac49b1/1/aPf99ZlkkyHw6X2wQfxcdXecY2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c5e52a-8023-47ac-b27a-4aebefac49b1/1/RbUATsPPXBp1UYXW9AaDxkbMlOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:5dc0::/29
Signature Algorithm: sha256WithRSAEncryption
62:5d:fa:48:bf:1f:51:4f:93:98:9e:09:b8:ad:28:f9:22:1a:
27:59:a9:43:09:5b:12:60:78:71:c0:3d:88:28:9c:78:9e:29:
ba:cb:5d:5e:be:8b:02:f1:69:76:4d:14:7d:d6:5d:6e:1c:31:
c0:04:17:61:04:85:24:23:78:ff:9a:2f:f0:15:89:98:b7:80:
e9:0c:13:80:4f:9f:f8:dd:3f:1a:49:61:91:43:98:67:d7:aa:
25:d4:6f:89:80:c1:e1:1a:fa:92:5c:5a:3b:3a:21:e7:44:97:
69:06:82:09:6d:7e:d5:ac:c5:09:ed:8c:ea:70:a3:4e:ac:f7:
17:5a:2b:bc:fa:61:ac:49:b9:ba:8d:ac:05:c1:e3:c9:3b:b6:
c4:ad:65:51:31:f7:91:ac:b1:fe:33:75:7b:2c:52:26:77:ab:
58:4f:c0:fc:ff:a3:31:2e:13:2a:9a:a4:f2:99:4b:e5:64:20:
a8:32:e8:b3:c9:9d:81:9f:be:e1:7d:7c:ef:34:64:a1:36:96:
d5:31:c9:6f:a0:ab:ca:11:dc:55:a6:21:d9:4e:18:a2:0d:d1:
a3:d9:7c:1f:37:80:56:79:f3:3d:7f:7c:27:52:f8:9b:b9:d3:
95:32:25:ec:36:09:77:4d:99:af:8f:83:3e:f7:74:67:e2:b2:
26:06:ee:cf
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYcJQegEUphP4jMgFlD2+iEaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1YjUwMDRlYzNjZjVjMWE3NTUxODVkNmY0MDY4M2M2NDZj
Yzk0ZWMwHhcNMjMwMzIyMTIxODQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGY3ZmRmNTk5NjQ5MzIxZjBlOTdkYjA0MWZjNWM3NTc3OWM2MzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEr5Mn5TtC58oaqF4At49dMPZUEb
995MdOqDsxWMjv1Nr+TWOyvhxXgiO39DBDithtPga67DpOwYVaqAktUQvR2HzntG
u/ftnzKrBc71CGMhfa+M59f50eyiNJfYoDXFA6g0aCDwSIPYI6d00O9aVgKjEww1
O4cwj0Mt+hcgNjpz9PKD1oROssay+I4uqOoBuTAu3TTUGEJwgSEYleEMFUbL9fF+
jT6O2bodjoqfinwL6+WyMuOYEQ/cDhYHFx9xAXHXwdml3th1QB5qzJ7xeapOssxf
2TrvAL+ApE8fqmkPqFyKaNwIcV4JZ8QLkEPp5MKSSPpK5hU3skprHVTTdQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGj3/fWZZJMh8Ol9sEH8XHV3nGNkMB8GA1UdIwQY
MBaAFEW1AE7Dz1wadVGF1vQGg8ZGzJTsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmJVQVRzUFBYQnAxVVlYVzlBYUR4a2JNbE93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jNWU1MmEtODAyMy00N2FjLWIyN2Et
NGFlYmVmYWM0OWIxLzEvYVBmOTlabGtreUh3Nlgyd1FmeGNkWGVjWTJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jNWU1MmEtODAyMy00N2FjLWIyN2EtNGFlYmVmYWM0OWIx
LzEvUmJVQVRzUFBYQnAxVVlYVzlBYUR4a2JNbE93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhNdwDAN
BgkqhkiG9w0BAQsFAAOCAQEAYl36SL8fUU+TmJ4JuK0o+SIaJ1mpQwlbEmB4ccA9
iCiceJ4pustdXr6LAvFpdk0UfdZdbhwxwAQXYQSFJCN4/5ov8BWJmLeA6QwTgE+f
+N0/GklhkUOYZ9eqJdRviYDB4Rr6klxaOzoh50SXaQaCCW1+1azFCe2M6nCjTqz3
F1orvPphrEm5uo2sBcHjyTu2xK1lUTH3kayx/jN1eyxSJnerWE/A/P+jMS4TKpqk
8plL5WQgqDLos8mdgZ++4X187zRkoTaW1THJb6CryhHcVaYh2U4Yog3Ro9l8HzeA
VnnzPX98J1L4m7nTlTIl7DYJd02Zr4+DPvd0Z+KyJgbuzw==
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:53 2024 by rpki-client on console-ams.rpki-client.org