Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/8WbNz9VmJ0W3sfB8Tj5oR_FEYL8.roa
File: 8WbNz9VmJ0W3sfB8Tj5oR_FEYL8.roa (raw, json)
Hash identifier: Us7QB18FRFou44zzDDGpozOqtzDZG5f0D00wcJ4y68U=
Subject key identifier: F1:66:CD:CF:D5:66:27:45:B7:B1:F0:7C:4E:3E:68:47:F1:44:60:BF
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 01856CE62320AA7932F936DBA63C05E7E76F
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/8WbNz9VmJ0W3sfB8Tj5oR_FEYL8.roa
Signing time: Sun 01 Jan 2023 10:34:59 +0000
ROA not before: Sun 01 Jan 2023 10:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201702
IP address blocks: 2a09:e681::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:23:20:aa:79:32:f9:36:db:a6:3c:05:e7:e7:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 1 10:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f166cdcfd5662745b7b1f07c4e3e6847f14460bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:23:f4:55:ce:22:c5:06:0a:ad:20:2b:56:15:
60:d0:3d:fd:9d:d8:a5:da:e4:e3:0c:3e:c2:db:46:
4d:16:17:5b:10:18:17:2e:78:0d:b1:c3:9a:b1:2f:
63:a8:c5:3e:db:74:58:14:8a:0a:d3:16:a4:c5:32:
cb:c4:23:42:57:e9:97:68:d3:74:d8:b7:a1:95:d8:
63:eb:62:06:32:a9:b0:d5:9b:9b:fa:47:3f:a8:1e:
b4:50:1f:3a:30:a5:0e:70:e4:2f:07:f9:2f:95:b3:
5a:13:56:41:e1:b7:c1:fc:5b:6a:ab:0f:65:23:d5:
9d:13:9f:04:e8:21:bb:93:08:9a:53:3d:7e:1c:6f:
3e:f0:ff:a6:4d:03:27:58:cb:c3:c1:69:10:0e:ee:
1f:d5:5f:f3:5c:13:36:57:cb:eb:86:27:7f:7b:80:
c6:3a:8d:21:30:dd:85:7e:15:98:e6:8c:54:4b:49:
44:99:94:f2:31:28:d1:c8:6b:11:ed:94:59:ac:81:
a8:2c:63:49:85:e2:e3:ac:3a:69:3c:cb:28:cd:66:
0c:f5:cc:52:af:b1:39:05:77:e9:25:36:e1:b3:1f:
03:59:7c:48:1c:5b:c4:d3:72:72:26:9f:99:57:e1:
60:1c:19:d2:b7:fb:de:f2:73:82:ff:34:81:34:d5:
fc:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:66:CD:CF:D5:66:27:45:B7:B1:F0:7C:4E:3E:68:47:F1:44:60:BF
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/8WbNz9VmJ0W3sfB8Tj5oR_FEYL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:e681::/32
Signature Algorithm: sha256WithRSAEncryption
5b:0d:fe:65:e0:2b:83:fe:49:f5:9d:36:50:cf:50:c3:4f:d8:
f4:b6:33:21:2f:44:d2:d5:8f:6b:6a:72:f3:3a:01:e5:95:1c:
fd:d3:5a:37:05:cb:67:65:15:87:4b:c6:fd:4e:f5:54:dc:6c:
f6:5f:2a:1e:5a:63:01:fa:52:76:0b:9d:2e:e2:7b:69:6c:bc:
a2:db:d5:86:97:a0:b4:28:29:10:20:e0:b9:4b:bb:01:fe:c5:
5e:6a:93:90:35:b9:20:cb:d8:b9:7b:de:c7:37:35:d5:9d:c9:
a9:b1:33:e9:00:f8:71:c3:a5:b6:27:a7:14:a9:c0:fc:ae:71:
b4:17:3b:e1:6d:64:9a:f0:6a:8f:8b:32:9a:a3:31:1f:0e:c1:
18:85:86:1a:ff:79:17:3f:84:80:bc:b1:a8:6f:b5:08:70:04:
2c:e5:5d:e3:48:69:99:b5:a9:39:ef:ca:d3:ea:c1:54:26:35:
bf:eb:e3:f7:31:98:03:e5:e9:33:27:72:0d:36:25:73:54:60:
43:4a:b8:26:45:95:03:e4:25:42:39:9c:27:47:9c:46:b2:33:
58:4b:69:02:5a:24:25:6c:6b:9a:99:16:20:76:e6:ec:52:8c:
03:a3:49:bc:d4:58:72:b9:19:f7:c5:ff:16:9a:f1:74:ae:dc:
4a:78:53:7c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVs5iMgqnky+TbbpjwF5+dvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwMTAxMTAzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTY2Y2RjZmQ1NjYyNzQ1YjdiMWYwN2M0ZTNlNjg0N2YxNDQ2MGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4CP0Vc4ixQYKrSArVhVg0D39ndil
2uTjDD7C20ZNFhdbEBgXLngNscOasS9jqMU+23RYFIoK0xakxTLLxCNCV+mXaNN0
2Lehldhj62IGMqmw1Zub+kc/qB60UB86MKUOcOQvB/kvlbNaE1ZB4bfB/Ftqqw9l
I9WdE58E6CG7kwiaUz1+HG8+8P+mTQMnWMvDwWkQDu4f1V/zXBM2V8vrhid/e4DG
Oo0hMN2FfhWY5oxUS0lEmZTyMSjRyGsR7ZRZrIGoLGNJheLjrDppPMsozWYM9cxS
r7E5BXfpJTbhsx8DWXxIHFvE03JyJp+ZV+FgHBnSt/ve8nOC/zSBNNX8NQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPFmzc/VZidFt7HwfE4+aEfxRGC/MB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvOFdiTno5Vm1KMFczc2ZCOFRqNW9SX0ZFWUw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgnmgTAN
BgkqhkiG9w0BAQsFAAOCAQEAWw3+ZeArg/5J9Z02UM9Qw0/Y9LYzIS9E0tWPa2py
8zoB5ZUc/dNaNwXLZ2UVh0vG/U71VNxs9l8qHlpjAfpSdgudLuJ7aWy8otvVhpeg
tCgpECDguUu7Af7FXmqTkDW5IMvYuXvexzc11Z3JqbEz6QD4ccOltienFKnA/K5x
tBc74W1kmvBqj4symqMxHw7BGIWGGv95Fz+EgLyxqG+1CHAELOVd40hpmbWpOe/K
0+rBVCY1v+vj9zGYA+XpMydyDTYlc1RgQ0q4JkWVA+QlQjmcJ0ecRrIzWEtpAlok
JWxrmpkWIHbm7FKMA6NJvNRYcrkZ98X/FprxdK7cSnhTfA==
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:51:13 2024 by rpki-client on console-fra.rpki-client.org