Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/9IZYDvPNo0n-0IdKPvPPPd-bbqM.roa
File: 9IZYDvPNo0n-0IdKPvPPPd-bbqM.roa (raw, json)
Hash identifier: 31CAdVulFcnWzPw7EM1AxqpJMON/2EI/LyfjXXs1tcA=
Subject key identifier: F4:86:58:0E:F3:CD:A3:49:FE:D0:87:4A:3E:F3:CF:3D:DF:9B:6E:A3
Certificate issuer: /CN=73c69d04583500c5ef81136831237593e0bb86ce
Certificate serial: 018C39031E21C6FC4B5667A64754ACBD468A
Authority key identifier: 73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/9IZYDvPNo0n-0IdKPvPPPd-bbqM.roa
Signing time: Tue 05 Dec 2023 08:05:54 +0000
ROA not before: Tue 05 Dec 2023 08:05:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 32167
IP address blocks: 2a0d:2683::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:39:03:1e:21:c6:fc:4b:56:67:a6:47:54:ac:bd:46:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73c69d04583500c5ef81136831237593e0bb86ce
Validity
Not Before: Dec 5 08:05:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f486580ef3cda349fed0874a3ef3cf3ddf9b6ea3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:5c:1c:b5:9a:75:e0:88:22:d4:7a:0e:10:e2:
fd:aa:20:ac:cb:89:b7:0a:12:d5:67:3d:12:42:1f:
6a:f4:9e:71:3f:43:e5:1e:da:11:4c:a8:43:e7:d7:
68:62:cf:2d:62:ec:fb:9e:91:75:30:16:e7:98:13:
65:3f:04:0f:23:28:41:0d:b0:24:cb:e8:45:f9:07:
54:2c:98:0a:60:a2:4f:ef:45:45:56:29:b8:b9:5d:
79:36:84:29:71:73:70:3a:8f:37:71:f2:fd:b0:5d:
86:d3:d9:58:ab:73:8c:c4:47:e8:f2:71:fc:cc:6a:
f9:01:0e:ab:6f:2a:d6:a1:e1:91:57:ba:33:5f:ab:
88:41:97:ce:1a:67:1f:81:63:1a:86:7c:35:f8:69:
77:6a:b0:1c:91:0e:5d:7f:3c:7b:88:81:c1:1a:ea:
eb:5f:5d:7c:c9:da:65:13:e5:b8:4b:ce:42:a3:be:
4c:03:eb:e6:81:82:f8:ab:3a:fe:3a:e6:9b:6b:8e:
21:49:66:00:f7:6a:cc:42:e5:ac:db:2b:d5:96:85:
31:6f:d5:78:e3:0c:02:dc:4d:4b:96:91:9d:87:4b:
ef:d1:0c:16:58:bf:0b:3b:16:c7:45:a7:7c:01:93:
16:dc:c5:a7:5e:b2:c4:33:c1:3b:7d:5a:1d:7f:c3:
3d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:86:58:0E:F3:CD:A3:49:FE:D0:87:4A:3E:F3:CF:3D:DF:9B:6E:A3
X509v3 Authority Key Identifier:
keyid:73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/9IZYDvPNo0n-0IdKPvPPPd-bbqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:2683::/32
Signature Algorithm: sha256WithRSAEncryption
aa:93:29:f9:9e:62:9d:f0:59:42:9f:3d:7e:d0:55:79:ee:ab:
8e:a1:b5:d3:67:7d:3a:81:94:0d:5b:bb:b1:97:4f:cd:0b:6a:
7f:2f:39:d4:ac:b7:06:0d:37:d4:ea:cf:5c:2b:33:23:62:88:
99:f1:4a:07:5e:93:b9:cc:c1:0d:1c:6f:3d:84:35:c6:6e:02:
68:dd:cb:b1:08:13:1b:50:17:8e:4f:05:b0:7b:71:af:7a:78:
e2:fb:45:b2:76:19:0d:eb:8e:1f:c5:1a:5b:34:a9:18:a0:d7:
b6:5e:5f:87:cd:99:56:ed:af:e4:67:81:8d:f5:35:55:07:96:
b6:c5:31:93:20:53:1a:6a:df:0b:ad:cc:05:d8:ac:25:c2:0b:
98:61:27:a1:13:68:46:bb:4c:2a:43:9c:24:67:6f:11:a3:78:
c9:6e:b1:89:61:57:12:fe:37:dc:c0:d0:a2:5f:7f:82:78:60:
ba:3c:3e:d2:e6:f8:66:e2:9e:59:71:60:b3:6d:e9:2e:52:5c:
47:ce:2d:4d:e8:9c:50:d5:b8:88:70:dc:32:62:3f:eb:aa:f9:
91:8d:c1:1b:b0:b6:94:ff:dd:df:be:6e:24:66:6d:08:8f:71:
3d:f5:5a:6b:c3:2e:bb:3b:fa:29:9c:d4:6b:8a:29:42:8c:dd:
e1:93:cc:a5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYw5Ax4hxvxLVmemR1SsvUaKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczYzY5ZDA0NTgzNTAwYzVlZjgxMTM2ODMxMjM3NTkzZTBi
Yjg2Y2UwHhcNMjMxMjA1MDgwNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDg2NTgwZWYzY2RhMzQ5ZmVkMDg3NGEzZWYzY2YzZGRmOWI2ZWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVwctZp14Igi1HoOEOL9qiCsy4m3
ChLVZz0SQh9q9J5xP0PlHtoRTKhD59doYs8tYuz7npF1MBbnmBNlPwQPIyhBDbAk
y+hF+QdULJgKYKJP70VFVim4uV15NoQpcXNwOo83cfL9sF2G09lYq3OMxEfo8nH8
zGr5AQ6rbyrWoeGRV7ozX6uIQZfOGmcfgWMahnw1+Gl3arAckQ5dfzx7iIHBGurr
X118ydplE+W4S85Co75MA+vmgYL4qzr+Ouaba44hSWYA92rMQuWs2yvVloUxb9V4
4wwC3E1LlpGdh0vv0QwWWL8LOxbHRad8AZMW3MWnXrLEM8E7fVodf8M9cQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPSGWA7zzaNJ/tCHSj7zzz3fm26jMB8GA1UdIwQY
MBaAFHPGnQRYNQDF74ETaDEjdZPgu4bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQt
ZjljYjBhN2IyMDZjLzEvOUlaWUR2UE5vMG4tMElkS1B2UFBQZC1iYnFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQtZjljYjBhN2IyMDZj
LzEvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg0mgzAN
BgkqhkiG9w0BAQsFAAOCAQEAqpMp+Z5infBZQp89ftBVee6rjqG102d9OoGUDVu7
sZdPzQtqfy851Ky3Bg031OrPXCszI2KImfFKB16TuczBDRxvPYQ1xm4CaN3LsQgT
G1AXjk8FsHtxr3p44vtFsnYZDeuOH8UaWzSpGKDXtl5fh82ZVu2v5GeBjfU1VQeW
tsUxkyBTGmrfC63MBdisJcILmGEnoRNoRrtMKkOcJGdvEaN4yW6xiWFXEv433MDQ
ol9/gnhgujw+0ub4ZuKeWXFgs23pLlJcR84tTeicUNW4iHDcMmI/66r5kY3BG7C2
lP/d375uJGZtCI9xPfVaa8Muuzv6KZzUa4opQozd4ZPMpQ==
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:20 2024 by rpki-client on console-fra.rpki-client.org