Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/0VJUWVz_UfeoQfEw6CrZR7uayGA.roa
File: 0VJUWVz_UfeoQfEw6CrZR7uayGA.roa (raw, json)
Hash identifier: VrlmN8IC064ILuq3asyQOxzW0LtTnM1dZfTuYmQCJqg=
Subject key identifier: D1:52:54:59:5C:FF:51:F7:A8:41:F1:30:E8:2A:D9:47:BB:9A:C8:60
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018CC6B8F84AC5185D2CAF05D9E9558886DF
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/0VJUWVz_UfeoQfEw6CrZR7uayGA.roa
Signing time: Mon 01 Jan 2024 20:31:00 +0000
ROA not before: Mon 01 Jan 2024 20:31:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216393
IP address blocks: 2a0c:9a40:83c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 18 Jan 2024 12:31:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:f8:4a:c5:18:5d:2c:af:05:d9:e9:55:88:86:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 20:31:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d15254595cff51f7a841f130e82ad947bb9ac860
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:92:a0:95:1f:c4:8f:01:70:82:74:96:a6:b9:
fb:66:fa:7d:47:eb:90:24:79:57:45:98:6d:d8:1b:
a1:45:a3:d9:32:17:5e:9b:fb:4a:c2:35:90:c6:aa:
8a:51:86:3e:53:85:78:df:01:1c:d1:f3:4e:2d:2c:
ea:0e:64:85:cb:58:44:0a:a4:a6:01:36:4c:8a:ea:
6a:70:d9:af:54:b4:f5:ca:f3:0f:9e:12:34:4e:6e:
b0:aa:ad:78:c2:0f:0d:4d:14:d2:67:d6:b2:81:b1:
8f:f1:4e:c9:29:b3:ff:e5:eb:53:65:84:d1:d0:57:
ff:e5:47:f8:6e:0b:1d:4d:4f:8d:20:29:e8:95:cc:
28:42:df:3d:7b:70:55:6a:a5:dc:fe:2e:92:5d:b4:
0f:56:9f:a1:a2:a4:98:98:5f:d4:59:1e:04:6e:54:
bc:eb:4b:ce:70:d7:ca:cd:0c:26:84:76:80:da:24:
7d:25:e0:3d:51:b9:71:23:ca:96:9c:95:5e:28:c4:
7b:f6:af:5c:ff:01:b3:c1:5d:4b:5f:c4:01:ba:3e:
86:de:c8:e7:69:19:c3:7b:26:9d:fc:57:3f:ee:95:
f0:58:3e:a0:38:87:5e:0c:de:41:0f:88:5e:27:2a:
7d:fc:fb:9a:a2:05:ac:bb:aa:8b:98:72:9e:bf:4e:
d4:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:52:54:59:5C:FF:51:F7:A8:41:F1:30:E8:2A:D9:47:BB:9A:C8:60
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/0VJUWVz_UfeoQfEw6CrZR7uayGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:83c0::/48
Signature Algorithm: sha256WithRSAEncryption
52:99:61:31:3f:e2:5e:43:6e:6c:44:08:54:e2:dd:07:7b:54:
84:9e:9c:59:76:59:aa:76:a1:d5:9d:e0:5d:40:17:0d:4f:14:
21:86:f9:c0:63:61:d7:0d:cc:9d:33:f4:ed:9b:d2:ec:98:ff:
46:8c:5a:cb:0d:b8:85:c5:6e:80:f2:bc:00:c3:23:ee:0d:78:
63:96:84:4a:9a:17:07:da:72:71:88:4b:b4:34:ae:7c:2f:dd:
4d:35:89:40:5b:7e:53:df:d5:a6:44:75:42:df:45:52:1a:d1:
e4:a1:f0:fa:ef:ce:ad:74:15:db:8d:18:41:35:a6:d0:46:95:
ad:a9:b1:37:2f:c1:dc:20:53:f4:c8:1f:a2:79:26:2b:44:5e:
d1:97:db:e2:36:2d:9e:6c:ca:92:d7:bb:83:96:34:dd:1e:05:
db:2d:38:d5:fe:58:cc:a0:06:57:68:c0:8a:97:5d:55:58:d1:
09:70:20:bb:2d:62:70:99:ca:47:23:15:80:65:11:3a:e1:40:
a8:f6:b1:67:ec:dc:82:ce:49:fc:e5:da:03:84:9a:59:6e:26:
7a:c4:51:07:2f:b4:bc:95:6d:fc:05:ed:2c:b4:26:e9:de:0c:
5f:bf:fd:4e:b0:f2:db:7f:fb:f7:bc:73:1e:5d:51:78:9a:fe:
49:1e:92:0b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGuPhKxRhdLK8F2elViIbfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwMTAxMjAzMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTUyNTQ1OTVjZmY1MWY3YTg0MWYxMzBlODJhZDk0N2JiOWFjODYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA65KglR/EjwFwgnSWprn7Zvp9R+uQ
JHlXRZht2BuhRaPZMhdem/tKwjWQxqqKUYY+U4V43wEc0fNOLSzqDmSFy1hECqSm
ATZMiupqcNmvVLT1yvMPnhI0Tm6wqq14wg8NTRTSZ9aygbGP8U7JKbP/5etTZYTR
0Ff/5Uf4bgsdTU+NICnolcwoQt89e3BVaqXc/i6SXbQPVp+hoqSYmF/UWR4EblS8
60vOcNfKzQwmhHaA2iR9JeA9UblxI8qWnJVeKMR79q9c/wGzwV1LX8QBuj6G3sjn
aRnDeyad/Fc/7pXwWD6gOIdeDN5BD4heJyp9/PuaogWsu6qLmHKev07UiQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNFSVFlc/1H3qEHxMOgq2Ue7mshgMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvMFZKVVdWel9VZmVvUWZFdzZDclpSN3VheUdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQIPA
MA0GCSqGSIb3DQEBCwUAA4IBAQBSmWExP+JeQ25sRAhU4t0He1SEnpxZdlmqdqHV
neBdQBcNTxQhhvnAY2HXDcydM/Ttm9LsmP9GjFrLDbiFxW6A8rwAwyPuDXhjloRK
mhcH2nJxiEu0NK58L91NNYlAW35T39WmRHVC30VSGtHkofD6786tdBXbjRhBNabQ
RpWtqbE3L8HcIFP0yB+ieSYrRF7Rl9viNi2ebMqS17uDljTdHgXbLTjV/ljMoAZX
aMCKl11VWNEJcCC7LWJwmcpHIxWAZRE64UCo9rFn7NyCzkn85doDhJpZbiZ6xFEH
L7S8lW38Be0stCbp3gxfv/1OsPLbf/v3vHMeXVF4mv5JHpIL
-----END CERTIFICATE-----
Generated at Thu Jan 18 16:02:58 2024 by rpki-client on console-fra.rpki-client.org