Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/20YyHnpu0KG4U58D21LSXDkYpYY.roa
File: 20YyHnpu0KG4U58D21LSXDkYpYY.roa (raw, json)
Hash identifier: 5RjZiglqNHAGm7YfV2gJCFqhi257Y7o/cReK7GAu504=
Subject key identifier: DB:46:32:1E:7A:6E:D0:A1:B8:53:9F:03:DB:52:D2:5C:39:18:A5:86
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018C81ACFA7FF89D6F99C481D608963CC9A3
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/20YyHnpu0KG4U58D21LSXDkYpYY.roa
Signing time: Tue 19 Dec 2023 10:44:06 +0000
ROA not before: Tue 19 Dec 2023 10:44:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 215826
IP address blocks: 2a0c:9a40:9400::/40 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:81:ac:fa:7f:f8:9d:6f:99:c4:81:d6:08:96:3c:c9:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Dec 19 10:44:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db46321e7a6ed0a1b8539f03db52d25c3918a586
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3f:b3:aa:7f:c3:b5:80:bc:53:22:2b:bd:7c:
67:e1:07:11:5d:45:a6:17:26:eb:63:d7:f2:85:40:
79:ef:39:95:45:4e:01:94:5b:2a:e8:c1:1d:9f:fd:
81:44:ec:83:9e:4b:b2:2b:eb:3c:74:6e:8e:46:ce:
c0:75:2a:e6:08:4b:5c:54:dd:57:e0:ff:59:22:09:
17:8c:21:e1:93:b6:a8:bc:32:ce:f8:51:d1:77:f6:
80:ec:c9:d3:0a:57:93:d4:5d:45:a5:3c:c1:77:7c:
c3:d9:71:3f:28:b1:03:c8:2c:01:d1:31:25:0c:51:
89:ae:aa:3d:c3:38:d0:4e:6a:16:75:45:68:92:2a:
2a:0e:0a:87:f6:f6:47:fc:c4:30:1e:a3:70:05:a7:
e7:56:e6:1b:d8:4c:74:7a:fb:7c:c2:55:16:8e:f9:
9f:52:9b:ea:14:cf:2a:8c:2a:63:f1:9a:2d:f6:cd:
93:f3:f7:14:73:c3:c1:0e:9c:0f:f6:31:0f:3f:ae:
04:5b:97:8e:c9:44:9b:2b:f9:ab:0b:0f:c5:1b:a0:
3d:db:52:99:ba:d9:0a:42:0f:3e:8c:f1:46:bb:e0:
1a:75:38:f4:1d:d8:81:18:2e:48:fd:28:dd:6f:cc:
55:03:c6:b4:2b:e4:12:25:c6:99:33:86:e6:cb:e9:
fa:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:46:32:1E:7A:6E:D0:A1:B8:53:9F:03:DB:52:D2:5C:39:18:A5:86
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/20YyHnpu0KG4U58D21LSXDkYpYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:9400::/40
Signature Algorithm: sha256WithRSAEncryption
bd:af:a3:37:19:de:78:6c:39:4c:15:9a:b7:d7:ea:28:b9:e6:
2c:9d:42:e1:b6:24:40:49:ee:a2:94:95:0d:38:ff:85:57:48:
f2:8a:20:46:fe:96:c1:b1:14:a0:8c:00:5b:ba:b7:f1:03:da:
f3:41:aa:6d:bc:43:36:70:bd:4f:f4:a4:30:99:71:64:9e:51:
fe:d0:bc:73:2c:f8:e8:33:91:fa:b0:dc:ec:72:90:af:70:71:
15:3b:c3:53:60:15:ec:34:79:0b:47:6c:d3:fb:36:e8:90:d8:
8f:4b:43:f6:83:33:f4:90:d8:2d:d4:2e:ea:d9:bd:df:14:6b:
4f:b4:4a:39:ee:7b:8c:ab:7b:cd:6c:21:57:f1:ed:7b:d6:96:
d3:50:b4:a4:44:c6:7d:ce:de:13:95:62:51:bb:80:24:51:66:
b5:64:79:71:9c:b6:4c:1a:6f:55:c4:f4:79:8e:17:d2:8a:09:
a4:8c:6c:e7:f0:db:97:76:59:9f:f7:88:5b:df:ef:41:9c:75:
19:c3:49:2a:1f:e8:a7:c6:93:d2:da:e0:5e:71:71:5c:ee:88:
ce:63:f9:4b:12:67:73:7c:e2:52:6a:d4:47:ec:cf:89:b0:c2:
73:e5:54:44:7c:7c:0c:50:7b:17:95:7e:31:c0:99:35:5a:12:
2a:d0:4b:64
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYyBrPp/+J1vmcSB1giWPMmjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMxMjE5MTA0NDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjQ2MzIxZTdhNmVkMGExYjg1MzlmMDNkYjUyZDI1YzM5MThhNTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwj+zqn/DtYC8UyIrvXxn4QcRXUWm
FybrY9fyhUB57zmVRU4BlFsq6MEdn/2BROyDnkuyK+s8dG6ORs7AdSrmCEtcVN1X
4P9ZIgkXjCHhk7aovDLO+FHRd/aA7MnTCleT1F1FpTzBd3zD2XE/KLEDyCwB0TEl
DFGJrqo9wzjQTmoWdUVokioqDgqH9vZH/MQwHqNwBafnVuYb2Ex0evt8wlUWjvmf
UpvqFM8qjCpj8Zot9s2T8/cUc8PBDpwP9jEPP64EW5eOyUSbK/mrCw/FG6A921KZ
utkKQg8+jPFGu+AadTj0HdiBGC5I/Sjdb8xVA8a0K+QSJcaZM4bmy+n6QQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNtGMh56btChuFOfA9tS0lw5GKWGMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvMjBZeUhucHUwS0c0VTU4RDIxTFNYRGtZcFlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgyaQJQw
DQYJKoZIhvcNAQELBQADggEBAL2vozcZ3nhsOUwVmrfX6ii55iydQuG2JEBJ7qKU
lQ04/4VXSPKKIEb+lsGxFKCMAFu6t/ED2vNBqm28QzZwvU/0pDCZcWSeUf7QvHMs
+Ogzkfqw3OxykK9wcRU7w1NgFew0eQtHbNP7NuiQ2I9LQ/aDM/SQ2C3ULurZvd8U
a0+0Sjnue4yre81sIVfx7XvWltNQtKRExn3O3hOVYlG7gCRRZrVkeXGctkwab1XE
9HmOF9KKCaSMbOfw25d2WZ/3iFvf70GcdRnDSSof6KfGk9La4F5xcVzuiM5j+UsS
Z3N84lJq1Efsz4mwwnPlVER8fAxQexeVfjHAmTVaEirQS2Q=
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:19 2024 by rpki-client on console-ams.rpki-client.org