Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/2_L767gDs6a0qOKt4qOnIbyxsCA.roa
File: 2_L767gDs6a0qOKt4qOnIbyxsCA.roa (raw, json)
Hash identifier: K5prlPZQuVBK/UoJgTZSvAoPG7qi9eHDJ4xU6cJaytM=
Subject key identifier: DB:F2:FB:EB:B8:03:B3:A6:B4:A8:E2:AD:E2:A3:A7:21:BC:B1:B0:20
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018B358AE0A38FAF02F2AD475F5C101DAFEB
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/2_L767gDs6a0qOKt4qOnIbyxsCA.roa
Signing time: Sun 15 Oct 2023 22:52:55 +0000
ROA not before: Sun 15 Oct 2023 22:52:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216191
IP address blocks: 2a0c:9a40:8c00::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:35:8a:e0:a3:8f:af:02:f2:ad:47:5f:5c:10:1d:af:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Oct 15 22:52:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbf2fbebb803b3a6b4a8e2ade2a3a721bcb1b020
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:aa:8c:c4:85:27:84:87:55:00:7a:13:19:dc:
40:5f:d3:5b:6a:7d:c9:79:01:3e:f6:75:5b:2e:57:
d0:11:06:17:b1:33:5a:e5:40:25:88:85:60:6c:ab:
c7:17:97:c5:f6:86:35:46:08:a9:91:a7:d6:c6:bb:
97:d6:f9:aa:3c:67:a1:a3:94:f1:21:df:ae:3a:e1:
29:e6:9a:bc:cf:98:0f:7e:11:41:0a:74:00:34:11:
2b:f8:40:12:5a:04:67:31:d8:b0:6b:a3:f6:a3:b3:
b3:a1:39:2a:c9:09:e9:06:01:04:fd:8c:66:9a:d4:
96:46:79:cc:92:f3:4a:33:43:c1:8b:86:73:30:7c:
eb:89:7c:05:f0:27:19:46:97:ca:87:56:e7:f7:b2:
c0:a2:81:75:02:1b:a6:48:c1:5e:ee:14:ab:4c:a0:
39:b3:14:b8:bb:1e:3d:71:d2:3a:62:e2:0a:58:ce:
f0:3a:ae:a2:d6:ae:b1:69:0a:9a:b9:17:e8:25:b0:
81:63:34:38:74:6a:42:02:9e:b8:b4:a3:50:e6:f1:
e0:60:29:12:0a:f5:e1:46:e1:5f:8c:e0:fd:26:82:
20:9b:ce:87:8f:43:07:34:59:59:3f:c9:1e:53:2b:
ef:00:e4:bf:dd:13:78:fc:07:48:6f:a0:a4:9d:9f:
4a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:F2:FB:EB:B8:03:B3:A6:B4:A8:E2:AD:E2:A3:A7:21:BC:B1:B0:20
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/2_L767gDs6a0qOKt4qOnIbyxsCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8c00::/44
Signature Algorithm: sha256WithRSAEncryption
2a:0d:f3:85:6d:b8:6d:1d:02:2d:dd:d1:63:99:42:74:50:09:
e1:8e:2a:f1:20:17:9e:d2:3c:f2:db:fb:0f:e5:da:51:00:d0:
87:8e:3c:0c:b7:c9:4e:9d:21:19:11:04:ee:03:22:56:49:76:
f4:b2:34:c2:cc:3c:7b:c6:ec:dd:19:04:08:a6:90:98:be:6a:
12:f3:47:6e:6c:52:90:5f:55:e5:08:20:fe:df:72:83:77:6f:
be:69:53:5b:1f:74:40:7c:08:67:cd:00:3b:58:ab:1f:11:1b:
17:03:aa:0d:ac:21:fd:2c:d9:19:e3:77:78:82:62:16:a7:93:
b5:ef:b5:f2:e6:16:81:c6:de:53:ae:6f:fc:39:f2:a9:70:27:
a8:6d:19:f1:9d:a3:bd:61:d9:f8:f3:2f:5e:56:25:b0:95:bd:
9e:c9:44:55:8c:82:2a:98:58:f8:ab:16:cb:13:10:1d:d5:2e:
e9:62:26:27:91:62:70:9a:27:5c:e9:af:7b:5d:31:ed:5c:d6:
c8:f5:c9:12:5b:29:1c:b7:86:b6:f8:5b:12:56:73:1a:5e:d0:
d5:9e:e7:ed:99:ab:63:92:6c:77:e4:fc:da:f6:bc:4f:62:92:
33:48:d7:c7:1b:1f:66:ff:29:fb:f9:f6:e5:29:e0:09:64:b8:
0c:4c:c3:03
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYs1iuCjj68C8q1HX1wQHa/rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMxMDE1MjI1MjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmYyZmJlYmI4MDNiM2E2YjRhOGUyYWRlMmEzYTcyMWJjYjFiMDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKqMxIUnhIdVAHoTGdxAX9Nban3J
eQE+9nVbLlfQEQYXsTNa5UAliIVgbKvHF5fF9oY1RgipkafWxruX1vmqPGeho5Tx
Id+uOuEp5pq8z5gPfhFBCnQANBEr+EASWgRnMdiwa6P2o7OzoTkqyQnpBgEE/Yxm
mtSWRnnMkvNKM0PBi4ZzMHzriXwF8CcZRpfKh1bn97LAooF1AhumSMFe7hSrTKA5
sxS4ux49cdI6YuIKWM7wOq6i1q6xaQqauRfoJbCBYzQ4dGpCAp64tKNQ5vHgYCkS
CvXhRuFfjOD9JoIgm86Hj0MHNFlZP8keUyvvAOS/3RN4/AdIb6CknZ9KDQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNvy++u4A7OmtKjireKjpyG8sbAgMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvMl9MNzY3Z0RzNmEwcU9LdDRxT25JYnl4c0NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgyaQIwA
MA0GCSqGSIb3DQEBCwUAA4IBAQAqDfOFbbhtHQIt3dFjmUJ0UAnhjirxIBee0jzy
2/sP5dpRANCHjjwMt8lOnSEZEQTuAyJWSXb0sjTCzDx7xuzdGQQIppCYvmoS80du
bFKQX1XlCCD+33KDd2++aVNbH3RAfAhnzQA7WKsfERsXA6oNrCH9LNkZ43d4gmIW
p5O177Xy5haBxt5Trm/8OfKpcCeobRnxnaO9Ydn48y9eViWwlb2eyURVjIIqmFj4
qxbLExAd1S7pYiYnkWJwmidc6a97XTHtXNbI9ckSWykct4a2+FsSVnMaXtDVnuft
matjkmx35Pza9rxPYpIzSNfHGx9m/yn7+fblKeAJZLgMTMMD
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:36:57 2024 by rpki-client on console-fra.rpki-client.org