Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/2aFstFNkSTVv7KyNRS1cEGZ-i74.roa
File: 2aFstFNkSTVv7KyNRS1cEGZ-i74.roa (raw, json)
Hash identifier: Y4uMUnwauxU9X2V/JHu1hSOGzRgRdC7vHggg9AZEBfI=
Subject key identifier: D9:A1:6C:B4:53:64:49:35:6F:EC:AC:8D:45:2D:5C:10:66:7E:8B:BE
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 0185BC8A0ADE08D25FA427DFE3335FDD8520
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/2aFstFNkSTVv7KyNRS1cEGZ-i74.roa
Signing time: Mon 16 Jan 2023 21:44:01 +0000
ROA not before: Mon 16 Jan 2023 21:44:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206824
IP address blocks: 2a0c:9a40:8090::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:bc:8a:0a:de:08:d2:5f:a4:27:df:e3:33:5f:dd:85:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 16 21:44:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9a16cb4536449356fecac8d452d5c10667e8bbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f3:e1:0f:36:5e:94:bd:93:b6:aa:be:fd:47:
49:9e:3b:53:54:5d:88:09:66:ac:ca:81:f4:73:67:
5b:f8:20:86:2a:28:cf:15:e3:2c:e0:cc:8a:3a:27:
2f:1b:b9:53:db:62:40:80:f4:77:b8:66:dc:19:62:
6d:7d:98:36:90:67:44:b9:23:7d:86:9e:7b:37:0f:
52:ce:17:dc:c5:d7:a6:64:e8:13:b0:a4:fb:d6:b3:
b6:e1:6c:57:0f:1a:f6:ae:0a:47:04:47:22:39:0f:
f9:72:77:ee:ad:e7:71:93:da:42:c8:54:fd:2e:04:
ce:01:94:4e:2f:1a:64:0a:df:d3:f1:d0:f9:f2:13:
11:b6:af:c0:bb:f5:88:52:89:75:64:34:4e:44:91:
fd:14:72:b4:09:0c:53:6d:90:84:0f:07:19:78:e1:
7f:22:c7:45:5b:4c:71:d2:e7:f4:bd:bd:c9:87:92:
bc:46:93:b5:e1:62:f6:7a:70:57:c3:14:53:35:75:
8b:53:1f:f8:7d:df:41:58:13:0b:a5:7a:0a:75:d4:
d5:33:4b:d6:fa:9d:73:f5:b1:6c:e4:a2:43:b2:b5:
fd:27:07:7f:23:6c:e8:59:61:b7:b2:4c:00:54:05:
d5:65:5d:73:e7:a1:ed:56:c3:e5:84:b6:ad:74:5b:
cc:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:A1:6C:B4:53:64:49:35:6F:EC:AC:8D:45:2D:5C:10:66:7E:8B:BE
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/2aFstFNkSTVv7KyNRS1cEGZ-i74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8090::/44
Signature Algorithm: sha256WithRSAEncryption
74:6f:13:a9:4e:d9:e0:cb:df:b9:8d:4c:1e:3f:6f:ad:b3:ac:
8b:6b:ac:11:25:f1:6e:97:d2:d1:c5:46:05:dd:dc:36:76:d0:
1d:e6:f0:dc:fa:a0:3b:4e:fb:bb:a0:15:a0:f0:c0:02:39:03:
92:86:59:a5:ac:06:28:7f:42:7a:b9:20:9a:32:23:c5:7a:b6:
10:51:10:33:38:dd:9e:7c:e6:8a:88:e3:ff:66:49:c6:e2:89:
c8:43:df:0b:f4:25:b2:af:dc:97:0e:93:16:76:d4:ab:fa:6f:
0b:fe:97:1a:61:fa:86:5e:42:86:96:14:72:f7:11:f8:1a:7c:
d2:74:cd:d4:f6:5d:c8:28:5a:b6:ef:64:ad:39:01:82:aa:ce:
b2:08:75:1b:f8:f9:5a:61:8e:48:6c:8e:3e:17:5e:70:16:3f:
dd:1a:75:04:40:f1:3b:88:6c:86:ce:f6:23:83:cf:0a:93:c7:
34:67:b3:24:02:c8:5b:40:73:91:08:7f:28:ce:4b:7d:28:6a:
c6:c8:12:cb:10:71:d1:c6:ce:1b:da:2c:5c:9f:fd:43:12:37:
6c:22:5e:9f:cf:3e:25:8a:95:09:34:b5:11:00:be:cb:ce:42:
42:e3:97:a1:ad:56:0b:c0:4c:f1:4f:17:11:30:cc:bf:4b:3f:
4e:4c:b7:f6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYW8igreCNJfpCff4zNf3YUgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwMTE2MjE0NDAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWExNmNiNDUzNjQ0OTM1NmZlY2FjOGQ0NTJkNWMxMDY2N2U4YmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPPhDzZelL2Ttqq+/UdJnjtTVF2I
CWasyoH0c2db+CCGKijPFeMs4MyKOicvG7lT22JAgPR3uGbcGWJtfZg2kGdEuSN9
hp57Nw9SzhfcxdemZOgTsKT71rO24WxXDxr2rgpHBEciOQ/5cnfuredxk9pCyFT9
LgTOAZROLxpkCt/T8dD58hMRtq/Au/WIUol1ZDRORJH9FHK0CQxTbZCEDwcZeOF/
IsdFW0xx0uf0vb3Jh5K8RpO14WL2enBXwxRTNXWLUx/4fd9BWBMLpXoKddTVM0vW
+p1z9bFs5KJDsrX9Jwd/I2zoWWG3skwAVAXVZV1z56HtVsPlhLatdFvMFQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNmhbLRTZEk1b+ysjUUtXBBmfou+MB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvMmFGc3RGTmtTVFZ2N0t5TlJTMWNFR1otaTc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgyaQICQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB0bxOpTtngy9+5jUweP2+ts6yLa6wRJfFul9LR
xUYF3dw2dtAd5vDc+qA7Tvu7oBWg8MACOQOShlmlrAYof0J6uSCaMiPFerYQURAz
ON2efOaKiOP/ZknG4onIQ98L9CWyr9yXDpMWdtSr+m8L/pcaYfqGXkKGlhRy9xH4
GnzSdM3U9l3IKFq272StOQGCqs6yCHUb+PlaYY5IbI4+F15wFj/dGnUEQPE7iGyG
zvYjg88Kk8c0Z7MkAshbQHORCH8ozkt9KGrGyBLLEHHRxs4b2ixcn/1DEjdsIl6f
zz4lipUJNLURAL7LzkJC45ehrVYLwEzxTxcRMMy/Sz9OTLf2
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:19 2024 by rpki-client on console-ams.rpki-client.org