Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/57l7ZrDldV-wvDhAs9F-xpVyRDI.roa
File: 57l7ZrDldV-wvDhAs9F-xpVyRDI.roa (raw, json)
Hash identifier: U2oD9Es47kOL4WreMKef8bODQrXS6C5ZMN+Squ2ODZU=
Subject key identifier: E7:B9:7B:66:B0:E5:75:5F:B0:BC:38:40:B3:D1:7E:C6:95:72:44:32
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018CC6B8D84450FCB5B9F4BD2D82EE97346E
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/57l7ZrDldV-wvDhAs9F-xpVyRDI.roa
Signing time: Mon 01 Jan 2024 20:30:51 +0000
ROA not before: Mon 01 Jan 2024 20:30:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53356
IP address blocks: 2a0c:9a40:808c::/48 maxlen: 48
2a0c:9a40:8200::/47 maxlen: 47
Validation: Failed, certificate revoked on Fri 09 Feb 2024 15:25:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:d8:44:50:fc:b5:b9:f4:bd:2d:82:ee:97:34:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 20:30:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e7b97b66b0e5755fb0bc3840b3d17ec695724432
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8c:9d:f8:38:9b:b5:0f:67:c6:26:ab:a4:29:
44:f8:a1:65:2c:2f:74:c9:15:a2:fd:d9:ac:fa:14:
05:73:de:2e:2f:a0:87:75:cc:07:cc:0a:b6:65:ec:
98:c6:49:18:75:51:89:38:98:c9:a4:59:2b:0d:8b:
60:3b:ac:76:0a:13:40:9a:83:f8:7c:2d:8b:43:41:
56:9c:6e:47:63:2b:fa:8d:84:b4:d7:52:c2:59:ca:
5c:7c:51:0a:a4:c3:2c:3e:0d:ef:3d:56:ba:89:2b:
e0:d9:00:ea:c3:0e:ac:55:94:f9:b0:9c:aa:26:10:
b3:bb:28:2a:de:5a:60:56:62:cb:13:7d:ce:0f:fb:
24:82:81:13:05:5f:4d:d5:3b:59:84:94:0a:cb:7d:
f0:b0:3f:58:67:e7:d1:6a:6d:d7:a6:d7:4c:e2:eb:
5b:a2:37:89:ba:74:a3:95:1f:f6:80:07:63:84:85:
66:e5:97:c6:4f:37:a2:fd:7f:64:3a:5b:74:26:95:
2c:36:71:0c:2d:80:a9:29:11:53:89:19:32:1d:32:
a5:79:d5:1c:60:58:84:cf:13:5e:b5:77:e0:3a:2d:
22:2b:49:19:ab:35:d1:0d:65:5c:10:b7:35:5c:f6:
61:26:b2:79:0e:6f:9e:c6:17:68:a1:a6:85:fe:f2:
b9:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:B9:7B:66:B0:E5:75:5F:B0:BC:38:40:B3:D1:7E:C6:95:72:44:32
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/57l7ZrDldV-wvDhAs9F-xpVyRDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:808c::/48
2a0c:9a40:8200::/47
Signature Algorithm: sha256WithRSAEncryption
63:d9:70:98:9d:4d:df:be:98:3a:81:b7:45:22:e2:ef:dd:39:
82:4e:ce:9c:3a:53:f4:2e:40:ef:93:50:e0:a2:c7:9e:03:26:
3a:51:28:c2:9c:8f:dc:f7:5f:c3:33:78:87:42:bc:11:85:70:
34:f1:7b:4f:c6:5e:56:00:3f:55:56:cd:2a:01:fb:26:f6:c0:
45:1a:64:19:01:f0:a0:3e:5e:61:a1:e6:4e:a5:c9:a5:4e:64:
71:4b:09:4c:63:b5:2e:b4:f3:5c:a5:96:4d:75:3b:d9:9a:5e:
35:c6:2c:35:7e:4f:e3:a2:0f:3b:c6:c8:5a:8c:b1:7a:0a:d6:
27:00:9c:20:96:56:0a:b5:b6:df:04:59:9e:c9:b4:65:0e:32:
7d:9c:d7:16:b4:f5:5b:34:93:9c:46:24:70:74:64:2d:ed:81:
01:7a:a2:6f:d9:92:bf:d6:77:80:4c:5c:72:de:b5:24:77:1c:
95:31:cf:ce:03:b5:4c:73:10:6c:ba:13:2d:f1:e9:27:7d:b3:
5f:a1:56:bf:e3:d7:d0:78:6f:42:41:05:cb:a1:b5:ab:ab:b6:
b3:2a:20:62:1c:a3:9e:5c:fa:cb:81:dc:3a:08:3a:1f:6e:44:
4f:e6:af:c7:b9:8d:65:d6:b8:ea:4f:6e:77:3d:de:87:a4:cb:
b7:5e:a7:65
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGuNhEUPy1ufS9LYLulzRuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwMTAxMjAzMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2I5N2I2NmIwZTU3NTVmYjBiYzM4NDBiM2QxN2VjNjk1NzI0NDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4yd+DibtQ9nxiarpClE+KFlLC90
yRWi/dms+hQFc94uL6CHdcwHzAq2ZeyYxkkYdVGJOJjJpFkrDYtgO6x2ChNAmoP4
fC2LQ0FWnG5HYyv6jYS011LCWcpcfFEKpMMsPg3vPVa6iSvg2QDqww6sVZT5sJyq
JhCzuygq3lpgVmLLE33OD/skgoETBV9N1TtZhJQKy33wsD9YZ+fRam3XptdM4utb
ojeJunSjlR/2gAdjhIVm5ZfGTzei/X9kOlt0JpUsNnEMLYCpKRFTiRkyHTKledUc
YFiEzxNetXfgOi0iK0kZqzXRDWVcELc1XPZhJrJ5Dm+exhdooaaF/vK52QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOe5e2aw5XVfsLw4QLPRfsaVckQyMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvNTdsN1pyRGxkVi13dkRoQXM5Ri14cFZ5UkRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgyaQICM
AwcBKgyaQIIAMA0GCSqGSIb3DQEBCwUAA4IBAQBj2XCYnU3fvpg6gbdFIuLv3TmC
Ts6cOlP0LkDvk1DgoseeAyY6USjCnI/c91/DM3iHQrwRhXA08XtPxl5WAD9VVs0q
Afsm9sBFGmQZAfCgPl5hoeZOpcmlTmRxSwlMY7UutPNcpZZNdTvZml41xiw1fk/j
og87xshajLF6CtYnAJwgllYKtbbfBFmeybRlDjJ9nNcWtPVbNJOcRiRwdGQt7YEB
eqJv2ZK/1neATFxy3rUkdxyVMc/OA7VMcxBsuhMt8eknfbNfoVa/49fQeG9CQQXL
obWrq7azKiBiHKOeXPrLgdw6CDofbkRP5q/HuY1l1rjqT253Pd6HpMu3Xqdl
-----END CERTIFICATE-----
Generated at Fri Feb 9 18:27:17 2024 by rpki-client on console-ams.rpki-client.org