Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/5QzTeIvdAquQ5JYytZji3IYYW8o.roa
File: 5QzTeIvdAquQ5JYytZji3IYYW8o.roa (raw, json)
Hash identifier: sAhVU6iH5Ml7e8c1RGV2UCkxxRubtjsV8/hXQUGJ99c=
Subject key identifier: E5:0C:D3:78:8B:DD:02:AB:90:E4:96:32:B5:98:E2:DC:86:18:5B:CA
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 01857246E9FA1996E03F1CBE3C44D42831EE
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/5QzTeIvdAquQ5JYytZji3IYYW8o.roa
Signing time: Mon 02 Jan 2023 11:38:48 +0000
ROA not before: Mon 02 Jan 2023 11:38:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213288
IP address blocks: 2a0c:9a40:1059::/48 maxlen: 48
2a0c:9a40:1022::/48 maxlen: 48
2a0c:9a40:10a0::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:e9:fa:19:96:e0:3f:1c:be:3c:44:d4:28:31:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 2 11:38:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e50cd3788bdd02ab90e49632b598e2dc86185bca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:5b:2e:31:65:8c:ba:0f:62:51:6e:50:0d:88:
ff:fe:b1:4b:5a:3a:44:11:7e:a0:88:4b:9f:1e:a2:
23:41:51:da:d0:24:6f:20:de:b3:8b:cc:72:8b:24:
e2:ea:3d:56:14:bd:a7:d9:e0:78:4c:6c:41:1e:5d:
08:e2:5c:60:bc:62:17:61:73:24:5f:c9:f2:31:e8:
9b:f8:fe:f7:38:1d:e2:41:bf:cc:b7:b9:d3:a9:9f:
16:52:d0:a3:67:3a:ca:a8:45:c1:ca:d3:15:31:7c:
8e:65:6f:1d:f0:00:0c:43:88:82:bb:05:e7:e0:27:
78:07:cb:c2:47:25:f8:eb:d9:ef:35:e8:42:59:98:
74:3e:b3:b3:48:79:f7:45:65:8b:e0:e3:c1:9a:63:
86:63:2f:9d:82:74:c9:93:05:d2:9a:88:d8:ee:82:
16:75:9d:e6:e5:00:c1:95:bb:c2:de:c2:b0:98:fa:
b0:ec:b1:37:66:14:d1:d6:56:a0:44:a6:39:68:37:
f2:db:e3:2f:4e:39:ed:a6:dc:5d:2b:13:ba:47:af:
18:25:72:56:87:cf:61:25:01:e0:74:12:bc:28:17:
8f:a1:bb:e0:85:b0:d4:cf:5d:71:d4:58:49:c8:7c:
65:95:15:51:08:18:fa:10:73:12:17:dc:b7:4f:87:
a8:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:0C:D3:78:8B:DD:02:AB:90:E4:96:32:B5:98:E2:DC:86:18:5B:CA
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/5QzTeIvdAquQ5JYytZji3IYYW8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:1022::/48
2a0c:9a40:1059::/48
2a0c:9a40:10a0::/44
Signature Algorithm: sha256WithRSAEncryption
16:65:83:d0:f8:50:5a:32:fd:42:8c:54:f1:e6:1a:e3:98:0b:
b6:35:af:f0:14:db:1c:00:bd:b9:bb:0a:8e:2c:61:dd:52:dd:
0a:3f:6e:73:ce:76:8b:5d:54:93:08:37:b4:07:8d:34:d6:20:
35:ad:4c:ca:db:b8:b1:14:06:b4:2f:2d:4d:0e:a8:22:24:92:
a4:a4:ab:38:f1:e6:4c:fd:4a:a1:25:d8:6b:49:46:bd:7c:49:
e4:f2:0a:d3:ea:10:4b:b8:9c:d0:50:73:28:6b:5a:2c:0b:3e:
7a:63:bb:c2:b1:24:0b:55:82:26:9e:dd:34:d6:3e:40:02:a5:
eb:35:ab:4c:d1:8a:6e:01:88:e2:26:81:33:d7:a3:a2:3e:45:
9e:62:1c:3d:69:b8:71:b5:18:54:79:bc:b4:e0:1f:04:34:e9:
31:d7:8f:03:ea:21:bc:22:a1:15:63:ba:cf:f5:40:21:43:8b:
50:af:b4:9f:3f:2c:00:c2:8f:29:11:4b:63:26:1e:5f:28:1f:
35:ad:d0:7a:fc:bd:bf:90:8e:49:4a:4d:98:d1:68:d1:e7:d8:
e5:10:4d:a7:f9:39:7b:1d:e8:dd:e8:64:62:10:de:1e:ac:65:
2e:a2:bd:4a:7a:59:35:96:f8:a9:b6:c3:a9:67:75:d5:57:91:
53:c1:99:68
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVyRun6GZbgPxy+PETUKDHuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwMTAyMTEzODQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTBjZDM3ODhiZGQwMmFiOTBlNDk2MzJiNTk4ZTJkYzg2MTg1YmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1suMWWMug9iUW5QDYj//rFLWjpE
EX6giEufHqIjQVHa0CRvIN6zi8xyiyTi6j1WFL2n2eB4TGxBHl0I4lxgvGIXYXMk
X8nyMeib+P73OB3iQb/Mt7nTqZ8WUtCjZzrKqEXBytMVMXyOZW8d8AAMQ4iCuwXn
4Cd4B8vCRyX469nvNehCWZh0PrOzSHn3RWWL4OPBmmOGYy+dgnTJkwXSmojY7oIW
dZ3m5QDBlbvC3sKwmPqw7LE3ZhTR1lagRKY5aDfy2+MvTjntptxdKxO6R68YJXJW
h89hJQHgdBK8KBePobvghbDUz11x1FhJyHxllRVRCBj6EHMSF9y3T4eo9wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOUM03iL3QKrkOSWMrWY4tyGGFvKMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvNVF6VGVJdmRBcXVRNUpZeXRaamkzSVlZVzhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgyaQBAi
AwcAKgyaQBBZAwcEKgyaQBCgMA0GCSqGSIb3DQEBCwUAA4IBAQAWZYPQ+FBaMv1C
jFTx5hrjmAu2Na/wFNscAL25uwqOLGHdUt0KP25zznaLXVSTCDe0B4001iA1rUzK
27ixFAa0Ly1NDqgiJJKkpKs48eZM/UqhJdhrSUa9fEnk8grT6hBLuJzQUHMoa1os
Cz56Y7vCsSQLVYImnt001j5AAqXrNatM0YpuAYjiJoEz16OiPkWeYhw9abhxtRhU
eby04B8ENOkx148D6iG8IqEVY7rP9UAhQ4tQr7SfPywAwo8pEUtjJh5fKB81rdB6
/L2/kI5JSk2Y0WjR59jlEE2n+Tl7Hejd6GRiEN4erGUuor1Kelk1lviptsOpZ3XV
V5FTwZlo
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:36:57 2024 by rpki-client on console-fra.rpki-client.org