Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/IiM-jYv6z81vmfmJeWD_7iJr1I4.roa
File: IiM-jYv6z81vmfmJeWD_7iJr1I4.roa (raw, json)
Hash identifier: VvoNepqvwMrOMuzDwjD+JcnNUDRBn9QnZmI8FWIXtkE=
Subject key identifier: 22:23:3E:8D:8B:FA:CF:CD:6F:99:F9:89:79:60:FF:EE:22:6B:D4:8E
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 01857246C22A026D83B847B5EEB97EF5859F
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/IiM-jYv6z81vmfmJeWD_7iJr1I4.roa
Signing time: Mon 02 Jan 2023 11:38:37 +0000
ROA not before: Mon 02 Jan 2023 11:38:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49134
IP address blocks: 2a0c:9a40:8201::/48 maxlen: 48
2a0c:9a40:8200::/47 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:c2:2a:02:6d:83:b8:47:b5:ee:b9:7e:f5:85:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 2 11:38:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22233e8d8bfacfcd6f99f9897960ffee226bd48e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:39:c9:fe:fe:a3:34:b3:5a:54:e1:4b:b9:84:
68:7b:10:68:dc:36:4d:7a:36:e5:cc:f2:4d:72:e5:
08:4c:f3:ae:09:3c:95:e0:00:8c:08:f8:9b:24:d8:
f8:3d:fb:1f:6f:79:c7:5c:38:f7:c1:aa:57:44:2b:
2e:20:fd:ed:25:ef:b9:70:df:60:c9:dc:03:cf:46:
50:8a:a7:48:ef:02:10:bb:24:e7:f4:dd:47:e5:b1:
6a:2a:d1:8d:33:0e:52:81:94:2e:55:6c:cd:70:7a:
ab:7e:e2:8a:07:bd:7f:33:8b:53:aa:ad:50:0b:1d:
1f:99:09:ff:f6:28:b0:6d:2b:a0:81:a3:b9:18:82:
86:1a:38:80:07:79:c9:71:d5:3d:31:50:64:a9:51:
cb:40:d5:83:30:df:58:1c:15:17:0a:6c:34:ae:10:
f5:cd:a2:b8:f7:7b:f2:eb:8a:da:46:ad:b3:f3:52:
d9:e2:e0:58:cd:57:7f:35:23:de:59:0e:6b:ab:05:
81:de:92:1c:7c:6d:e1:da:ec:17:b5:a9:13:56:6b:
3e:f8:d9:03:43:18:0d:b3:a9:4b:21:94:0a:8a:15:
37:a9:d8:42:c5:47:c7:88:17:d9:58:9c:00:44:2a:
cf:b7:78:e0:0d:13:3b:07:ec:df:25:cc:06:c3:c3:
73:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:23:3E:8D:8B:FA:CF:CD:6F:99:F9:89:79:60:FF:EE:22:6B:D4:8E
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/IiM-jYv6z81vmfmJeWD_7iJr1I4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8200::/47
Signature Algorithm: sha256WithRSAEncryption
ba:2d:fc:79:3e:83:b0:ff:f4:79:c2:8e:0d:25:8e:6c:23:97:
bf:12:54:dd:6e:3f:47:65:3c:5e:06:13:d8:04:ca:d4:de:f9:
e9:0c:82:c6:2f:67:4f:d1:f2:dc:d7:a4:c5:09:92:84:3f:cf:
a0:5c:c3:82:24:14:0b:fc:ca:b9:5b:59:ba:ab:ac:ec:5d:60:
80:a1:d1:a4:48:81:ea:57:37:9d:3f:6a:4b:87:2f:24:c8:20:
65:d9:26:cd:9a:c1:d5:48:c4:a8:bd:6f:42:06:29:61:46:62:
1c:59:23:34:cf:91:dc:80:f0:b3:0e:ae:b1:ce:3a:58:52:19:
1f:6f:fc:6e:42:46:a0:2a:50:7a:38:ea:8b:3c:ab:0f:ea:ea:
5a:00:e3:e5:84:df:93:21:12:1f:25:0a:af:01:83:61:98:e0:
16:52:6b:fe:c2:d8:6a:cb:24:19:de:09:de:76:35:be:1f:b8:
4b:6d:82:85:80:65:66:15:fb:54:5d:74:08:13:ce:36:4f:aa:
18:82:8d:b6:f1:79:9d:13:b1:3f:26:51:2b:66:d4:eb:f5:a4:
c9:2a:d6:47:c1:56:1e:9f:a1:f6:e8:80:b6:bb:95:dc:0b:18:
a7:06:f9:a2:20:23:c1:cf:f2:0d:df:97:64:ac:3a:5e:a0:cd:
37:ed:b6:82
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyRsIqAm2DuEe17rl+9YWfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwMTAyMTEzODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjIzM2U4ZDhiZmFjZmNkNmY5OWY5ODk3OTYwZmZlZTIyNmJkNDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhznJ/v6jNLNaVOFLuYRoexBo3DZN
ejblzPJNcuUITPOuCTyV4ACMCPibJNj4Pfsfb3nHXDj3wapXRCsuIP3tJe+5cN9g
ydwDz0ZQiqdI7wIQuyTn9N1H5bFqKtGNMw5SgZQuVWzNcHqrfuKKB71/M4tTqq1Q
Cx0fmQn/9iiwbSuggaO5GIKGGjiAB3nJcdU9MVBkqVHLQNWDMN9YHBUXCmw0rhD1
zaK493vy64raRq2z81LZ4uBYzVd/NSPeWQ5rqwWB3pIcfG3h2uwXtakTVms++NkD
QxgNs6lLIZQKihU3qdhCxUfHiBfZWJwARCrPt3jgDRM7B+zfJcwGw8NzyQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCIjPo2L+s/Nb5n5iXlg/+4ia9SOMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvSWlNLWpZdjZ6ODF2bWZtSmVXRF83aUpyMUk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKgyaQIIA
MA0GCSqGSIb3DQEBCwUAA4IBAQC6Lfx5PoOw//R5wo4NJY5sI5e/ElTdbj9HZTxe
BhPYBMrU3vnpDILGL2dP0fLc16TFCZKEP8+gXMOCJBQL/Mq5W1m6q6zsXWCAodGk
SIHqVzedP2pLhy8kyCBl2SbNmsHVSMSovW9CBilhRmIcWSM0z5HcgPCzDq6xzjpY
Uhkfb/xuQkagKlB6OOqLPKsP6upaAOPlhN+TIRIfJQqvAYNhmOAWUmv+wthqyyQZ
3gnedjW+H7hLbYKFgGVmFftUXXQIE842T6oYgo228XmdE7E/JlErZtTr9aTJKtZH
wVYen6H26IC2u5XcCxinBvmiICPBz/IN35dkrDpeoM037baC
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:19 2024 by rpki-client on console-ams.rpki-client.org