Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/cU8mK2XOYKQMsvEQoI92MFYV5V0.roa
File: cU8mK2XOYKQMsvEQoI92MFYV5V0.roa (raw, json)
Hash identifier: 3egADbiQVwPq3n+ZTQncLRPdx7qRf90Iwyvma8Z/9jM=
Subject key identifier: 71:4F:26:2B:65:CE:60:A4:0C:B2:F1:10:A0:8F:76:30:56:15:E5:5D
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018921A1F9F7EC276C08017AC230EB4B5EED
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/cU8mK2XOYKQMsvEQoI92MFYV5V0.roa
Signing time: Tue 04 Jul 2023 16:00:10 +0000
ROA not before: Tue 04 Jul 2023 16:00:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197951
IP address blocks: 2a0c:9a40:8cb0::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:21:a1:f9:f7:ec:27:6c:08:01:7a:c2:30:eb:4b:5e:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jul 4 16:00:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=714f262b65ce60a40cb2f110a08f76305615e55d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:48:10:ed:d6:83:ec:5a:c2:90:36:2c:3e:62:
a3:f6:eb:c1:9a:c8:20:3e:57:92:f8:50:cf:86:ef:
13:34:ae:fe:5c:b0:f2:24:38:23:e2:82:ce:6e:db:
3f:ae:d9:7d:36:d2:c5:db:40:33:47:3a:7f:e8:6d:
6e:2e:76:09:59:fa:92:b9:ac:79:10:28:80:51:43:
51:ae:11:9d:24:bf:e0:60:25:88:13:ea:9d:01:12:
bf:85:eb:52:ae:5f:6e:1a:78:cc:98:72:26:f9:99:
02:47:7e:3a:db:d7:39:e5:c0:8d:bb:d1:d7:38:fd:
af:12:6f:11:ca:65:1e:91:30:3b:01:b8:77:ac:5a:
59:c8:b3:3a:01:0e:a8:36:80:6f:cf:dd:e9:16:7b:
d4:d7:ed:ec:33:a3:2d:5d:d5:5b:c8:2b:5d:0a:64:
c5:a7:f2:61:16:70:40:05:2e:8f:08:18:06:e2:f2:
e5:10:67:2a:73:08:1d:e8:ba:5a:14:ec:22:6d:f3:
9c:1a:c0:db:07:a2:7e:b5:62:44:95:2b:88:16:eb:
81:e9:43:db:a9:97:c5:48:0f:8b:64:07:7c:1d:bd:
4b:47:50:ba:30:21:df:aa:2c:02:37:ca:ba:4d:69:
ef:ba:6d:19:d6:d1:fb:8c:b6:37:08:49:0a:29:d5:
f9:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:4F:26:2B:65:CE:60:A4:0C:B2:F1:10:A0:8F:76:30:56:15:E5:5D
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/cU8mK2XOYKQMsvEQoI92MFYV5V0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8cb0::/44
Signature Algorithm: sha256WithRSAEncryption
9f:1d:3f:e0:95:9d:5e:3b:94:e4:87:3d:ce:11:9d:6d:92:cb:
c1:ff:08:89:d2:f4:a6:99:9f:a0:d3:aa:8d:95:e6:8a:35:c9:
23:63:1a:85:19:57:f3:47:c3:1c:53:8d:19:6d:d4:ec:34:d5:
96:00:d7:d8:82:19:63:8f:97:e1:39:1b:07:13:e8:b1:96:af:
97:a3:81:83:03:44:66:0a:83:48:8d:c9:d1:18:2f:c9:eb:05:
91:ee:0d:5c:e1:41:66:98:10:04:44:b9:af:88:0e:10:18:e3:
09:54:89:71:f0:3d:ea:93:89:4b:89:2f:62:80:51:94:43:37:
a5:fa:a7:1d:9c:ee:be:48:d5:93:3e:01:85:fe:a9:04:cd:f7:
ad:8b:42:51:cc:42:2d:c6:95:86:13:4e:08:bd:b2:bb:fa:d7:
86:7b:7c:1f:53:0d:f9:aa:90:46:23:d9:d3:2b:22:bf:ed:75:
6e:cf:37:82:39:26:f0:94:8f:3f:55:c5:32:bd:56:ed:1e:fe:
aa:ef:a5:c4:1c:e0:92:d3:95:ca:ee:04:1d:e2:e6:31:e3:ab:
ef:85:5d:fc:b8:69:d2:45:66:be:9d:ed:3f:b6:d9:5f:1f:8c:
ba:8c:af:e7:14:c0:8c:83:c6:47:ae:28:b2:68:12:d3:6b:dd:
2c:37:13:47
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYkhofn37CdsCAF6wjDrS17tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwNzA0MTYwMDEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTRmMjYyYjY1Y2U2MGE0MGNiMmYxMTBhMDhmNzYzMDU2MTVlNTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0gQ7daD7FrCkDYsPmKj9uvBmsgg
PleS+FDPhu8TNK7+XLDyJDgj4oLObts/rtl9NtLF20AzRzp/6G1uLnYJWfqSuax5
ECiAUUNRrhGdJL/gYCWIE+qdARK/hetSrl9uGnjMmHIm+ZkCR34629c55cCNu9HX
OP2vEm8RymUekTA7Abh3rFpZyLM6AQ6oNoBvz93pFnvU1+3sM6MtXdVbyCtdCmTF
p/JhFnBABS6PCBgG4vLlEGcqcwgd6LpaFOwibfOcGsDbB6J+tWJElSuIFuuB6UPb
qZfFSA+LZAd8Hb1LR1C6MCHfqiwCN8q6TWnvum0Z1tH7jLY3CEkKKdX5OwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHFPJitlzmCkDLLxEKCPdjBWFeVdMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvY1U4bUsyWE9ZS1FNc3ZFUW9JOTJNRllWNVYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgyaQIyw
MA0GCSqGSIb3DQEBCwUAA4IBAQCfHT/glZ1eO5Tkhz3OEZ1tksvB/wiJ0vSmmZ+g
06qNleaKNckjYxqFGVfzR8McU40ZbdTsNNWWANfYghljj5fhORsHE+ixlq+Xo4GD
A0RmCoNIjcnRGC/J6wWR7g1c4UFmmBAERLmviA4QGOMJVIlx8D3qk4lLiS9igFGU
Qzel+qcdnO6+SNWTPgGF/qkEzfeti0JRzEItxpWGE04IvbK7+teGe3wfUw35qpBG
I9nTKyK/7XVuzzeCOSbwlI8/VcUyvVbtHv6q76XEHOCS05XK7gQd4uYx46vvhV38
uGnSRWa+ne0/ttlfH4y6jK/nFMCMg8ZHriiyaBLTa90sNxNH
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:19 2024 by rpki-client on console-ams.rpki-client.org