Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/dKunsvd9AwShq5h1_PBwNw6F3Os.roa
File: dKunsvd9AwShq5h1_PBwNw6F3Os.roa (raw, json)
Hash identifier: FDiG9o/g2oS6cnOnZ8OvalW1agKbx79HCvSPWnJbGTg=
Subject key identifier: 74:AB:A7:B2:F7:7D:03:04:A1:AB:98:75:FC:F0:70:37:0E:85:DC:EB
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 01857246C49EBCFF64A53861E7B7FA45ABD3
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/dKunsvd9AwShq5h1_PBwNw6F3Os.roa
Signing time: Mon 02 Jan 2023 11:38:38 +0000
ROA not before: Mon 02 Jan 2023 11:38:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 53356
IP address blocks: 2a0c:9a40:808c::/48 maxlen: 48
2a0c:9a40:8200::/47 maxlen: 47
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:c4:9e:bc:ff:64:a5:38:61:e7:b7:fa:45:ab:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 2 11:38:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74aba7b2f77d0304a1ab9875fcf070370e85dceb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f1:7c:82:23:84:a4:2a:36:55:f6:7b:4f:dd:
b5:36:88:a5:10:c4:96:59:29:9a:0b:ce:14:11:b0:
16:49:f6:a7:d7:a0:f9:54:6e:c8:79:0c:92:f3:ac:
d9:1f:7b:54:cc:1e:52:a8:f3:e4:20:7c:5e:9d:c5:
e3:cd:64:7d:6c:ca:ad:2c:ac:c9:27:73:93:33:81:
0d:e7:70:c0:6c:e7:13:de:5a:23:b4:7b:c7:ef:91:
56:d6:84:ae:9b:5a:77:7f:4c:09:c8:ac:9c:82:98:
da:c3:cd:c5:c6:02:91:76:8a:1e:ea:8a:9b:f4:44:
b2:de:a8:d6:1f:0e:3b:fe:06:08:bd:77:0c:97:60:
18:99:2e:6b:a0:73:da:dc:45:2c:5e:79:1b:fa:54:
ae:7c:a3:9a:71:40:fd:7b:64:ac:34:ce:e1:eb:ab:
c2:c2:06:84:8d:60:07:70:3a:67:4b:03:9d:80:e6:
5f:d5:20:9a:da:16:a9:92:7c:7b:9b:d7:f7:e2:ae:
40:70:0c:c2:9e:9e:90:0b:66:4c:ff:a4:ff:31:8a:
2e:99:ec:14:64:eb:91:6b:52:78:64:72:d1:07:e1:
c7:ae:83:f3:53:9f:0c:9c:a7:e8:93:c8:3b:e0:29:
31:b3:a5:58:29:82:12:3d:37:85:1e:42:7b:d6:6c:
28:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:AB:A7:B2:F7:7D:03:04:A1:AB:98:75:FC:F0:70:37:0E:85:DC:EB
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/dKunsvd9AwShq5h1_PBwNw6F3Os.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:808c::/48
2a0c:9a40:8200::/47
Signature Algorithm: sha256WithRSAEncryption
87:e9:c3:06:dc:53:19:71:e7:aa:e0:f6:a9:8f:c1:fe:05:da:
4e:16:08:52:19:cd:42:5b:ac:2f:e4:64:fe:1e:f1:3a:30:c4:
4f:6e:bd:6f:62:d2:1d:2e:bc:87:7a:04:21:16:19:93:03:0a:
df:b9:83:a8:b4:1e:32:a3:45:9b:4d:29:6d:31:58:78:04:43:
9f:a5:4c:0d:2c:c4:5d:07:05:43:49:0b:d8:f0:d0:b7:2a:c4:
cc:fb:b4:3f:56:97:a7:e3:61:c2:94:c8:dd:b0:f6:36:6d:d1:
0a:7b:bc:e3:41:1c:23:28:9b:2f:30:82:6f:e5:24:93:2f:3d:
76:73:68:7a:7c:e3:d0:4f:0b:83:62:d8:a2:4f:87:6b:b5:1b:
ce:1f:a3:0a:5b:a1:1a:d4:64:e0:c3:8b:91:12:1c:58:dc:5f:
16:ce:f5:af:63:2f:fe:5a:ba:6f:78:5d:13:68:05:8b:e8:94:
1b:d1:e9:2f:a4:af:83:3a:79:0e:13:fe:31:39:4b:c9:0a:fa:
62:c6:fa:fa:85:3e:93:e8:4e:a5:f9:be:6a:22:90:c8:65:a4:
c9:3d:c6:7a:1b:7b:8b:62:a7:36:56:fe:bb:93:41:02:20:b5:
d8:01:f9:a8:a2:ce:7b:c9:6c:07:c5:e0:bd:f4:e0:c9:82:e2:
2a:fa:c2:9a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyRsSevP9kpThh57f6RavTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwMTAyMTEzODM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGFiYTdiMmY3N2QwMzA0YTFhYjk4NzVmY2YwNzAzNzBlODVkY2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/F8giOEpCo2VfZ7T921NoilEMSW
WSmaC84UEbAWSfan16D5VG7IeQyS86zZH3tUzB5SqPPkIHxencXjzWR9bMqtLKzJ
J3OTM4EN53DAbOcT3lojtHvH75FW1oSum1p3f0wJyKycgpjaw83FxgKRdooe6oqb
9ESy3qjWHw47/gYIvXcMl2AYmS5roHPa3EUsXnkb+lSufKOacUD9e2SsNM7h66vC
wgaEjWAHcDpnSwOdgOZf1SCa2hapknx7m9f34q5AcAzCnp6QC2ZM/6T/MYoumewU
ZOuRa1J4ZHLRB+HHroPzU58MnKfok8g74Ckxs6VYKYISPTeFHkJ71mwodwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHSrp7L3fQMEoauYdfzwcDcOhdzrMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvZEt1bnN2ZDlBd1NocTVoMV9QQndOdzZGM09zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgyaQICM
AwcBKgyaQIIAMA0GCSqGSIb3DQEBCwUAA4IBAQCH6cMG3FMZceeq4Papj8H+BdpO
FghSGc1CW6wv5GT+HvE6MMRPbr1vYtIdLryHegQhFhmTAwrfuYOotB4yo0WbTSlt
MVh4BEOfpUwNLMRdBwVDSQvY8NC3KsTM+7Q/Vpen42HClMjdsPY2bdEKe7zjQRwj
KJsvMIJv5SSTLz12c2h6fOPQTwuDYtiiT4drtRvOH6MKW6Ea1GTgw4uREhxY3F8W
zvWvYy/+WrpveF0TaAWL6JQb0ekvpK+DOnkOE/4xOUvJCvpixvr6hT6T6E6l+b5q
IpDIZaTJPcZ6G3uLYqc2Vv67k0ECILXYAfmoos57yWwHxeC99ODJguIq+sKa
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:36:57 2024 by rpki-client on console-fra.rpki-client.org