Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ew25ASGufGk2iQaFgMJJmIWlPFs.roa
File: ew25ASGufGk2iQaFgMJJmIWlPFs.roa (raw, json)
Hash identifier: 5E8kIZqlUzqvC2J51wrnQtDxUqpSVbuhoq/RyR+d8q8=
Subject key identifier: 7B:0D:B9:01:21:AE:7C:69:36:89:06:85:80:C2:49:98:85:A5:3C:5B
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 01857246BDB59D28DCA7D0C50A5E2B4F5050
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ew25ASGufGk2iQaFgMJJmIWlPFs.roa
Signing time: Mon 02 Jan 2023 11:38:36 +0000
ROA not before: Mon 02 Jan 2023 11:38:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 2a0c:9a40:8060::/44 maxlen: 44
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:bd:b5:9d:28:dc:a7:d0:c5:0a:5e:2b:4f:50:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 2 11:38:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b0db90121ae7c693689068580c2499885a53c5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:4a:84:1a:78:23:55:97:75:cf:fb:18:d1:a0:
35:5f:67:0b:34:1c:b9:22:80:d3:49:54:16:8e:22:
5d:13:cb:20:21:16:53:59:c1:86:38:92:0b:10:a0:
28:89:19:9b:1d:2b:8d:d3:b6:fa:e9:c9:59:45:5d:
bb:d6:f0:42:9f:07:91:5e:0a:de:fd:5d:fd:d9:9d:
a9:1c:86:00:b4:61:1a:b4:e6:1e:5e:95:18:2f:01:
52:5f:b4:8c:2a:59:95:c0:4e:40:50:5d:50:f4:7c:
5a:85:84:c9:cf:aa:ef:02:72:e0:aa:cc:5d:75:e8:
d5:53:b1:a8:52:9e:e7:58:a4:1c:8c:2f:d9:c1:3b:
0a:8a:49:87:c5:54:b8:ea:74:3a:6d:8b:43:7d:b3:
84:ec:27:50:49:8e:30:21:01:f4:73:f5:4a:9a:28:
e5:1e:6d:3d:1a:34:6f:49:ba:0b:80:bf:e9:be:a1:
2d:7e:ed:59:54:79:d6:7a:e5:0d:97:db:12:a0:98:
5e:e5:01:3c:9a:c8:bf:cf:ea:74:cf:bc:0f:0e:54:
4c:0f:b1:78:b6:a4:6b:bf:eb:96:63:b3:c5:24:88:
ac:4f:26:2b:e1:ca:28:15:d4:16:12:ad:4e:2a:31:
54:36:44:35:f7:da:90:ef:2f:23:3a:7f:41:7d:44:
3b:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:0D:B9:01:21:AE:7C:69:36:89:06:85:80:C2:49:98:85:A5:3C:5B
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ew25ASGufGk2iQaFgMJJmIWlPFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8060::/44
Signature Algorithm: sha256WithRSAEncryption
ab:2a:b5:17:dc:6e:4c:5c:c7:a2:91:40:14:e4:72:95:bb:d0:
1c:92:9c:75:f0:25:3e:b3:54:27:ca:09:64:e6:ce:7f:51:6f:
fe:75:51:e3:a8:ce:b3:e9:7d:b0:c7:b2:cd:ba:c6:54:3c:be:
cc:66:44:8a:06:70:aa:c0:c3:b5:c5:e2:85:90:a9:9d:4d:9b:
5c:cf:42:67:29:bd:3f:96:08:db:9c:53:14:20:84:f5:46:7c:
06:0b:35:3a:e4:10:f3:2a:b6:87:30:ce:7e:5c:96:bd:04:b7:
f9:90:96:6c:8c:86:ca:a2:7f:1f:e1:35:21:73:a2:9d:cd:2d:
c5:68:bf:77:94:00:69:1d:9f:e7:e3:92:ec:f8:e1:75:15:f5:
5c:be:6e:f1:e1:65:c5:96:25:9a:14:71:00:70:58:3f:b9:01:
0e:18:cb:84:9d:34:00:de:e9:6d:fa:43:4c:a2:ff:68:4e:d4:
03:0a:01:87:50:7f:6b:0c:3f:f4:78:a1:28:8d:0e:a2:4b:f7:
25:3f:64:ea:9b:17:f5:78:be:b7:3c:8e:68:bb:31:4e:9a:90:
75:5e:b2:46:36:01:3e:57:29:17:1d:91:44:66:17:b3:5d:00:
7c:46:86:35:f9:ef:cc:df:a2:e9:fb:9a:d7:d4:b5:08:2b:af:
c2:33:bb:3f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyRr21nSjcp9DFCl4rT1BQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwMTAyMTEzODM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjBkYjkwMTIxYWU3YzY5MzY4OTA2ODU4MGMyNDk5ODg1YTUzYzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEqEGngjVZd1z/sY0aA1X2cLNBy5
IoDTSVQWjiJdE8sgIRZTWcGGOJILEKAoiRmbHSuN07b66clZRV271vBCnweRXgre
/V392Z2pHIYAtGEatOYeXpUYLwFSX7SMKlmVwE5AUF1Q9HxahYTJz6rvAnLgqsxd
dejVU7GoUp7nWKQcjC/ZwTsKikmHxVS46nQ6bYtDfbOE7CdQSY4wIQH0c/VKmijl
Hm09GjRvSboLgL/pvqEtfu1ZVHnWeuUNl9sSoJhe5QE8msi/z+p0z7wPDlRMD7F4
tqRrv+uWY7PFJIisTyYr4cooFdQWEq1OKjFUNkQ199qQ7y8jOn9BfUQ7QQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHsNuQEhrnxpNokGhYDCSZiFpTxbMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvZXcyNUFTR3VmR2syaVFhRmdNSkptSVdsUEZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgyaQIBg
MA0GCSqGSIb3DQEBCwUAA4IBAQCrKrUX3G5MXMeikUAU5HKVu9Ackpx18CU+s1Qn
yglk5s5/UW/+dVHjqM6z6X2wx7LNusZUPL7MZkSKBnCqwMO1xeKFkKmdTZtcz0Jn
Kb0/lgjbnFMUIIT1RnwGCzU65BDzKraHMM5+XJa9BLf5kJZsjIbKon8f4TUhc6Kd
zS3FaL93lABpHZ/n45Ls+OF1FfVcvm7x4WXFliWaFHEAcFg/uQEOGMuEnTQA3ult
+kNMov9oTtQDCgGHUH9rDD/0eKEojQ6iS/clP2Tqmxf1eL63PI5ouzFOmpB1XrJG
NgE+VykXHZFEZhezXQB8RoY1+e/M36Lp+5rX1LUIK6/CM7s/
-----END CERTIFICATE-----
Generated at Sat Dec 16 13:53:58 2023 by rpki-client on console-ams.rpki-client.org