Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/rEDrA1MquV3jgHkTZPG46EpZi8s.roa
File: rEDrA1MquV3jgHkTZPG46EpZi8s.roa (raw, json)
Hash identifier: f2uYI0c/faZPbPqwUT9Ds4M+zlF//aWSinMwwzf1JFI=
Subject key identifier: AC:40:EB:03:53:2A:B9:5D:E3:80:79:13:64:F1:B8:E8:4A:59:8B:CB
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 01874405585330318EF32E3C7730D0ED8CFA
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/rEDrA1MquV3jgHkTZPG46EpZi8s.roa
Signing time: Sun 02 Apr 2023 22:10:13 +0000
ROA not before: Sun 02 Apr 2023 22:10:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199109
IP address blocks: 2a0c:9a40:8320::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:44:05:58:53:30:31:8e:f3:2e:3c:77:30:d0:ed:8c:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Apr 2 22:10:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac40eb03532ab95de380791364f1b8e84a598bcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9b:bb:bf:9f:0d:fd:ce:73:bf:e0:f8:6a:64:
14:c3:5e:39:99:3f:91:cb:81:d8:c2:c3:e8:ae:23:
ca:14:bc:26:6b:b7:2c:e3:fb:12:07:73:9a:f8:de:
b8:ab:89:47:7f:41:32:e3:d0:ca:90:72:b3:80:0b:
d2:24:43:b3:0b:54:88:a2:8a:b4:1a:7e:eb:38:0d:
86:bc:9c:96:85:96:ff:94:85:de:28:06:0d:8a:69:
6a:47:07:02:3b:51:c9:38:f0:4f:db:08:6d:4b:bf:
ec:06:c4:d8:c5:6f:c8:46:af:1e:b2:bf:99:da:29:
89:b9:b4:83:bf:31:6f:7c:89:88:41:c7:73:8a:33:
67:f2:f0:ad:d3:65:41:79:d9:77:82:bf:4f:d2:bc:
cf:b6:69:03:37:64:f5:1b:48:0b:6f:78:87:35:22:
a3:8a:92:37:c2:f7:cd:02:3e:11:eb:48:27:55:0d:
18:a0:f9:eb:bf:52:9c:65:34:73:d1:1e:c4:70:93:
35:42:1b:5a:c6:cd:e0:70:79:e7:04:b7:9b:fb:bc:
99:a0:24:8a:c9:88:8d:b7:a9:d0:9d:73:cd:d8:7a:
0f:d1:2a:a9:06:da:b3:ba:bd:b6:a7:3a:1b:34:84:
36:65:6a:b8:c7:14:77:ef:28:ac:2e:ee:77:a5:6d:
a9:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:40:EB:03:53:2A:B9:5D:E3:80:79:13:64:F1:B8:E8:4A:59:8B:CB
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/rEDrA1MquV3jgHkTZPG46EpZi8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8320::/48
Signature Algorithm: sha256WithRSAEncryption
2b:45:b6:25:3d:b9:0b:4b:fb:05:33:bc:d8:fd:3c:ee:cf:18:
91:02:2f:06:e5:3b:37:c8:8b:f3:05:e5:c4:e1:e5:ac:4b:c7:
f0:36:b4:90:b3:3d:8c:e4:7f:a1:9b:cf:f3:c5:03:c5:cd:8b:
7a:f1:94:5c:db:ac:4c:71:b3:cc:17:91:16:1c:54:2e:8d:86:
ef:29:4d:8f:c6:66:cc:96:d4:d0:7f:f8:5c:fd:0b:59:8b:dd:
2d:91:02:12:8c:4d:29:1d:05:d7:8e:97:d3:d3:62:98:b8:84:
64:7d:a9:31:53:ed:5d:35:8b:76:60:ae:15:96:85:1a:65:f8:
4a:7c:a5:bd:9c:cd:f0:c2:77:3c:e2:b0:32:89:c8:c4:77:10:
54:1f:d6:4d:35:01:f2:46:fb:e8:9e:20:74:7a:a5:4b:d9:4b:
95:ec:c3:9a:ed:0f:c3:f4:92:0a:65:3f:e4:9d:95:df:15:b7:
25:3b:1d:5f:9f:40:7f:b4:07:e4:73:df:1a:ea:1e:39:37:32:
f0:c1:d1:57:3b:57:0c:ef:be:7e:43:76:60:4d:2b:34:08:f9:
f1:25:65:46:67:62:ea:30:52:30:d6:61:62:cd:a3:b9:2d:28:
97:34:1b:17:8a:f8:52:39:d5:24:5a:00:fe:c3:e7:61:ee:63:
25:e1:59:5b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYdEBVhTMDGO8y48dzDQ7Yz6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwNDAyMjIxMDEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzQwZWIwMzUzMmFiOTVkZTM4MDc5MTM2NGYxYjhlODRhNTk4YmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJu7v58N/c5zv+D4amQUw145mT+R
y4HYwsPoriPKFLwma7cs4/sSB3Oa+N64q4lHf0Ey49DKkHKzgAvSJEOzC1SIooq0
Gn7rOA2GvJyWhZb/lIXeKAYNimlqRwcCO1HJOPBP2whtS7/sBsTYxW/IRq8esr+Z
2imJubSDvzFvfImIQcdzijNn8vCt02VBedl3gr9P0rzPtmkDN2T1G0gLb3iHNSKj
ipI3wvfNAj4R60gnVQ0YoPnrv1KcZTRz0R7EcJM1Qhtaxs3gcHnnBLeb+7yZoCSK
yYiNt6nQnXPN2HoP0SqpBtqzur22pzobNIQ2ZWq4xxR37yisLu53pW2peQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKxA6wNTKrld44B5E2TxuOhKWYvLMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvckVEckExTXF1VjNqZ0hrVFpQRzQ2RXBaaThzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQIMg
MA0GCSqGSIb3DQEBCwUAA4IBAQArRbYlPbkLS/sFM7zY/TzuzxiRAi8G5Ts3yIvz
BeXE4eWsS8fwNrSQsz2M5H+hm8/zxQPFzYt68ZRc26xMcbPMF5EWHFQujYbvKU2P
xmbMltTQf/hc/QtZi90tkQISjE0pHQXXjpfT02KYuIRkfakxU+1dNYt2YK4VloUa
ZfhKfKW9nM3wwnc84rAyicjEdxBUH9ZNNQHyRvvoniB0eqVL2UuV7MOa7Q/D9JIK
ZT/knZXfFbclOx1fn0B/tAfkc98a6h45NzLwwdFXO1cM775+Q3ZgTSs0CPnxJWVG
Z2LqMFIw1mFizaO5LSiXNBsXivhSOdUkWgD+w+dh7mMl4Vlb
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:19 2024 by rpki-client on console-ams.rpki-client.org