Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/wChYMs8-4DiIsmUbBjSdFXIioKk.roa
File: wChYMs8-4DiIsmUbBjSdFXIioKk.roa (raw, json)
Hash identifier: wu+wwQGuTMq0g0JpFmJ/zqFibcwIZFkDAf7pow+HOYw=
Subject key identifier: C0:28:58:32:CF:3E:E0:38:88:B2:65:1B:06:34:9D:15:72:22:A0:A9
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 01857246C01997EEABB818483E50A5539ED0
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/wChYMs8-4DiIsmUbBjSdFXIioKk.roa
Signing time: Mon 02 Jan 2023 11:38:37 +0000
ROA not before: Mon 02 Jan 2023 11:38:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43927
IP address blocks: 2a0c:9a40:8088::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:c0:19:97:ee:ab:b8:18:48:3e:50:a5:53:9e:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 2 11:38:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0285832cf3ee03888b2651b06349d157222a0a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:34:c8:17:83:2d:49:34:52:96:2a:cb:48:1e:
4c:48:a2:ba:83:22:10:59:8b:b2:82:01:98:54:0e:
78:46:49:1b:54:b4:b1:c1:e8:c5:66:e1:d5:e3:51:
47:e6:9d:a2:ce:00:97:f5:79:b1:d1:6e:36:a0:04:
d7:ca:4c:9f:6e:9f:c2:1d:41:9f:2a:4f:a6:67:d2:
24:0f:18:f7:62:4f:e5:03:43:05:b8:ea:f2:9b:7f:
dc:2d:9e:2e:9c:94:a0:d6:4a:73:d1:15:e6:c7:40:
96:ee:90:5f:44:3d:80:80:3a:e3:ce:30:2a:08:2d:
a4:d2:0b:ee:ea:1a:fb:4c:df:bb:7d:4c:9d:46:78:
c5:5e:95:e3:56:db:2d:74:32:8e:f2:f8:8b:85:50:
b2:a5:c3:17:59:b0:8d:3c:5f:d6:97:58:2a:b2:30:
5d:01:36:e7:29:7a:ee:cf:83:12:42:73:84:90:70:
ef:58:d0:9a:d6:b2:09:b6:fc:b9:e5:81:9e:64:f9:
3a:d3:bc:92:fe:64:6d:36:a8:12:84:63:ec:e3:51:
62:51:f8:ca:2d:9e:03:fa:c4:ee:ad:4a:92:59:67:
a1:94:02:a1:41:a8:1d:ff:52:10:0b:09:2d:2a:fd:
c4:f9:d2:92:15:4b:43:a6:10:e6:d6:ef:e8:7f:1d:
14:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:28:58:32:CF:3E:E0:38:88:B2:65:1B:06:34:9D:15:72:22:A0:A9
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/wChYMs8-4DiIsmUbBjSdFXIioKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8088::/48
Signature Algorithm: sha256WithRSAEncryption
ab:e4:0f:f7:d5:18:c1:40:c1:b9:cc:6e:bc:f0:7a:71:8c:c4:
1f:a6:aa:12:c8:4c:b3:39:38:a0:e6:85:a3:75:e4:57:c1:c8:
ef:ec:37:23:94:ab:61:ed:da:73:65:70:fa:01:ac:52:d8:5f:
b3:c1:f9:8f:a1:e8:8a:0f:bb:fc:c6:2b:98:e8:d0:27:c8:c1:
c1:d6:c7:81:46:21:72:0e:b1:62:e0:4e:7f:03:4b:1c:48:c7:
12:5f:89:cc:38:ba:18:6c:66:e4:3e:be:90:e2:1f:ff:57:74:
2d:f6:f0:18:b1:d8:51:9d:b2:62:c6:e5:98:91:7b:4e:88:23:
99:3a:03:47:0c:fe:d3:dd:51:90:12:99:76:ed:ed:e6:20:81:
d5:3a:b9:3b:6a:e8:ff:af:53:2a:85:a6:cc:14:6a:50:77:16:
32:2b:14:38:e9:ac:c7:34:e4:33:52:c1:c4:72:ec:18:03:96:
5d:20:e6:e9:01:33:85:0d:d9:96:f3:f4:0a:a8:40:44:c7:32:
3d:ab:f9:9b:64:8d:1a:01:cb:b9:3f:fa:21:e9:60:33:8b:f5:
1e:11:e0:f1:41:c0:e0:53:38:62:a9:ea:05:41:f2:ad:96:04:
37:78:9b:08:1b:53:7d:8c:4b:23:d2:89:be:8f:52:0c:02:36:
0f:81:4c:43
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyRsAZl+6ruBhIPlClU57QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwMTAyMTEzODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDI4NTgzMmNmM2VlMDM4ODhiMjY1MWIwNjM0OWQxNTcyMjJhMGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgDTIF4MtSTRSlirLSB5MSKK6gyIQ
WYuyggGYVA54RkkbVLSxwejFZuHV41FH5p2izgCX9Xmx0W42oATXykyfbp/CHUGf
Kk+mZ9IkDxj3Yk/lA0MFuOrym3/cLZ4unJSg1kpz0RXmx0CW7pBfRD2AgDrjzjAq
CC2k0gvu6hr7TN+7fUydRnjFXpXjVtstdDKO8viLhVCypcMXWbCNPF/Wl1gqsjBd
ATbnKXruz4MSQnOEkHDvWNCa1rIJtvy55YGeZPk607yS/mRtNqgShGPs41FiUfjK
LZ4D+sTurUqSWWehlAKhQagd/1IQCwktKv3E+dKSFUtDphDm1u/ofx0UBwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMAoWDLPPuA4iLJlGwY0nRVyIqCpMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvd0NoWU1zOC00RGlJc21VYkJqU2RGWElpb0trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQICI
MA0GCSqGSIb3DQEBCwUAA4IBAQCr5A/31RjBQMG5zG688HpxjMQfpqoSyEyzOTig
5oWjdeRXwcjv7DcjlKth7dpzZXD6AaxS2F+zwfmPoeiKD7v8xiuY6NAnyMHB1seB
RiFyDrFi4E5/A0scSMcSX4nMOLoYbGbkPr6Q4h//V3Qt9vAYsdhRnbJixuWYkXtO
iCOZOgNHDP7T3VGQEpl27e3mIIHVOrk7auj/r1MqhabMFGpQdxYyKxQ46azHNOQz
UsHEcuwYA5ZdIObpATOFDdmW8/QKqEBExzI9q/mbZI0aAcu5P/oh6WAzi/UeEeDx
QcDgUzhiqeoFQfKtlgQ3eJsIG1N9jEsj0om+j1IMAjYPgUxD
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:19 2024 by rpki-client on console-ams.rpki-client.org