Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/yiGb6QTgnPJNXXIlvgo6-k-z4s4.roa
File: yiGb6QTgnPJNXXIlvgo6-k-z4s4.roa (raw, json)
Hash identifier: UvHM3+JxC7A4RPLC8Ljf8J23xrADFLsBFjgqjsU5iI8=
Subject key identifier: CA:21:9B:E9:04:E0:9C:F2:4D:5D:72:25:BE:0A:3A:FA:4F:B3:E2:CE
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 01857246BB8A3408CE9F1D3E2FC095363895
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/yiGb6QTgnPJNXXIlvgo6-k-z4s4.roa
Signing time: Mon 02 Jan 2023 11:38:36 +0000
ROA not before: Mon 02 Jan 2023 11:38:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 2a0c:9a40:82b0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:bb:8a:34:08:ce:9f:1d:3e:2f:c0:95:36:38:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 2 11:38:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca219be904e09cf24d5d7225be0a3afa4fb3e2ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:66:e8:1c:3f:cf:f3:80:74:fb:53:5e:a0:98:
a1:48:97:1c:7e:5a:e2:01:2a:8e:81:44:0b:be:69:
9b:0d:da:a1:e6:ab:6b:c2:0e:57:24:7a:70:33:87:
36:39:89:09:3e:e6:8e:a4:f9:bd:8c:37:dd:5e:80:
aa:ea:d6:06:1f:72:7d:3b:c2:ef:88:9b:68:5e:c5:
e7:42:c9:b6:84:e5:d9:66:70:3b:70:29:b8:ac:c0:
9a:51:42:0a:d8:84:11:0b:a7:5e:8e:bb:c0:52:c8:
04:64:1c:61:0b:c6:7c:1e:6e:2c:e4:6c:47:12:f8:
8f:6a:2f:90:4d:1d:ec:80:67:57:e0:19:46:36:17:
dc:75:90:eb:96:9a:0d:a8:28:5d:03:a4:3d:2d:b4:
d5:bd:5d:79:66:85:6f:a2:22:90:7c:c1:87:3d:8b:
0a:5f:46:56:75:20:d8:a3:4d:7b:56:9a:23:c1:00:
5a:80:e6:f0:a1:4a:34:8d:ba:fa:f1:5d:c1:bf:c7:
2f:e0:40:c6:27:5e:9f:0f:27:89:cd:04:69:3e:51:
c8:7a:f9:b4:87:13:b1:72:da:20:4e:f0:1f:00:14:
1c:25:f6:22:e2:62:1c:8a:10:33:22:c6:45:68:9e:
aa:44:5f:25:c0:41:7f:86:e3:e4:63:43:bf:b2:e0:
21:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:21:9B:E9:04:E0:9C:F2:4D:5D:72:25:BE:0A:3A:FA:4F:B3:E2:CE
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/yiGb6QTgnPJNXXIlvgo6-k-z4s4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:82b0::/48
Signature Algorithm: sha256WithRSAEncryption
28:94:5d:6f:23:da:17:ef:ce:4a:05:05:1b:dd:b1:27:ec:09:
91:bd:84:30:ab:bb:01:a0:85:28:da:cd:89:b4:29:91:5e:86:
79:65:16:68:27:d1:d3:0a:15:a7:33:ef:40:a6:65:38:a1:4d:
64:78:7a:a2:a3:f5:8a:ae:83:d6:de:ef:1c:ab:bc:92:a4:14:
5c:6f:7f:79:dc:2a:97:ff:94:fa:ae:cc:a3:58:0c:26:4e:6b:
a2:87:65:ba:df:51:19:b9:80:37:83:67:28:01:7d:e1:d3:84:
9d:64:76:12:3d:4e:83:41:33:6a:4d:c4:50:ee:85:bd:ce:09:
25:dc:4a:7c:cb:ec:28:74:73:ce:71:38:e7:36:d0:79:a9:41:
09:73:82:e3:af:ad:13:b7:df:12:3f:c1:61:d0:02:9b:1f:86:
7f:18:a2:5c:c5:85:3d:d6:b0:e0:da:64:92:5f:0b:08:d2:21:
77:27:14:37:d0:8d:1b:f7:5a:02:57:40:64:de:2b:39:95:28:
74:14:a5:cf:d4:2a:c5:57:e4:be:9c:48:84:8b:cc:fb:8d:85:
71:3d:8b:b9:82:e0:5f:73:14:e3:73:b1:a9:bb:e2:b0:da:a9:
90:e7:f3:cb:b4:b8:60:9e:31:2d:54:d0:78:a9:a4:e1:9a:da:
36:9a:97:9d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyRruKNAjOnx0+L8CVNjiVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwMTAyMTEzODM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTIxOWJlOTA0ZTA5Y2YyNGQ1ZDcyMjViZTBhM2FmYTRmYjNlMmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2boHD/P84B0+1NeoJihSJccflri
ASqOgUQLvmmbDdqh5qtrwg5XJHpwM4c2OYkJPuaOpPm9jDfdXoCq6tYGH3J9O8Lv
iJtoXsXnQsm2hOXZZnA7cCm4rMCaUUIK2IQRC6dejrvAUsgEZBxhC8Z8Hm4s5GxH
EviPai+QTR3sgGdX4BlGNhfcdZDrlpoNqChdA6Q9LbTVvV15ZoVvoiKQfMGHPYsK
X0ZWdSDYo017VpojwQBagObwoUo0jbr68V3Bv8cv4EDGJ16fDyeJzQRpPlHIevm0
hxOxctogTvAfABQcJfYi4mIcihAzIsZFaJ6qRF8lwEF/huPkY0O/suAhYwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMohm+kE4JzyTV1yJb4KOvpPs+LOMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEveWlHYjZRVGduUEpOWFhJbHZnbzYtay16NHM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQIKw
MA0GCSqGSIb3DQEBCwUAA4IBAQAolF1vI9oX785KBQUb3bEn7AmRvYQwq7sBoIUo
2s2JtCmRXoZ5ZRZoJ9HTChWnM+9ApmU4oU1keHqio/WKroPW3u8cq7ySpBRcb395
3CqX/5T6rsyjWAwmTmuih2W631EZuYA3g2coAX3h04SdZHYSPU6DQTNqTcRQ7oW9
zgkl3Ep8y+wodHPOcTjnNtB5qUEJc4Ljr60Tt98SP8Fh0AKbH4Z/GKJcxYU91rDg
2mSSXwsI0iF3JxQ30I0b91oCV0Bk3is5lSh0FKXP1CrFV+S+nEiEi8z7jYVxPYu5
guBfcxTjc7Gpu+Kw2qmQ5/PLtLhgnjEtVNB4qaThmto2mped
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:19 2024 by rpki-client on console-ams.rpki-client.org