Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/1-kxAFq-zAHJ5bn93gM3EaE9tM54.roa
File: 1-kxAFq-zAHJ5bn93gM3EaE9tM54.roa (raw, json)
Hash identifier: p0LAE83ZnVftUsElUd0crh7y0UT3Wk5Ao4NT09SZWjM=
Subject key identifier: FA:4C:40:16:AF:B3:00:72:79:6E:7F:77:80:CD:C4:68:4F:6D:33:9E
Certificate issuer: /CN=d34fa6be3f5c38f4bb7e062b6707747f4961a048
Certificate serial: 01856BAED3C970BD3F3B0615D5BD5D6A75E1
Authority key identifier: D3:4F:A6:BE:3F:5C:38:F4:BB:7E:06:2B:67:07:74:7F:49:61:A0:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/00-mvj9cOPS7fgYrZwd0f0lhoEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/1-kxAFq-zAHJ5bn93gM3EaE9tM54.roa
Signing time: Sun 01 Jan 2023 04:54:57 +0000
ROA not before: Sun 01 Jan 2023 04:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 2a11:9c80::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ae:d3:c9:70:bd:3f:3b:06:15:d5:bd:5d:6a:75:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d34fa6be3f5c38f4bb7e062b6707747f4961a048
Validity
Not Before: Jan 1 04:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa4c4016afb30072796e7f7780cdc4684f6d339e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ae:57:b3:05:46:4d:01:f2:20:ad:56:5f:31:
0f:35:af:99:c9:a2:aa:53:29:63:18:58:53:1d:35:
d0:79:63:cf:7f:2b:b1:72:2f:aa:d4:2f:d7:ff:ef:
05:5d:ca:dc:e5:8c:ad:48:38:c3:0a:d3:7c:2d:31:
87:ce:7e:be:d5:49:48:a4:7b:c0:43:09:25:d9:ef:
22:3b:62:95:00:86:53:1a:00:c1:78:33:fc:e3:74:
6d:1f:39:ce:31:79:86:48:7c:f0:03:33:8d:b5:80:
69:a3:9e:49:01:b2:6e:ca:e9:b0:3d:43:b5:42:ed:
d1:5e:83:0d:7e:7d:02:d3:64:f6:5f:dc:0d:b0:dc:
31:34:63:f9:fc:27:70:d8:32:fd:e7:91:59:ab:8f:
77:f2:3c:54:11:e7:cd:3c:4b:7b:25:d5:1a:6c:2c:
e0:a7:64:b6:5b:25:63:fd:35:7c:6d:55:52:f9:fd:
df:23:65:fa:8a:2f:55:ae:bd:cb:d9:8f:cb:dd:37:
ff:67:c0:d8:be:03:73:4c:48:fc:34:84:8a:83:fa:
fc:91:d9:35:08:eb:53:05:3a:7b:02:ca:0c:c8:e3:
89:7f:d7:c4:2c:56:52:2e:fc:b1:0a:f6:96:9b:7e:
10:b4:68:c5:7a:ae:aa:93:1f:83:2f:d7:12:05:87:
88:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:4C:40:16:AF:B3:00:72:79:6E:7F:77:80:CD:C4:68:4F:6D:33:9E
X509v3 Authority Key Identifier:
keyid:D3:4F:A6:BE:3F:5C:38:F4:BB:7E:06:2B:67:07:74:7F:49:61:A0:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/00-mvj9cOPS7fgYrZwd0f0lhoEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/1-kxAFq-zAHJ5bn93gM3EaE9tM54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/00-mvj9cOPS7fgYrZwd0f0lhoEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:9c80::/29
Signature Algorithm: sha256WithRSAEncryption
38:ef:61:35:5d:70:d7:6d:58:91:cd:ec:e4:08:31:a4:c8:0d:
e5:d3:ac:ba:c8:9b:f0:3a:a5:3f:85:ce:ef:1f:d7:3c:13:5d:
6a:70:b1:ef:4e:e5:0d:53:1f:d9:a8:c1:fd:81:e3:de:0a:46:
f2:12:24:81:cc:0c:4a:cc:7b:2f:ca:0f:ba:37:bd:50:7a:65:
1e:45:33:c4:32:5a:34:6d:d4:c9:16:0e:5b:6b:9d:3c:66:e8:
af:2a:44:2b:81:cc:6e:a3:14:d6:65:89:9f:d3:63:12:5c:4f:
2a:2f:ed:bb:30:20:65:18:2c:a8:60:1f:98:72:e4:10:08:4a:
38:89:21:ee:cc:b6:73:4f:df:d3:ca:ca:9e:87:90:c5:6d:13:
1b:cf:15:0b:f4:cb:a7:1f:f5:4b:3e:3e:b6:e2:1a:9b:e3:03:
18:62:2b:d7:67:f6:58:c9:69:f0:cb:de:81:8a:7a:22:61:29:
1d:68:fa:bf:21:12:dd:5e:4c:7e:14:68:5f:b2:52:ac:69:bb:
78:af:54:a2:5d:08:06:05:8a:2e:36:f7:15:0a:35:94:bd:73:
44:58:53:04:ad:16:4d:3b:27:20:06:15:c6:77:2b:58:60:4a:
34:cb:95:50:b5:e5:5e:2f:71:3a:8f:39:0a:17:d3:dc:6a:b7:
67:23:ec:92
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVrrtPJcL0/OwYV1b1danXhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNGZhNmJlM2Y1YzM4ZjRiYjdlMDYyYjY3MDc3NDdmNDk2
MWEwNDgwHhcNMjMwMTAxMDQ1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTRjNDAxNmFmYjMwMDcyNzk2ZTdmNzc4MGNkYzQ2ODRmNmQzMzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkq5XswVGTQHyIK1WXzEPNa+ZyaKq
UyljGFhTHTXQeWPPfyuxci+q1C/X/+8FXcrc5YytSDjDCtN8LTGHzn6+1UlIpHvA
Qwkl2e8iO2KVAIZTGgDBeDP843RtHznOMXmGSHzwAzONtYBpo55JAbJuyumwPUO1
Qu3RXoMNfn0C02T2X9wNsNwxNGP5/Cdw2DL955FZq4938jxUEefNPEt7JdUabCzg
p2S2WyVj/TV8bVVS+f3fI2X6ii9Vrr3L2Y/L3Tf/Z8DYvgNzTEj8NISKg/r8kdk1
COtTBTp7AsoMyOOJf9fELFZSLvyxCvaWm34QtGjFeq6qkx+DL9cSBYeIjwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPpMQBavswByeW5/d4DNxGhPbTOeMB8GA1UdIwQY
MBaAFNNPpr4/XDj0u34GK2cHdH9JYaBIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDAtbXZqOWNPUFM3ZmdZclp3ZDBmMGxob0VnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8zYmM3MDctNzZlNy00OTg3LWJlZmEt
OTgxMTg0ZGVlMTMxLzEvMS1reEFGcS16QUhKNWJuOTNnTTNFYUU5dE01NC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDQvM2JjNzA3LTc2ZTctNDk4Ny1iZWZhLTk4MTE4NGRlZTEz
MS8xLzAwLW12ajljT1BTN2ZnWXJad2QwZjBsaG9FZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoRnIAw
DQYJKoZIhvcNAQELBQADggEBADjvYTVdcNdtWJHN7OQIMaTIDeXTrLrIm/A6pT+F
zu8f1zwTXWpwse9O5Q1TH9mowf2B494KRvISJIHMDErMey/KD7o3vVB6ZR5FM8Qy
WjRt1MkWDltrnTxm6K8qRCuBzG6jFNZliZ/TYxJcTyov7bswIGUYLKhgH5hy5BAI
SjiJIe7MtnNP39PKyp6HkMVtExvPFQv0y6cf9Us+PrbiGpvjAxhiK9dn9ljJafDL
3oGKeiJhKR1o+r8hEt1eTH4UaF+yUqxpu3ivVKJdCAYFii429xUKNZS9c0RYUwSt
Fk07JyAGFcZ3K1hgSjTLlVC15V4vcTqPOQoX09xqt2cj7JI=
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:23 2024 by rpki-client on console-ams.rpki-client.org