Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/a074e2-66ea-43cc-94a7-b380453267f9/1/O_8BdKMcMJnRG-1CVucqQ2U7KvE.roa
File: O_8BdKMcMJnRG-1CVucqQ2U7KvE.roa (raw, json)
Hash identifier: jpvuC88Wb9dMDJ/C/gw9ctIzOpzk7V7xM/OyKqukX2s=
Subject key identifier: 3B:FF:01:74:A3:1C:30:99:D1:1B:ED:42:56:E7:2A:43:65:3B:2A:F1
Certificate issuer: /CN=41d14f28f98d3bdcc45e19226f1f56170e312abf
Certificate serial: 018570FBA455875C4EA6DE68218101EE62B2
Authority key identifier: 41:D1:4F:28:F9:8D:3B:DC:C4:5E:19:22:6F:1F:56:17:0E:31:2A:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QdFPKPmNO9zEXhkibx9WFw4xKr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/a074e2-66ea-43cc-94a7-b380453267f9/1/O_8BdKMcMJnRG-1CVucqQ2U7KvE.roa
Signing time: Mon 02 Jan 2023 05:36:57 +0000
ROA not before: Mon 02 Jan 2023 05:36:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200924
IP address blocks: 2001:67c:2a10::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:a4:55:87:5c:4e:a6:de:68:21:81:01:ee:62:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41d14f28f98d3bdcc45e19226f1f56170e312abf
Validity
Not Before: Jan 2 05:36:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bff0174a31c3099d11bed4256e72a43653b2af1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:19:e7:3c:a7:18:c5:43:ca:f1:05:0e:0e:8b:
e2:3e:89:c7:21:bb:5d:e4:63:b3:10:9c:2d:b8:93:
6e:2c:2c:97:cd:26:2b:ca:8c:67:5a:67:78:6c:1d:
d1:eb:d3:65:44:e2:76:19:6c:0b:b4:2c:8e:fa:92:
25:6c:d7:97:a1:22:74:ee:3c:65:76:96:41:17:e6:
aa:8a:c4:38:36:72:47:1c:1b:40:e1:df:1a:f7:6e:
e7:ce:b1:84:8d:7c:61:d3:df:fe:31:25:50:8e:93:
6f:2b:0a:91:81:d1:07:48:a9:70:ea:13:64:0d:22:
86:2e:c9:1c:05:c1:c2:59:fb:cf:79:06:26:be:b7:
21:9e:0a:ac:17:66:5e:bd:52:1b:d8:e0:02:3c:f2:
d7:2e:5a:1a:90:e6:dd:aa:7e:23:3c:3f:7e:79:d7:
f2:67:d3:57:18:5e:97:47:bb:98:81:71:d4:c3:ae:
e7:46:fb:d2:1c:71:8d:50:af:08:01:2c:4f:ca:61:
2f:30:fd:e2:b1:1d:5c:69:93:73:9c:fe:c6:f1:32:
9c:d3:61:c7:88:74:69:5d:02:e6:3a:92:d8:12:0b:
61:32:eb:5b:1d:e1:a4:3c:d4:5e:4c:11:18:35:90:
4e:12:8d:52:90:81:df:54:a5:fc:96:ff:b6:ac:7c:
24:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:FF:01:74:A3:1C:30:99:D1:1B:ED:42:56:E7:2A:43:65:3B:2A:F1
X509v3 Authority Key Identifier:
keyid:41:D1:4F:28:F9:8D:3B:DC:C4:5E:19:22:6F:1F:56:17:0E:31:2A:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QdFPKPmNO9zEXhkibx9WFw4xKr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/a074e2-66ea-43cc-94a7-b380453267f9/1/O_8BdKMcMJnRG-1CVucqQ2U7KvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/a074e2-66ea-43cc-94a7-b380453267f9/1/QdFPKPmNO9zEXhkibx9WFw4xKr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2a10::/48
Signature Algorithm: sha256WithRSAEncryption
0a:3a:b4:ac:d5:82:92:3c:20:2d:ca:f3:5f:24:23:db:43:72:
fa:54:3c:90:04:e1:61:7b:82:26:1f:03:a5:78:8b:85:38:33:
81:f8:9d:c4:47:c8:1a:84:89:a8:fb:91:26:26:b2:2f:cf:71:
4f:1d:cb:50:b6:79:a4:94:cb:3e:e6:fd:40:5b:ea:7b:d0:7a:
3b:fa:d5:87:c7:86:7b:e6:79:a5:38:1c:50:c5:12:12:b5:73:
f3:46:ca:f9:db:16:a3:3a:ea:9f:9c:7d:b0:e1:cb:4e:b3:ec:
34:bc:f9:0e:1f:c3:f3:50:a7:2c:e4:73:d0:32:1a:5e:56:39:
e2:4f:e9:35:33:84:42:c8:a3:72:52:0b:f1:a3:d5:1f:19:79:
c4:f0:81:ec:fc:cb:68:2e:0c:03:d0:68:9a:c0:79:e2:97:84:
d9:93:ba:db:52:21:02:78:e0:0b:a1:52:ec:56:f7:52:de:02:
88:7e:8c:26:1f:42:ce:ef:ea:82:5e:97:68:3f:41:fa:d6:47:
32:69:70:92:7f:f5:00:c1:4c:b3:6e:6c:e7:62:4f:8e:f9:5e:
8a:08:7a:a1:15:f7:4f:a4:10:0a:d9:1e:c6:8a:4b:07:c1:0f:
a2:b3:5e:93:72:6e:f5:56:b0:4d:6a:2a:d4:09:01:6a:de:e6:
bd:15:72:55
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw+6RVh1xOpt5oIYEB7mKyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZDE0ZjI4Zjk4ZDNiZGNjNDVlMTkyMjZmMWY1NjE3MGUz
MTJhYmYwHhcNMjMwMTAyMDUzNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmZmMDE3NGEzMWMzMDk5ZDExYmVkNDI1NmU3MmE0MzY1M2IyYWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxnnPKcYxUPK8QUODoviPonHIbtd
5GOzEJwtuJNuLCyXzSYryoxnWmd4bB3R69NlROJ2GWwLtCyO+pIlbNeXoSJ07jxl
dpZBF+aqisQ4NnJHHBtA4d8a927nzrGEjXxh09/+MSVQjpNvKwqRgdEHSKlw6hNk
DSKGLskcBcHCWfvPeQYmvrchngqsF2ZevVIb2OACPPLXLloakObdqn4jPD9+edfy
Z9NXGF6XR7uYgXHUw67nRvvSHHGNUK8IASxPymEvMP3isR1caZNznP7G8TKc02HH
iHRpXQLmOpLYEgthMutbHeGkPNReTBEYNZBOEo1SkIHfVKX8lv+2rHwkEwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDv/AXSjHDCZ0RvtQlbnKkNlOyrxMB8GA1UdIwQY
MBaAFEHRTyj5jTvcxF4ZIm8fVhcOMSq/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWRGUEtQbU5POXpFWGhraWJ4OVdGdzR4S3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9hMDc0ZTItNjZlYS00M2NjLTk0YTct
YjM4MDQ1MzI2N2Y5LzEvT184QmRLTWNNSm5SRy0xQ1Z1Y3FRMlU3S3ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9hMDc0ZTItNjZlYS00M2NjLTk0YTctYjM4MDQ1MzI2N2Y5
LzEvUWRGUEtQbU5POXpFWGhraWJ4OVdGdzR4S3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCoQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAKOrSs1YKSPCAtyvNfJCPbQ3L6VDyQBOFhe4Im
HwOleIuFODOB+J3ER8gahImo+5EmJrIvz3FPHctQtnmklMs+5v1AW+p70Ho7+tWH
x4Z75nmlOBxQxRIStXPzRsr52xajOuqfnH2w4ctOs+w0vPkOH8PzUKcs5HPQMhpe
VjniT+k1M4RCyKNyUgvxo9UfGXnE8IHs/MtoLgwD0GiawHnil4TZk7rbUiECeOAL
oVLsVvdS3gKIfowmH0LO7+qCXpdoP0H61kcyaXCSf/UAwUyzbmznYk+O+V6KCHqh
FfdPpBAK2R7GiksHwQ+is16Tcm71VrBNairUCQFq3ua9FXJV
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:39:59 2024 by rpki-client on console-ams.rpki-client.org