Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/1t5k6kMciRd9SfcFuiTcDSDxyzo.roa
File: 1t5k6kMciRd9SfcFuiTcDSDxyzo.roa (raw, json)
Hash identifier: Aa0fhfX8AtCErzgTLWIj8tFVKVzmOd4/RR9iwNwwKXA=
Subject key identifier: D6:DE:64:EA:43:1C:89:17:7D:49:F7:05:BA:24:DC:0D:20:F1:CB:3A
Certificate issuer: /CN=21cb2ac377fc603f95faecc54ac7d590f2cc319d
Certificate serial: 018BB34E55AEEC97B5F69362A1B1FA8C22AE
Authority key identifier: 21:CB:2A:C3:77:FC:60:3F:95:FA:EC:C5:4A:C7:D5:90:F2:CC:31:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/1t5k6kMciRd9SfcFuiTcDSDxyzo.roa
Signing time: Thu 09 Nov 2023 08:58:57 +0000
ROA not before: Thu 09 Nov 2023 08:58:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 2a0a:2f80::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b3:4e:55:ae:ec:97:b5:f6:93:62:a1:b1:fa:8c:22:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21cb2ac377fc603f95faecc54ac7d590f2cc319d
Validity
Not Before: Nov 9 08:58:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6de64ea431c89177d49f705ba24dc0d20f1cb3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a4:20:cc:9d:af:fa:b0:db:6d:7d:e3:36:66:
ec:e3:7a:39:6f:09:6b:bf:00:c5:bf:12:af:6e:75:
41:09:e2:10:fa:bf:a9:65:12:37:0d:25:90:98:79:
1d:5f:c6:42:b2:8c:99:4e:11:c2:9b:34:f1:8d:a4:
27:b8:6b:93:cd:61:8e:df:1c:d5:f9:28:fd:c5:62:
e6:5e:47:9f:b8:cc:e0:17:59:c5:ac:b5:98:cc:d5:
ac:22:3c:45:e0:78:15:32:c3:f6:d7:c0:6f:1a:40:
6e:36:5e:7b:93:53:5f:fa:ce:9b:e0:9b:7c:6e:1d:
c4:30:45:95:74:29:70:6e:26:e6:ec:c3:ee:88:47:
6b:a1:93:3d:45:93:4a:ec:93:38:fe:79:0b:36:05:
86:2f:ac:62:f3:6c:13:39:4e:f2:3d:cc:92:a6:fe:
59:6a:82:f5:e5:4c:7b:b1:53:52:4f:e4:2e:bc:bd:
a1:b7:f4:7c:ed:14:30:84:ab:d6:9f:d1:ba:d8:82:
6f:d8:90:4f:b3:68:80:e4:8e:13:99:91:48:1b:90:
dc:c1:39:c3:06:bd:33:44:9a:0b:39:6b:61:a6:21:
67:62:7f:2f:c4:ec:38:47:c9:c9:7f:82:ca:af:02:
a3:a5:9b:0f:9a:68:11:a8:d8:3d:aa:65:5e:f4:e6:
a4:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:DE:64:EA:43:1C:89:17:7D:49:F7:05:BA:24:DC:0D:20:F1:CB:3A
X509v3 Authority Key Identifier:
keyid:21:CB:2A:C3:77:FC:60:3F:95:FA:EC:C5:4A:C7:D5:90:F2:CC:31:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/1t5k6kMciRd9SfcFuiTcDSDxyzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2f80::/32
Signature Algorithm: sha256WithRSAEncryption
4f:34:72:8e:bc:c3:e5:ca:39:a4:7a:78:ec:ff:5a:f2:33:b2:
67:63:32:10:fc:de:3b:32:42:da:fa:cf:83:bd:73:a5:4c:91:
58:08:d0:cb:6e:dd:95:c9:c7:99:2c:b4:24:2f:ab:2d:66:9d:
d3:7b:4c:0e:14:d2:86:7d:43:92:e0:82:a8:0b:70:e1:33:a0:
5f:dd:59:cd:50:8c:ad:64:92:25:f0:a7:99:f8:1b:02:47:64:
0e:95:a4:25:53:30:37:89:b4:16:55:64:5a:ca:a9:d5:e4:c3:
41:9c:10:13:26:ec:dd:5e:2b:e0:df:14:04:be:05:5e:c3:77:
6e:9a:c6:db:61:16:be:4d:da:17:ee:e6:f1:5c:62:7c:f7:b7:
e0:1c:46:4c:22:17:3c:5f:e2:38:25:25:c6:80:86:2e:a9:31:
24:92:c7:11:be:5d:b2:ca:8a:06:b0:cc:29:58:43:6b:09:93:
ab:10:4e:fb:3c:fb:3c:22:eb:ef:2f:e6:46:78:c4:aa:cc:57:
5b:c4:61:48:a0:d8:86:b9:cf:a6:85:7b:4a:b0:37:c8:6e:c0:
94:f0:d3:ca:78:60:bb:96:3f:73:9c:ef:83:be:eb:f3:62:35:
8d:98:e9:45:6f:eb:8e:05:dd:77:4e:06:74:d4:b9:bc:02:8b:
6a:6a:9a:bb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYuzTlWu7Je19pNiobH6jCKuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxY2IyYWMzNzdmYzYwM2Y5NWZhZWNjNTRhYzdkNTkwZjJj
YzMxOWQwHhcNMjMxMTA5MDg1ODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmRlNjRlYTQzMWM4OTE3N2Q0OWY3MDViYTI0ZGMwZDIwZjFjYjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqQgzJ2v+rDbbX3jNmbs43o5bwlr
vwDFvxKvbnVBCeIQ+r+pZRI3DSWQmHkdX8ZCsoyZThHCmzTxjaQnuGuTzWGO3xzV
+Sj9xWLmXkefuMzgF1nFrLWYzNWsIjxF4HgVMsP218BvGkBuNl57k1Nf+s6b4Jt8
bh3EMEWVdClwbibm7MPuiEdroZM9RZNK7JM4/nkLNgWGL6xi82wTOU7yPcySpv5Z
aoL15Ux7sVNST+QuvL2ht/R87RQwhKvWn9G62IJv2JBPs2iA5I4TmZFIG5DcwTnD
Br0zRJoLOWthpiFnYn8vxOw4R8nJf4LKrwKjpZsPmmgRqNg9qmVe9OakKwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNbeZOpDHIkXfUn3Bbok3A0g8cs6MB8GA1UdIwQY
MBaAFCHLKsN3/GA/lfrsxUrH1ZDyzDGdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWNzcXczZjhZRC1WLXV6RlNzZlZrUExNTVowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy82N2MyMWQtMGU5Mi00MjQyLTk5NGUt
ZmI0MGQ2ZGEyNDY4LzEvMXQ1azZrTWNpUmQ5U2ZjRnVpVGNEU0R4eXpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy82N2MyMWQtMGU5Mi00MjQyLTk5NGUtZmI0MGQ2ZGEyNDY4
LzEvSWNzcXczZjhZRC1WLXV6RlNzZlZrUExNTVowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgovgDAN
BgkqhkiG9w0BAQsFAAOCAQEATzRyjrzD5co5pHp47P9a8jOyZ2MyEPzeOzJC2vrP
g71zpUyRWAjQy27dlcnHmSy0JC+rLWad03tMDhTShn1DkuCCqAtw4TOgX91ZzVCM
rWSSJfCnmfgbAkdkDpWkJVMwN4m0FlVkWsqp1eTDQZwQEybs3V4r4N8UBL4FXsN3
bprG22EWvk3aF+7m8VxifPe34BxGTCIXPF/iOCUlxoCGLqkxJJLHEb5dssqKBrDM
KVhDawmTqxBO+zz7PCLr7y/mRnjEqsxXW8RhSKDYhrnPpoV7SrA3yG7AlPDTynhg
u5Y/c5zvg77r82I1jZjpRW/rjgXdd04GdNS5vAKLamqauw==
-----END CERTIFICATE-----
Generated at Thu Nov 9 09:56:11 2023 by rpki-client on console-ams.rpki-client.org