Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/6d854c-c513-4290-95d4-93f9aefeeb12/1/Aoyw2DTDL4OHp1_dlEAE98f5Ttw.roa
File: Aoyw2DTDL4OHp1_dlEAE98f5Ttw.roa (raw, json)
Hash identifier: QwWhJaK+lnviJao7X+Dolhdigs9hD0rbJczIIq+OXTM=
Subject key identifier: 02:8C:B0:D8:34:C3:2F:83:87:A7:5F:DD:94:40:04:F7:C7:F9:4E:DC
Certificate issuer: /CN=2bc27de0816f7e0b87a733dd3199089e537f261c
Certificate serial: 01856F94CA2AB2726E2855D7E2E3C2A450C2
Authority key identifier: 2B:C2:7D:E0:81:6F:7E:0B:87:A7:33:DD:31:99:08:9E:53:7F:26:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K8J94IFvfguHpzPdMZkInlN_Jhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/6d854c-c513-4290-95d4-93f9aefeeb12/1/Aoyw2DTDL4OHp1_dlEAE98f5Ttw.roa
Signing time: Sun 01 Jan 2023 23:04:59 +0000
ROA not before: Sun 01 Jan 2023 23:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201395
IP address blocks: 2001:678:740::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:ca:2a:b2:72:6e:28:55:d7:e2:e3:c2:a4:50:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2bc27de0816f7e0b87a733dd3199089e537f261c
Validity
Not Before: Jan 1 23:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=028cb0d834c32f8387a75fdd944004f7c7f94edc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:ea:ab:73:0e:6f:73:77:2d:5a:a5:fe:c4:bd:
06:73:64:01:70:a8:86:ab:f2:73:45:07:69:ff:7e:
dd:13:94:01:94:e2:f8:eb:43:cd:2e:e1:3d:b2:a9:
1a:3c:63:7f:a9:cc:38:e6:f1:66:42:7b:ff:07:fb:
55:38:bc:5b:6d:f9:97:11:bf:55:6a:8c:85:cb:c3:
32:2b:d3:45:e1:8b:ed:8c:10:9e:f1:d7:10:b6:b5:
49:0c:5f:4a:78:7a:00:b2:d9:70:09:24:6e:b3:be:
8b:92:e3:19:a5:09:5b:55:09:ca:1a:72:b4:3a:fe:
cf:b4:24:37:f8:bb:9f:45:bb:21:16:94:52:06:da:
65:f7:a3:09:33:05:9a:e4:8d:6a:ca:27:61:c5:78:
04:89:74:08:4d:f8:d0:b8:7c:b3:ee:20:66:88:dd:
6a:dd:ca:07:22:15:e5:fe:b4:65:e5:f7:1d:3f:71:
d3:bd:7f:45:ef:f8:c5:d3:29:e7:55:ed:ea:d5:cd:
91:95:35:87:80:71:10:98:13:10:50:5d:4a:62:13:
6e:1f:e8:3e:4b:01:5c:26:69:d3:19:c2:be:cf:0a:
f5:62:ee:11:bd:f3:40:8b:52:60:64:00:45:66:f7:
4a:c5:38:c5:ba:f9:26:8b:08:eb:60:f5:91:27:6c:
36:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:8C:B0:D8:34:C3:2F:83:87:A7:5F:DD:94:40:04:F7:C7:F9:4E:DC
X509v3 Authority Key Identifier:
keyid:2B:C2:7D:E0:81:6F:7E:0B:87:A7:33:DD:31:99:08:9E:53:7F:26:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K8J94IFvfguHpzPdMZkInlN_Jhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/6d854c-c513-4290-95d4-93f9aefeeb12/1/Aoyw2DTDL4OHp1_dlEAE98f5Ttw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/6d854c-c513-4290-95d4-93f9aefeeb12/1/K8J94IFvfguHpzPdMZkInlN_Jhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:740::/48
Signature Algorithm: sha256WithRSAEncryption
3b:0d:d1:9e:4f:72:48:5f:b0:ca:13:9b:54:4e:52:1c:1a:a9:
39:6f:ed:05:a8:be:db:55:28:03:1f:d1:a4:36:8b:47:a4:4a:
60:e4:6f:16:2f:ad:1f:b4:71:c0:3c:ff:5e:31:41:e9:ad:3e:
c1:f0:38:af:6a:fa:0e:4a:55:eb:93:a0:0a:ab:38:71:00:94:
19:eb:12:0d:a8:e4:69:59:5c:5d:ae:74:3f:d3:99:42:40:8f:
f2:79:67:92:3f:68:60:b1:23:c6:ab:e3:59:58:49:1c:71:50:
07:d6:ec:d1:84:be:ab:df:ae:9c:24:40:1b:fe:04:87:f1:45:
28:24:ee:f8:ab:fd:3b:5a:57:18:a1:d2:0e:57:25:dc:48:4e:
19:1f:0e:3e:d5:27:db:0c:58:b5:ef:33:1e:c5:df:f4:ec:a3:
74:d5:85:5d:54:38:22:18:59:30:f7:66:38:82:e6:f4:d4:8f:
4f:e8:09:73:5d:58:44:09:82:2e:c1:86:d7:e9:43:26:ea:d7:
aa:e9:ce:b4:ac:6e:25:44:a6:5c:6c:4a:a5:66:64:22:56:b3:
b0:2f:1b:e3:b0:c6:3b:4d:e5:6e:b7:12:6e:fd:85:d6:d0:42:
fe:16:06:62:5d:3a:0d:07:22:90:24:70:43:bb:e9:c5:bf:bd:
4d:b5:76:a7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvlMoqsnJuKFXX4uPCpFDCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiYzI3ZGUwODE2ZjdlMGI4N2E3MzNkZDMxOTkwODllNTM3
ZjI2MWMwHhcNMjMwMTAxMjMwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjhjYjBkODM0YzMyZjgzODdhNzVmZGQ5NDQwMDRmN2M3Zjk0ZWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Oqrcw5vc3ctWqX+xL0Gc2QBcKiG
q/JzRQdp/37dE5QBlOL460PNLuE9sqkaPGN/qcw45vFmQnv/B/tVOLxbbfmXEb9V
aoyFy8MyK9NF4YvtjBCe8dcQtrVJDF9KeHoAstlwCSRus76LkuMZpQlbVQnKGnK0
Ov7PtCQ3+LufRbshFpRSBtpl96MJMwWa5I1qyidhxXgEiXQITfjQuHyz7iBmiN1q
3coHIhXl/rRl5fcdP3HTvX9F7/jF0ynnVe3q1c2RlTWHgHEQmBMQUF1KYhNuH+g+
SwFcJmnTGcK+zwr1Yu4RvfNAi1JgZABFZvdKxTjFuvkmiwjrYPWRJ2w2XwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAKMsNg0wy+Dh6df3ZRABPfH+U7cMB8GA1UdIwQY
MBaAFCvCfeCBb34Lh6cz3TGZCJ5TfyYcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzhKOTRJRnZmZ3VIcHpQZE1aa0lubE5fSmh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy82ZDg1NGMtYzUxMy00MjkwLTk1ZDQt
OTNmOWFlZmVlYjEyLzEvQW95dzJEVERMNE9IcDFfZGxFQUU5OGY1VHR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy82ZDg1NGMtYzUxMy00MjkwLTk1ZDQtOTNmOWFlZmVlYjEy
LzEvSzhKOTRJRnZmZ3VIcHpQZE1aa0lubE5fSmh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAdA
MA0GCSqGSIb3DQEBCwUAA4IBAQA7DdGeT3JIX7DKE5tUTlIcGqk5b+0FqL7bVSgD
H9GkNotHpEpg5G8WL60ftHHAPP9eMUHprT7B8DivavoOSlXrk6AKqzhxAJQZ6xIN
qORpWVxdrnQ/05lCQI/yeWeSP2hgsSPGq+NZWEkccVAH1uzRhL6r366cJEAb/gSH
8UUoJO74q/07WlcYodIOVyXcSE4ZHw4+1SfbDFi17zMexd/07KN01YVdVDgiGFkw
92Y4gub01I9P6AlzXVhECYIuwYbX6UMm6teq6c60rG4lRKZcbEqlZmQiVrOwLxvj
sMY7TeVutxJu/YXW0EL+FgZiXToNByKQJHBDu+nFv71NtXan
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:10:45 2024 by rpki-client on console-ams.rpki-client.org