Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/JQpAw8anxEMh1mTM1GqOoMliGzI.roa
File: JQpAw8anxEMh1mTM1GqOoMliGzI.roa (raw, json)
Hash identifier: 5IABazXLVAj24RN4jUa5rnTf7A8CCzPwecsdDygdMMo=
Subject key identifier: 25:0A:40:C3:C6:A7:C4:43:21:D6:64:CC:D4:6A:8E:A0:C9:62:1B:32
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 01856CAF0466C8C31F1BF8666EDF66EE6224
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/JQpAw8anxEMh1mTM1GqOoMliGzI.roa
Signing time: Sun 01 Jan 2023 09:34:47 +0000
ROA not before: Sun 01 Jan 2023 09:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61102
IP address blocks: 2a03:f80:972::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:04:66:c8:c3:1f:1b:f8:66:6e:df:66:ee:62:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 09:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=250a40c3c6a7c44321d664ccd46a8ea0c9621b32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:c7:42:2a:de:b9:ff:c1:ee:71:30:07:0b:81:
a5:5f:0e:55:18:66:51:01:94:df:c2:56:9c:1f:89:
16:c5:ff:dd:dd:ca:9b:1f:47:9e:77:d1:3f:7b:26:
24:26:59:e4:e9:3b:94:d4:dd:9a:30:99:49:a5:be:
8d:54:22:dc:b3:63:50:ca:36:c5:10:2d:04:28:c1:
07:f4:a8:1d:4e:5d:49:b9:01:f7:0f:69:ac:c9:6c:
e0:96:42:5b:a2:69:79:2b:c5:f3:49:27:00:a3:d2:
0c:9a:d5:a1:c1:34:08:ae:2d:e1:4b:60:f4:92:3f:
21:fe:34:16:4d:e5:9e:56:35:b2:99:fb:26:5c:82:
53:45:63:67:d9:ad:5d:9b:db:8d:db:4e:a5:e6:f4:
47:5e:31:61:e9:10:6f:3a:1c:25:14:66:95:f8:67:
2e:ca:fb:61:47:4e:4c:07:29:ec:ff:ea:49:a2:14:
e1:37:71:32:a0:8a:07:75:0a:25:b3:f2:55:5f:78:
55:8d:0a:38:62:2a:03:3e:ad:ed:c8:55:c1:62:88:
b1:1a:ad:80:b9:95:3e:69:98:b4:de:a3:9f:c2:02:
19:1e:4b:92:06:ac:c9:d7:9f:45:6b:64:ab:21:82:
16:35:3e:87:10:c5:92:33:c3:a9:0b:7d:df:92:5a:
83:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:0A:40:C3:C6:A7:C4:43:21:D6:64:CC:D4:6A:8E:A0:C9:62:1B:32
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/JQpAw8anxEMh1mTM1GqOoMliGzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:f80:972::/48
Signature Algorithm: sha256WithRSAEncryption
b1:83:7c:7b:ab:4f:78:5b:a5:70:d1:ad:05:d6:e1:30:ff:f3:
8f:64:15:75:f8:fd:6d:dd:4a:0b:5a:4c:e6:ad:c1:65:61:c4:
3b:54:b1:54:7e:5a:28:89:3c:c1:ba:77:00:68:da:f0:aa:65:
7f:d0:9b:e8:b8:b9:74:1d:96:30:35:5a:d6:69:12:46:2b:52:
1c:cb:c7:89:b7:26:9c:31:14:f4:20:47:02:b0:7b:4c:9a:a6:
47:30:47:39:23:cc:e8:55:65:a2:a5:46:25:f4:c2:6f:6c:82:
19:99:af:7f:11:f3:af:49:4e:0a:6f:7f:00:ef:7a:c6:6d:65:
2f:1f:de:a3:d3:53:84:2b:e5:55:5f:47:5d:c7:2f:a4:db:2a:
30:8e:1f:89:3d:af:42:25:a4:38:48:2f:b7:35:3e:59:d4:19:
be:18:de:4d:c7:1a:c9:59:5f:14:72:1d:b5:59:2b:9f:e7:bb:
10:ec:41:7a:ea:6a:b5:04:b7:14:a4:42:a9:cb:eb:91:66:db:
57:a5:41:40:e9:6e:34:38:99:f4:46:a1:54:4c:76:57:04:54:
61:38:f6:77:9b:48:31:b1:e2:93:67:d8:a4:31:08:88:55:ad:
a3:3d:8e:c8:19:f7:71:a5:e9:fe:d7:e1:f6:fa:b3:d5:3b:a1:
21:49:72:97
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVsrwRmyMMfG/hmbt9m7mIkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMwMTAxMDkzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTBhNDBjM2M2YTdjNDQzMjFkNjY0Y2NkNDZhOGVhMGM5NjIxYjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMdCKt65/8HucTAHC4GlXw5VGGZR
AZTfwlacH4kWxf/d3cqbH0eed9E/eyYkJlnk6TuU1N2aMJlJpb6NVCLcs2NQyjbF
EC0EKMEH9KgdTl1JuQH3D2msyWzglkJboml5K8XzSScAo9IMmtWhwTQIri3hS2D0
kj8h/jQWTeWeVjWymfsmXIJTRWNn2a1dm9uN206l5vRHXjFh6RBvOhwlFGaV+Gcu
yvthR05MByns/+pJohThN3EyoIoHdQols/JVX3hVjQo4YioDPq3tyFXBYoixGq2A
uZU+aZi03qOfwgIZHkuSBqzJ159Fa2SrIYIWNT6HEMWSM8OpC33fklqDtwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCUKQMPGp8RDIdZkzNRqjqDJYhsyMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvSlFwQXc4YW54RU1oMW1UTTFHcU9vTWxpR3pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgMPgAly
MA0GCSqGSIb3DQEBCwUAA4IBAQCxg3x7q094W6Vw0a0F1uEw//OPZBV1+P1t3UoL
WkzmrcFlYcQ7VLFUflooiTzBuncAaNrwqmV/0JvouLl0HZYwNVrWaRJGK1Icy8eJ
tyacMRT0IEcCsHtMmqZHMEc5I8zoVWWipUYl9MJvbIIZma9/EfOvSU4Kb38A73rG
bWUvH96j01OEK+VVX0ddxy+k2yowjh+JPa9CJaQ4SC+3NT5Z1Bm+GN5NxxrJWV8U
ch21WSuf57sQ7EF66mq1BLcUpEKpy+uRZttXpUFA6W40OJn0RqFUTHZXBFRhOPZ3
m0gxseKTZ9ikMQiIVa2jPY7IGfdxpen+1+H2+rPVO6EhSXKX
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:24 2024 by rpki-client on console-ams.rpki-client.org