Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/MzjhbNfF8dFIErO8JwKjGA0MYm0.roa
File: MzjhbNfF8dFIErO8JwKjGA0MYm0.roa (raw, json)
Hash identifier: 5KViZ/DHhL2VOPMiSlMBB4iJnckwjIdkW1Bgkxyspow=
Subject key identifier: 33:38:E1:6C:D7:C5:F1:D1:48:12:B3:BC:27:02:A3:18:0D:0C:62:6D
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 01856CAEFA6AC05BA8E6D1DBEB6BE4DC68F1
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/MzjhbNfF8dFIErO8JwKjGA0MYm0.roa
Signing time: Sun 01 Jan 2023 09:34:44 +0000
ROA not before: Sun 01 Jan 2023 09:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34305
IP address blocks: 2a03:f85:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ae:fa:6a:c0:5b:a8:e6:d1:db:eb:6b:e4:dc:68:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 09:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3338e16cd7c5f1d14812b3bc2702a3180d0c626d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:72:63:cb:68:f9:fa:b3:a4:e4:12:ca:bb:3a:
e5:f0:3e:11:91:41:5b:ad:6d:4e:a9:20:02:40:a4:
a0:af:25:89:b4:8b:ea:4d:ba:f2:80:f6:95:b7:5c:
f8:82:c4:be:5f:36:36:72:91:f1:7b:ab:0e:b3:e7:
1b:a8:69:92:55:61:0b:b6:44:c8:6f:0a:f0:c9:4c:
e5:42:a0:43:01:9f:d9:80:47:d9:4a:fc:b3:21:43:
f1:d0:32:e4:dd:2d:e5:15:00:b1:30:27:a0:bf:df:
cf:64:49:e2:a0:cf:e2:b9:9e:d7:26:9e:3b:96:cf:
73:de:73:94:00:1f:22:8a:7f:3d:0e:f0:fe:2c:c0:
e7:56:18:93:1d:e3:d9:f1:b7:e8:6d:98:6f:86:fe:
25:8f:de:96:6b:1c:75:1b:68:9c:c8:62:1b:ef:22:
7a:38:48:2d:a0:77:6d:9a:3f:ef:5b:d3:18:2b:4c:
60:52:0d:0b:e7:15:76:2f:73:29:a9:e9:0d:91:91:
11:7f:f7:0b:58:89:0b:41:24:7e:cd:a5:6f:f5:e9:
63:d5:98:6d:84:42:49:4f:f9:3f:c5:35:6e:1b:a7:
0d:a6:55:f6:6d:c5:37:0c:a8:42:be:41:f6:98:3c:
e6:4b:48:e5:65:f7:42:37:75:60:47:2c:ba:56:69:
02:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:38:E1:6C:D7:C5:F1:D1:48:12:B3:BC:27:02:A3:18:0D:0C:62:6D
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/MzjhbNfF8dFIErO8JwKjGA0MYm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:f85:1::/48
Signature Algorithm: sha256WithRSAEncryption
98:78:20:f6:87:72:7b:e5:b4:8a:a6:53:1d:7a:94:2e:51:e2:
52:3b:be:3c:92:67:c6:68:14:81:f3:71:41:ec:76:90:e0:7a:
d8:68:43:ff:4d:9c:a5:83:d8:34:b0:d3:5c:4f:47:8b:c6:93:
f5:51:05:49:aa:60:b8:f2:c1:76:66:8a:e6:be:a9:36:a1:ea:
15:56:86:ed:85:22:d6:41:35:cb:f5:29:f7:f1:bf:f6:19:77:
a1:64:9f:7e:3e:63:c0:90:c1:53:20:c5:2d:71:ee:44:8d:a9:
6c:62:ad:2d:c0:3b:25:f4:8f:6f:3e:9c:b5:2e:34:90:bb:d7:
c4:8b:fb:85:28:ef:03:23:94:3a:5c:2a:0d:52:27:a0:a7:07:
64:e5:2f:b0:a2:cf:c7:00:2d:cf:2e:5b:9e:b7:96:66:a1:92:
99:3a:21:ba:12:14:09:a9:16:97:dc:f3:73:c9:65:eb:9f:25:
19:85:74:2e:dc:a5:6c:f3:eb:9d:46:d8:5b:86:bd:db:c5:ff:
b0:7c:be:51:6c:32:32:ae:4c:78:4b:d7:a8:ce:fc:32:f0:b2:
80:97:6a:cb:25:4b:a7:b7:ef:05:1c:b1:0f:32:9e:80:39:b2:
41:85:be:d2:2b:cd:7f:d2:93:ec:40:b1:03:2e:23:62:f0:85:
0e:57:fc:c8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVsrvpqwFuo5tHb62vk3GjxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMwMTAxMDkzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzM4ZTE2Y2Q3YzVmMWQxNDgxMmIzYmMyNzAyYTMxODBkMGM2MjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3HJjy2j5+rOk5BLKuzrl8D4RkUFb
rW1OqSACQKSgryWJtIvqTbrygPaVt1z4gsS+XzY2cpHxe6sOs+cbqGmSVWELtkTI
bwrwyUzlQqBDAZ/ZgEfZSvyzIUPx0DLk3S3lFQCxMCegv9/PZEnioM/iuZ7XJp47
ls9z3nOUAB8iin89DvD+LMDnVhiTHePZ8bfobZhvhv4lj96Waxx1G2icyGIb7yJ6
OEgtoHdtmj/vW9MYK0xgUg0L5xV2L3MpqekNkZERf/cLWIkLQSR+zaVv9elj1Zht
hEJJT/k/xTVuG6cNplX2bcU3DKhCvkH2mDzmS0jlZfdCN3VgRyy6VmkC9QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDM44WzXxfHRSBKzvCcCoxgNDGJtMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvTXpqaGJOZkY4ZEZJRXJPOEp3S2pHQTBNWW0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgMPhQAB
MA0GCSqGSIb3DQEBCwUAA4IBAQCYeCD2h3J75bSKplMdepQuUeJSO748kmfGaBSB
83FB7HaQ4HrYaEP/TZylg9g0sNNcT0eLxpP1UQVJqmC48sF2Zormvqk2oeoVVobt
hSLWQTXL9Sn38b/2GXehZJ9+PmPAkMFTIMUtce5EjalsYq0twDsl9I9vPpy1LjSQ
u9fEi/uFKO8DI5Q6XCoNUiegpwdk5S+wos/HAC3PLluet5ZmoZKZOiG6EhQJqRaX
3PNzyWXrnyUZhXQu3KVs8+udRthbhr3bxf+wfL5RbDIyrkx4S9eozvwy8LKAl2rL
JUunt+8FHLEPMp6AObJBhb7SK81/0pPsQLEDLiNi8IUOV/zI
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:03 2024 by rpki-client on console-fra.rpki-client.org