Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/VDtltS2P54l7OFZnI9RY-HVzuLo.roa
File: VDtltS2P54l7OFZnI9RY-HVzuLo.roa (raw, json)
Hash identifier: Hbw2OrdLl0px8Ik2cG2uWXgmPuMFs0OTilkNDqHDN/c=
Subject key identifier: 54:3B:65:B5:2D:8F:E7:89:7B:38:56:67:23:D4:58:F8:75:73:B8:BA
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 01856CAEFE901AD69C02F4EC207E2448F79F
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/VDtltS2P54l7OFZnI9RY-HVzuLo.roa
Signing time: Sun 01 Jan 2023 09:34:45 +0000
ROA not before: Sun 01 Jan 2023 09:34:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47172
IP address blocks: 2a03:f85:6::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ae:fe:90:1a:d6:9c:02:f4:ec:20:7e:24:48:f7:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 09:34:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=543b65b52d8fe7897b38566723d458f87573b8ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:91:03:eb:36:a9:d7:fe:b9:40:f2:8e:7c:4b:
ec:3c:bf:7c:e9:da:5b:22:04:98:8c:c1:ad:97:3e:
c7:d6:0a:a7:0d:23:43:34:6e:c4:0e:6f:89:81:10:
59:f0:c0:c1:70:3c:0e:ed:de:73:a4:3e:f0:fa:a4:
1c:52:fd:32:78:cb:77:b9:27:e8:e5:bc:5c:ae:19:
f6:7d:31:e9:16:4b:55:20:9c:00:58:e3:c9:f0:7f:
09:56:76:0f:0e:ab:0d:73:dd:2d:75:0f:d2:f7:22:
93:a8:ef:70:84:d6:d9:4d:43:e8:cf:a8:3e:4f:d9:
61:28:52:3a:73:5e:13:9e:9b:42:66:b2:ef:d1:3d:
4e:d2:03:1a:77:d7:c8:9b:a2:1c:c5:c0:1b:fd:1d:
90:3b:82:9e:bd:e0:b0:99:9d:bc:f6:de:58:4a:0a:
a9:af:52:ff:e6:2c:4f:5d:57:66:13:a8:df:ed:c6:
34:5f:cf:8c:fa:b5:b9:e1:c0:e3:44:05:1b:93:69:
6f:83:5b:5d:74:30:32:50:5b:6e:74:5f:f2:89:a7:
fb:c9:ad:b9:99:0d:1a:98:3f:a3:df:89:ed:6f:31:
c7:3a:56:fd:28:cd:9f:a9:0c:51:99:6b:75:b0:86:
cc:97:29:b0:51:3c:ed:c3:65:2e:a3:7a:29:9d:01:
a7:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:3B:65:B5:2D:8F:E7:89:7B:38:56:67:23:D4:58:F8:75:73:B8:BA
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/VDtltS2P54l7OFZnI9RY-HVzuLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:f85:6::/48
Signature Algorithm: sha256WithRSAEncryption
0c:7e:19:4f:0d:4f:d1:d2:43:fa:57:f7:43:7d:6a:bb:1a:58:
96:6e:5e:7b:bb:61:93:6a:eb:0c:0a:29:22:6d:d0:b1:6f:ec:
fc:c6:02:92:6d:c1:ba:82:19:bc:95:79:6d:fc:cb:49:56:13:
fa:8a:2b:24:b1:92:1f:77:25:aa:f4:2e:5c:84:ac:44:a1:3e:
de:98:68:72:bd:cc:2c:48:33:22:54:d5:4f:be:7f:7d:29:95:
32:81:59:c5:d2:b5:ee:ba:74:0b:1f:28:d1:c6:8f:45:a6:b2:
a1:9f:61:49:c7:9c:6d:50:3a:1b:64:59:18:6b:c9:05:43:66:
50:0f:ca:1f:6b:be:fe:f8:0d:21:30:18:9d:22:12:6f:00:77:
58:f7:80:37:45:41:e1:da:9a:be:85:60:bc:0d:8f:2b:e4:0e:
e6:bd:bc:f9:a5:79:45:5b:c1:03:ef:f1:0a:e1:de:d5:b6:c1:
12:52:28:dd:d0:88:5a:ea:3e:f4:ab:10:d7:a0:a8:11:49:97:
4a:16:a9:95:b5:44:de:1b:60:e7:97:1d:84:dc:e5:39:2f:12:
36:2a:3d:ad:d6:8f:15:ec:c1:02:d4:f0:b4:44:2f:07:7b:8d:
3f:d5:5a:aa:80:e0:79:d0:52:e7:c9:80:8d:64:74:a2:85:60:
f5:b3:c8:9c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVsrv6QGtacAvTsIH4kSPefMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMwMTAxMDkzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDNiNjViNTJkOGZlNzg5N2IzODU2NjcyM2Q0NThmODc1NzNiOGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5ED6zap1/65QPKOfEvsPL986dpb
IgSYjMGtlz7H1gqnDSNDNG7EDm+JgRBZ8MDBcDwO7d5zpD7w+qQcUv0yeMt3uSfo
5bxcrhn2fTHpFktVIJwAWOPJ8H8JVnYPDqsNc90tdQ/S9yKTqO9whNbZTUPoz6g+
T9lhKFI6c14TnptCZrLv0T1O0gMad9fIm6IcxcAb/R2QO4KeveCwmZ289t5YSgqp
r1L/5ixPXVdmE6jf7cY0X8+M+rW54cDjRAUbk2lvg1tddDAyUFtudF/yiaf7ya25
mQ0amD+j34ntbzHHOlb9KM2fqQxRmWt1sIbMlymwUTztw2Uuo3opnQGnqwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFQ7ZbUtj+eJezhWZyPUWPh1c7i6MB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvVkR0bHRTMlA1NGw3T0Zabkk5UlktSFZ6dUxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgMPhQAG
MA0GCSqGSIb3DQEBCwUAA4IBAQAMfhlPDU/R0kP6V/dDfWq7GliWbl57u2GTausM
CikibdCxb+z8xgKSbcG6ghm8lXlt/MtJVhP6iisksZIfdyWq9C5chKxEoT7emGhy
vcwsSDMiVNVPvn99KZUygVnF0rXuunQLHyjRxo9FprKhn2FJx5xtUDobZFkYa8kF
Q2ZQD8ofa77++A0hMBidIhJvAHdY94A3RUHh2pq+hWC8DY8r5A7mvbz5pXlFW8ED
7/EK4d7VtsESUijd0Iha6j70qxDXoKgRSZdKFqmVtUTeG2Dnlx2E3OU5LxI2Kj2t
1o8V7MEC1PC0RC8He40/1VqqgOB50FLnyYCNZHSihWD1s8ic
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:51 2024 by rpki-client on console-ams.rpki-client.org