Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/v5LlWlL_cnqbB9OsY998be2umh0.roa
File: v5LlWlL_cnqbB9OsY998be2umh0.roa (raw, json)
Hash identifier: e2L1NwzeQRyloHLxHIJenasKl55DZnVDZF9ROsOj21Y=
Subject key identifier: BF:92:E5:5A:52:FF:72:7A:9B:07:D3:AC:63:DF:7C:6D:ED:AE:9A:1D
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 01856CAF026E306CF38C57C312DCFB76E16B
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/v5LlWlL_cnqbB9OsY998be2umh0.roa
Signing time: Sun 01 Jan 2023 09:34:46 +0000
ROA not before: Sun 01 Jan 2023 09:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59692
IP address blocks: 2a03:f86:3::/48 maxlen: 48
2a03:f86:2::/48 maxlen: 48
2a03:f86:4::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:02:6e:30:6c:f3:8c:57:c3:12:dc:fb:76:e1:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 09:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf92e55a52ff727a9b07d3ac63df7c6dedae9a1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:09:fc:e1:a1:c4:39:6b:f7:18:19:1d:f8:8e:
99:8f:f4:9f:59:5b:53:1a:de:a4:47:7f:08:25:55:
e7:84:4c:6b:78:95:b5:d4:a7:31:e2:16:03:ee:a4:
91:a9:fe:bd:a7:0d:33:b0:09:62:e4:c9:42:1c:a2:
53:79:65:4f:81:37:42:e3:8d:fa:3c:77:fb:52:7a:
e2:63:aa:99:b3:3f:98:94:40:74:18:24:c1:dd:29:
e9:fb:5c:67:5a:7a:17:13:bf:63:13:a0:68:40:bf:
14:bc:b4:a4:71:da:1f:9a:e6:d8:5b:68:7b:7b:ed:
6e:4f:af:38:91:52:a6:e9:5b:4e:33:60:b5:ba:cd:
38:8a:32:cb:c7:fd:85:42:1c:47:c1:f3:c7:28:75:
7a:3d:71:40:f5:b6:9f:a4:4a:d4:78:b1:66:dd:72:
3f:45:ff:2f:6e:36:a1:1a:89:7e:22:45:af:6f:97:
49:45:af:8d:69:ce:5e:9e:9f:76:9f:7f:70:f5:59:
6d:8c:29:d2:ce:1d:4b:2e:ff:ed:55:09:c5:6e:8e:
c0:c2:65:b2:c0:06:e0:52:b4:6f:46:40:ca:70:2e:
79:49:5c:6f:93:3f:f8:34:4a:1e:2c:79:1f:80:76:
78:44:f8:32:66:4d:5b:20:6a:08:2c:d3:10:24:52:
ef:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:92:E5:5A:52:FF:72:7A:9B:07:D3:AC:63:DF:7C:6D:ED:AE:9A:1D
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/v5LlWlL_cnqbB9OsY998be2umh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:f86:2::-2a03:f86:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
49:64:56:71:4b:ae:52:7d:47:05:8e:11:d4:77:25:82:e1:1e:
e4:b7:14:23:0f:93:63:f5:eb:1f:42:30:3a:82:e4:11:76:0c:
66:8e:9b:4a:64:10:8a:86:2f:99:93:d9:36:3b:0f:f8:a9:52:
63:a5:4f:b4:92:22:05:79:03:ed:63:33:73:86:e8:53:b9:ba:
a8:c2:00:6e:c1:71:34:06:cb:9e:f7:79:43:02:2d:83:ee:b4:
cc:d4:23:c9:23:e7:45:bf:f8:f9:03:fa:ba:71:9d:16:62:0b:
76:f2:87:c0:51:1e:5a:59:be:51:5b:c1:ad:9a:f6:7b:6c:0d:
d6:76:e1:bb:e7:52:10:9b:66:de:a1:da:aa:f2:0d:b5:56:d9:
d0:36:cc:15:3e:1d:96:3e:cd:7d:b8:52:a3:93:64:47:85:8e:
37:99:46:b6:dc:25:fe:9b:2c:f7:0e:18:95:da:fc:6e:88:a2:
18:31:4b:89:51:94:a1:c6:38:eb:38:b8:8e:a6:5b:17:3b:c9:
5a:1b:05:c7:b0:7e:10:7d:7c:47:06:f1:f3:12:ef:be:a3:b7:
42:a5:67:45:e0:76:bd:ad:88:63:18:2e:8a:14:0c:ec:71:c6:
ec:f7:54:d6:26:df:7c:ca:03:e1:db:02:d3:b2:e1:35:1b:38:
36:65:e2:90
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVsrwJuMGzzjFfDEtz7duFrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMwMTAxMDkzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjkyZTU1YTUyZmY3MjdhOWIwN2QzYWM2M2RmN2M2ZGVkYWU5YTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQn84aHEOWv3GBkd+I6Zj/SfWVtT
Gt6kR38IJVXnhExreJW11Kcx4hYD7qSRqf69pw0zsAli5MlCHKJTeWVPgTdC4436
PHf7UnriY6qZsz+YlEB0GCTB3Snp+1xnWnoXE79jE6BoQL8UvLSkcdofmubYW2h7
e+1uT684kVKm6VtOM2C1us04ijLLx/2FQhxHwfPHKHV6PXFA9bafpErUeLFm3XI/
Rf8vbjahGol+IkWvb5dJRa+Nac5enp92n39w9VltjCnSzh1LLv/tVQnFbo7AwmWy
wAbgUrRvRkDKcC55SVxvkz/4NEoeLHkfgHZ4RPgyZk1bIGoILNMQJFLvfQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFL+S5VpS/3J6mwfTrGPffG3trpodMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvdjVMbFdsTF9jbnFiQjlPc1k5OThiZTJ1bWgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwEqAw+G
AAIDBwAqAw+GAAQwDQYJKoZIhvcNAQELBQADggEBAElkVnFLrlJ9RwWOEdR3JYLh
HuS3FCMPk2P16x9CMDqC5BF2DGaOm0pkEIqGL5mT2TY7D/ipUmOlT7SSIgV5A+1j
M3OG6FO5uqjCAG7BcTQGy573eUMCLYPutMzUI8kj50W/+PkD+rpxnRZiC3byh8BR
HlpZvlFbwa2a9ntsDdZ24bvnUhCbZt6h2qryDbVW2dA2zBU+HZY+zX24UqOTZEeF
jjeZRrbcJf6bLPcOGJXa/G6IohgxS4lRlKHGOOs4uI6mWxc7yVobBcewfhB9fEcG
8fMS776jt0KlZ0Xgdr2tiGMYLooUDOxxxuz3VNYm33zKA+HbAtOy4TUbODZl4pA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:51 2024 by rpki-client on console-ams.rpki-client.org