Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/yQZaU6W0_7F03Nhg-abqmd2iXLE.roa
File: yQZaU6W0_7F03Nhg-abqmd2iXLE.roa (raw, json)
Hash identifier: 9YdVuGOzIQNw30yP4m8X16/IjPLwIoc6SBg7sFaA9tI=
Subject key identifier: C9:06:5A:53:A5:B4:FF:B1:74:DC:D8:60:F9:A6:EA:99:DD:A2:5C:B1
Certificate issuer: /CN=297364f502534e8771a0c6259794c26e26d4bca4
Certificate serial: 01856D2F2D8EA56535ABA42FC1CCE762CC97
Authority key identifier: 29:73:64:F5:02:53:4E:87:71:A0:C6:25:97:94:C2:6E:26:D4:BC:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/yQZaU6W0_7F03Nhg-abqmd2iXLE.roa
Signing time: Sun 01 Jan 2023 11:54:46 +0000
ROA not before: Sun 01 Jan 2023 11:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 328778
IP address blocks: 2a02:f406:ff50::/48 maxlen: 48
2a02:f406:fed0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:2f:2d:8e:a5:65:35:ab:a4:2f:c1:cc:e7:62:cc:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297364f502534e8771a0c6259794c26e26d4bca4
Validity
Not Before: Jan 1 11:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9065a53a5b4ffb174dcd860f9a6ea99dda25cb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:54:6c:bb:9c:f6:69:07:71:a8:ec:e5:63:91:
36:81:ba:1d:f3:34:bc:34:2c:03:f6:9f:db:49:28:
a1:17:2a:0c:79:cb:a8:7b:6d:8d:16:b3:a9:7f:2c:
fb:53:af:2d:ff:b3:15:a3:72:53:08:ca:48:d6:cb:
39:99:44:bd:df:75:8e:c5:13:71:0c:81:31:af:68:
38:9a:10:14:c2:a8:52:22:74:92:f4:f4:38:4d:51:
f4:d5:11:bc:84:cf:2d:3d:3d:ff:77:12:26:bb:67:
47:55:1e:ae:3d:0e:b0:5d:21:4f:ba:6f:92:ad:68:
0e:16:64:34:ef:d8:62:5c:8d:af:5d:e8:da:1d:1b:
b2:4d:b1:63:54:7e:ae:1b:65:48:14:3a:cc:3d:98:
a1:3c:58:fe:fe:39:23:75:98:d9:f4:60:a8:cc:84:
e4:68:5d:fa:81:f6:1d:36:4b:98:c6:8e:44:e9:fd:
2d:71:92:1f:7e:f0:1b:88:d3:b1:24:eb:9d:34:35:
7b:c6:f2:7d:7f:6e:fb:b3:29:c1:86:9c:f8:ad:fd:
8a:cf:83:76:69:52:77:65:0e:92:4f:8e:43:30:ae:
17:13:9e:d4:0e:8d:33:a4:d6:ff:88:10:50:93:63:
bf:65:b9:02:e3:8f:28:91:5c:c6:30:a6:69:09:24:
2f:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:06:5A:53:A5:B4:FF:B1:74:DC:D8:60:F9:A6:EA:99:DD:A2:5C:B1
X509v3 Authority Key Identifier:
keyid:29:73:64:F5:02:53:4E:87:71:A0:C6:25:97:94:C2:6E:26:D4:BC:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/yQZaU6W0_7F03Nhg-abqmd2iXLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:f406:fed0::/48
2a02:f406:ff50::/48
Signature Algorithm: sha256WithRSAEncryption
d1:1b:32:d9:19:a5:da:ca:2b:88:f7:18:0e:21:c1:b0:12:0f:
38:18:d6:a3:f6:9d:83:40:bb:aa:4b:bb:18:e6:e6:a2:0d:e1:
20:4a:55:f3:21:bd:34:9f:c1:67:a3:d0:ce:c6:9f:ab:01:ba:
b9:34:a3:db:ca:ce:c7:08:92:f7:e8:a9:9b:7a:d4:c6:95:61:
e0:ed:02:a4:e9:e9:70:57:ae:4d:0a:90:a8:d2:68:43:26:0e:
b6:4e:00:a8:99:78:4d:7f:44:80:5a:86:bf:86:78:c1:e2:55:
32:55:6c:98:eb:82:f0:60:7e:90:72:5a:1d:60:e7:e5:d5:50:
9c:b6:c3:f0:36:42:66:28:98:9e:a7:c2:69:7b:b5:0a:da:91:
b0:71:dc:94:50:58:7a:6a:66:65:18:dd:9e:ab:b7:09:ad:10:
0c:bf:70:6c:09:9a:ce:c5:f5:d7:a0:57:91:0d:be:23:5a:04:
0c:ac:ab:af:bd:e1:80:53:38:3b:e7:e2:23:e3:f4:0d:6b:58:
a1:e7:f2:af:c0:28:0a:54:e9:fe:05:ce:1c:f2:0c:db:85:ad:
87:98:61:ab:2e:5b:40:0d:02:df:ea:e8:f1:51:80:f2:e5:5a:
65:c1:3e:1c:4c:6c:74:a9:af:d1:30:15:1c:fa:7e:85:14:eb:
ce:83:f0:4a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtLy2OpWU1q6QvwcznYsyXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NzM2NGY1MDI1MzRlODc3MWEwYzYyNTk3OTRjMjZlMjZk
NGJjYTQwHhcNMjMwMTAxMTE1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTA2NWE1M2E1YjRmZmIxNzRkY2Q4NjBmOWE2ZWE5OWRkYTI1Y2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1Rsu5z2aQdxqOzlY5E2gbod8zS8
NCwD9p/bSSihFyoMecuoe22NFrOpfyz7U68t/7MVo3JTCMpI1ss5mUS933WOxRNx
DIExr2g4mhAUwqhSInSS9PQ4TVH01RG8hM8tPT3/dxImu2dHVR6uPQ6wXSFPum+S
rWgOFmQ079hiXI2vXejaHRuyTbFjVH6uG2VIFDrMPZihPFj+/jkjdZjZ9GCozITk
aF36gfYdNkuYxo5E6f0tcZIffvAbiNOxJOudNDV7xvJ9f277synBhpz4rf2Kz4N2
aVJ3ZQ6ST45DMK4XE57UDo0zpNb/iBBQk2O/ZbkC448okVzGMKZpCSQvsQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMkGWlOltP+xdNzYYPmm6pndolyxMB8GA1UdIwQY
MBaAFClzZPUCU06HcaDGJZeUwm4m1LykMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1hOazlRSlRUb2R4b01ZbGw1VENiaWJVdktRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wNDU4MjAtMzU0Ni00MDdjLTgzYTUt
MGEwZjNlNzhhNDkzLzEveVFaYVU2VzBfN0YwM05oZy1hYnFtZDJpWExFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wNDU4MjAtMzU0Ni00MDdjLTgzYTUtMGEwZjNlNzhhNDkz
LzEvS1hOazlRSlRUb2R4b01ZbGw1VENiaWJVdktRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgL0Bv7Q
AwcAKgL0Bv9QMA0GCSqGSIb3DQEBCwUAA4IBAQDRGzLZGaXayiuI9xgOIcGwEg84
GNaj9p2DQLuqS7sY5uaiDeEgSlXzIb00n8Fno9DOxp+rAbq5NKPbys7HCJL36Kmb
etTGlWHg7QKk6elwV65NCpCo0mhDJg62TgComXhNf0SAWoa/hnjB4lUyVWyY64Lw
YH6QclodYOfl1VCctsPwNkJmKJiep8Jpe7UK2pGwcdyUUFh6amZlGN2eq7cJrRAM
v3BsCZrOxfXXoFeRDb4jWgQMrKuvveGAUzg75+Ij4/QNa1ih5/KvwCgKVOn+Bc4c
8gzbha2HmGGrLltADQLf6ujxUYDy5VplwT4cTGx0qa/RMBUc+n6FFOvOg/BK
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:01 2024 by rpki-client on console-ams.rpki-client.org