Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/8c5808-3165-41dc-90a0-3ef5eb7c8598/1/b2ZG_kvdfNDRCLb2wID_GyzvsgQ.roa
File: b2ZG_kvdfNDRCLb2wID_GyzvsgQ.roa (raw, json)
Hash identifier: TGXp0uSLPSwndqgKWut1CQVPYL5FMbEGetg++f8MySc=
Subject key identifier: 6F:66:46:FE:4B:DD:7C:D0:D1:08:B6:F6:C0:80:FF:1B:2C:EF:B2:04
Certificate issuer: /CN=f3b90781dbbebdb8ec42baf66488059ea5866aac
Certificate serial: 018AB6A985821FC88646CF77518EF712EB04
Authority key identifier: F3:B9:07:81:DB:BE:BD:B8:EC:42:BA:F6:64:88:05:9E:A5:86:6A:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/87kHgdu-vbjsQrr2ZIgFnqWGaqw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/8c5808-3165-41dc-90a0-3ef5eb7c8598/1/b2ZG_kvdfNDRCLb2wID_GyzvsgQ.roa
Signing time: Thu 21 Sep 2023 07:34:37 +0000
ROA not before: Thu 21 Sep 2023 07:34:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59819
IP address blocks: 2a03:6947:1500::/40 maxlen: 40
2a03:6947:1400::/40 maxlen: 40
2a03:6947:b00::/40 maxlen: 40
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b6:a9:85:82:1f:c8:86:46:cf:77:51:8e:f7:12:eb:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3b90781dbbebdb8ec42baf66488059ea5866aac
Validity
Not Before: Sep 21 07:34:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f6646fe4bdd7cd0d108b6f6c080ff1b2cefb204
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:00:90:33:ea:ab:3c:c4:ae:6b:e1:be:b8:1a:
46:67:30:96:f0:f3:4e:66:43:31:2d:12:bd:e3:22:
78:42:a8:22:73:59:2f:19:14:a9:3b:99:71:45:be:
b7:08:ce:b9:6a:07:d3:a0:f0:81:f2:37:64:c0:26:
3f:55:5b:d9:d4:61:8e:5e:b9:a8:4c:53:38:81:f2:
9c:78:23:76:ea:f8:b9:57:76:7e:e2:21:b2:4b:60:
6d:55:69:81:8b:8a:a7:2a:5e:c5:1b:9d:45:08:fb:
48:36:15:f7:73:33:0c:0c:a8:f5:3c:01:2f:d8:43:
9b:10:4b:28:be:47:2a:fc:97:4e:d0:c6:4e:3f:c8:
46:87:e8:bd:02:af:20:46:cd:ef:a0:42:b9:3f:bc:
0e:1b:8a:48:32:70:9c:08:3b:4a:c6:e3:26:97:2a:
a0:87:4b:ed:cd:fb:d2:65:67:5a:80:c7:59:63:46:
87:b9:eb:86:28:28:d1:64:98:0b:80:57:7f:3f:c5:
ec:66:93:fd:8c:07:d7:62:1e:ff:1b:41:56:92:8b:
1b:03:c0:d4:dd:53:c1:c0:d1:29:ac:a0:3e:cc:6f:
96:10:43:42:00:d4:b7:95:1f:1e:83:99:92:a4:71:
82:63:87:5d:23:6d:eb:dc:69:7e:54:5c:bf:53:7c:
25:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:66:46:FE:4B:DD:7C:D0:D1:08:B6:F6:C0:80:FF:1B:2C:EF:B2:04
X509v3 Authority Key Identifier:
keyid:F3:B9:07:81:DB:BE:BD:B8:EC:42:BA:F6:64:88:05:9E:A5:86:6A:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/87kHgdu-vbjsQrr2ZIgFnqWGaqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/8c5808-3165-41dc-90a0-3ef5eb7c8598/1/b2ZG_kvdfNDRCLb2wID_GyzvsgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/8c5808-3165-41dc-90a0-3ef5eb7c8598/1/87kHgdu-vbjsQrr2ZIgFnqWGaqw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:6947:b00::/40
2a03:6947:1400::/39
Signature Algorithm: sha256WithRSAEncryption
6c:9f:23:f8:5e:fc:39:98:8d:87:a6:bb:0d:48:4e:83:d3:7b:
e2:c4:eb:49:02:17:dd:c7:4e:d3:93:e5:5b:9d:bf:6c:63:cd:
af:07:e2:27:00:b2:bd:cc:50:66:73:bf:df:42:91:94:c5:24:
13:5d:65:cd:3f:4b:5b:8d:a5:16:83:1c:17:f8:31:15:33:42:
3c:5d:26:9a:21:00:bc:79:04:44:81:62:69:82:40:ec:c4:5f:
c1:81:7d:e2:ab:78:97:a6:29:23:fe:ae:9c:04:ad:6e:8b:59:
ac:18:ff:96:08:69:97:4f:2b:fd:1e:28:d3:bf:7d:2c:89:30:
f2:d9:64:61:44:0c:a4:b5:83:00:36:26:04:fd:45:92:36:1c:
51:8e:73:95:44:54:57:73:e9:c6:a8:65:ff:d0:f5:96:28:a2:
7b:f5:a4:73:a9:41:61:ae:6f:27:4e:fb:0c:6e:f5:9a:a2:2f:
e1:01:2a:41:c6:9d:a3:7e:8e:16:26:72:70:b8:01:0d:28:50:
d8:0c:40:a7:db:fc:45:89:59:8a:20:8f:93:59:b9:88:87:53:
14:4e:33:93:ad:44:c5:b3:f0:d2:65:29:bc:63:02:ea:6b:5c:
77:58:70:9c:4f:60:cc:f1:44:e1:e0:7a:99:80:ce:ed:3b:25:
24:8c:1c:74
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYq2qYWCH8iGRs93UY73EusEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYjkwNzgxZGJiZWJkYjhlYzQyYmFmNjY0ODgwNTllYTU4
NjZhYWMwHhcNMjMwOTIxMDczNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjY2NDZmZTRiZGQ3Y2QwZDEwOGI2ZjZjMDgwZmYxYjJjZWZiMjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgCQM+qrPMSua+G+uBpGZzCW8PNO
ZkMxLRK94yJ4Qqgic1kvGRSpO5lxRb63CM65agfToPCB8jdkwCY/VVvZ1GGOXrmo
TFM4gfKceCN26vi5V3Z+4iGyS2BtVWmBi4qnKl7FG51FCPtINhX3czMMDKj1PAEv
2EObEEsovkcq/JdO0MZOP8hGh+i9Aq8gRs3voEK5P7wOG4pIMnCcCDtKxuMmlyqg
h0vtzfvSZWdagMdZY0aHueuGKCjRZJgLgFd/P8XsZpP9jAfXYh7/G0FWkosbA8DU
3VPBwNEprKA+zG+WEENCANS3lR8eg5mSpHGCY4ddI23r3Gl+VFy/U3wl3wIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFG9mRv5L3XzQ0Qi29sCA/xss77IEMB8GA1UdIwQY
MBaAFPO5B4Hbvr247EK69mSIBZ6lhmqsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODdrSGdkdS12YmpzUXJyMlpJZ0ZucVdHYXF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi84YzU4MDgtMzE2NS00MWRjLTkwYTAt
M2VmNWViN2M4NTk4LzEvYjJaR19rdmRmTkRSQ0xiMndJRF9HeXp2c2dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi84YzU4MDgtMzE2NS00MWRjLTkwYTAtM2VmNWViN2M4NTk4
LzEvODdrSGdkdS12YmpzUXJyMlpJZ0ZucVdHYXF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYAKgNpRwsD
BgEqA2lHFDANBgkqhkiG9w0BAQsFAAOCAQEAbJ8j+F78OZiNh6a7DUhOg9N74sTr
SQIX3cdO05PlW52/bGPNrwfiJwCyvcxQZnO/30KRlMUkE11lzT9LW42lFoMcF/gx
FTNCPF0mmiEAvHkERIFiaYJA7MRfwYF94qt4l6YpI/6unAStbotZrBj/lghpl08r
/R4o0799LIkw8tlkYUQMpLWDADYmBP1FkjYcUY5zlURUV3Ppxqhl/9D1liiie/Wk
c6lBYa5vJ077DG71mqIv4QEqQcado36OFiZycLgBDShQ2AxAp9v8RYlZiiCPk1m5
iIdTFE4zk61ExbPw0mUpvGMC6mtcd1hwnE9gzPFE4eB6mYDO7TslJIwcdA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:31 2024 by rpki-client on console-ams.rpki-client.org