Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/e387ff-5348-4b32-b136-d05184c25e9a/1/f21nDtGZQeBtEDQKm1qf8WSQuRw.roa
File: f21nDtGZQeBtEDQKm1qf8WSQuRw.roa (raw, json)
Hash identifier: WUcFBW6+RMl7VD0LNNtmb9OTRUsV8Z1hmCkUniqXzsw=
Subject key identifier: 7F:6D:67:0E:D1:99:41:E0:6D:10:34:0A:9B:5A:9F:F1:64:90:B9:1C
Certificate issuer: /CN=633bca0ed1f9b60bc0ed423022d0389e29b6cdd4
Certificate serial: 01859EB80A1CAD8C7E09915A862EC2D430DC
Authority key identifier: 63:3B:CA:0E:D1:F9:B6:0B:C0:ED:42:30:22:D0:38:9E:29:B6:CD:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YzvKDtH5tgvA7UIwItA4nim2zdQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/e387ff-5348-4b32-b136-d05184c25e9a/1/f21nDtGZQeBtEDQKm1qf8WSQuRw.roa
Signing time: Wed 11 Jan 2023 02:45:39 +0000
ROA not before: Wed 11 Jan 2023 02:45:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203453
IP address blocks: 2a11:5cc0:b00b::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9e:b8:0a:1c:ad:8c:7e:09:91:5a:86:2e:c2:d4:30:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=633bca0ed1f9b60bc0ed423022d0389e29b6cdd4
Validity
Not Before: Jan 11 02:45:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f6d670ed19941e06d10340a9b5a9ff16490b91c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:63:1a:ef:47:27:db:dc:ff:41:43:20:d3:f0:
2b:9e:3b:e8:22:3c:52:85:3d:c2:d4:11:0b:e2:5d:
94:70:3c:2a:39:25:2c:93:b5:d4:00:c7:33:0d:d6:
db:d0:17:6d:11:87:26:90:67:4e:c2:78:ce:7c:a4:
d8:32:c1:36:d2:cf:42:6d:f6:5c:cc:ee:ff:32:fa:
aa:aa:a3:1e:60:6c:28:80:34:39:93:b4:7b:7f:1f:
05:b4:e1:36:1e:f4:13:09:00:1b:c1:eb:ee:13:69:
ec:6e:ac:b1:0e:b2:ea:41:66:3c:26:96:0e:2f:7e:
f7:23:a9:e6:bf:4b:35:8c:44:63:ae:97:0a:6d:7d:
84:28:76:e1:af:85:d3:23:57:ff:42:47:5a:68:33:
27:76:18:dd:6a:b8:c1:11:9c:b1:97:99:49:6b:d1:
f5:c6:ad:6a:25:53:7a:34:27:c0:4b:a4:28:a6:a5:
eb:e8:b5:be:38:d8:99:c0:ee:9e:6e:e1:9f:99:c8:
2a:c0:7a:18:ac:64:1f:a9:a4:0b:35:e0:bd:41:aa:
17:76:7a:27:1c:27:34:ae:b4:41:84:8e:4d:cd:5e:
70:80:f8:8b:00:e2:e9:a4:d0:97:69:bf:a1:2e:70:
c6:c6:5a:64:8d:a9:fd:58:8d:9d:03:57:d7:19:30:
44:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:6D:67:0E:D1:99:41:E0:6D:10:34:0A:9B:5A:9F:F1:64:90:B9:1C
X509v3 Authority Key Identifier:
keyid:63:3B:CA:0E:D1:F9:B6:0B:C0:ED:42:30:22:D0:38:9E:29:B6:CD:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YzvKDtH5tgvA7UIwItA4nim2zdQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/e387ff-5348-4b32-b136-d05184c25e9a/1/f21nDtGZQeBtEDQKm1qf8WSQuRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/e387ff-5348-4b32-b136-d05184c25e9a/1/YzvKDtH5tgvA7UIwItA4nim2zdQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5cc0:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
3f:b6:06:c6:71:88:7c:13:00:66:6b:df:04:ba:23:d4:fc:37:
0f:a4:dc:56:85:2d:f5:3c:2b:af:fe:d7:0d:8d:26:31:d6:c4:
37:51:17:b7:f6:f3:06:33:35:94:1c:f4:17:0c:15:0a:a9:1e:
21:35:16:44:71:0e:3f:cc:83:e5:e6:ee:93:1e:04:dd:b8:61:
57:29:0a:be:8b:ca:ff:50:9d:b1:6f:aa:e6:14:49:97:b6:39:
fc:36:3f:fa:f6:d4:73:fd:6e:99:28:c7:2e:e5:01:80:e8:b3:
e6:f1:3a:38:e7:22:9f:5f:92:e9:1e:43:38:5f:40:cd:40:da:
8b:e3:c9:d1:d0:cf:e6:97:87:31:a3:a7:ff:de:aa:9c:53:74:
27:04:b3:56:de:ec:1b:e7:f4:c9:cc:a7:23:55:bf:a1:37:01:
94:f1:7d:54:cd:d7:a0:e4:1e:11:3c:57:c2:19:a5:db:66:86:
10:73:06:35:fa:60:f1:e7:46:2a:ae:7a:0c:7a:8a:9a:f0:4a:
14:af:21:f1:45:a3:06:23:b2:56:0d:bd:40:9f:94:21:cd:92:
6d:76:6b:f4:04:22:1b:86:0d:c2:0f:b1:57:f6:07:9c:73:ba:
83:59:32:c7:29:c2:bc:1b:71:42:87:4b:00:75:d4:1c:28:ce:
51:6a:70:66
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYWeuAocrYx+CZFahi7C1DDcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzM2JjYTBlZDFmOWI2MGJjMGVkNDIzMDIyZDAzODllMjli
NmNkZDQwHhcNMjMwMTExMDI0NTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjZkNjcwZWQxOTk0MWUwNmQxMDM0MGE5YjVhOWZmMTY0OTBiOTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWMa70cn29z/QUMg0/ArnjvoIjxS
hT3C1BEL4l2UcDwqOSUsk7XUAMczDdbb0BdtEYcmkGdOwnjOfKTYMsE20s9CbfZc
zO7/MvqqqqMeYGwogDQ5k7R7fx8FtOE2HvQTCQAbwevuE2nsbqyxDrLqQWY8JpYO
L373I6nmv0s1jERjrpcKbX2EKHbhr4XTI1f/QkdaaDMndhjdarjBEZyxl5lJa9H1
xq1qJVN6NCfAS6QopqXr6LW+ONiZwO6ebuGfmcgqwHoYrGQfqaQLNeC9QaoXdnon
HCc0rrRBhI5NzV5wgPiLAOLppNCXab+hLnDGxlpkjan9WI2dA1fXGTBESwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFH9tZw7RmUHgbRA0Cptan/FkkLkcMB8GA1UdIwQY
MBaAFGM7yg7R+bYLwO1CMCLQOJ4pts3UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXp2S0R0SDV0Z3ZBN1VJd0l0QTRuaW0yemRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9lMzg3ZmYtNTM0OC00YjMyLWIxMzYt
ZDA1MTg0YzI1ZTlhLzEvZjIxbkR0R1pRZUJ0RURRS20xcWY4V1NRdVJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9lMzg3ZmYtNTM0OC00YjMyLWIxMzYtZDA1MTg0YzI1ZTlh
LzEvWXp2S0R0SDV0Z3ZBN1VJd0l0QTRuaW0yemRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhFcwLAL
MA0GCSqGSIb3DQEBCwUAA4IBAQA/tgbGcYh8EwBma98EuiPU/DcPpNxWhS31PCuv
/tcNjSYx1sQ3URe39vMGMzWUHPQXDBUKqR4hNRZEcQ4/zIPl5u6THgTduGFXKQq+
i8r/UJ2xb6rmFEmXtjn8Nj/69tRz/W6ZKMcu5QGA6LPm8To45yKfX5LpHkM4X0DN
QNqL48nR0M/ml4cxo6f/3qqcU3QnBLNW3uwb5/TJzKcjVb+hNwGU8X1Uzdeg5B4R
PFfCGaXbZoYQcwY1+mDx50YqrnoMeoqa8EoUryHxRaMGI7JWDb1An5QhzZJtdmv0
BCIbhg3CD7FX9gecc7qDWTLHKcK8G3FCh0sAddQcKM5RanBm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:09 2024 by rpki-client on console-fra.rpki-client.org