Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/8FdcntVK-lY4TVHluPbe04b3LcQ.roa
File: 8FdcntVK-lY4TVHluPbe04b3LcQ.roa (raw, json)
Hash identifier: BVgqd2qEbrHPz9vhdLG+c+NS8dotFeVPyBjmhOWvIvo=
Subject key identifier: F0:57:5C:9E:D5:4A:FA:56:38:4D:51:E5:B8:F6:DE:D3:86:F7:2D:C4
Certificate issuer: /CN=9f0743496c7ff3effb870601139cad9d2f271e10
Certificate serial: 018570796E06B8F9BB863CB66E4A7711110E
Authority key identifier: 9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/8FdcntVK-lY4TVHluPbe04b3LcQ.roa
Signing time: Mon 02 Jan 2023 03:14:44 +0000
ROA not before: Mon 02 Jan 2023 03:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 2a05:2d07::/32 maxlen: 32
2a03:4a81::/32 maxlen: 32
2a04:a147::/32 maxlen: 32
2a06:3e87::/32 maxlen: 32
2a04:a142::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:6e:06:b8:f9:bb:86:3c:b6:6e:4a:77:11:11:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0743496c7ff3effb870601139cad9d2f271e10
Validity
Not Before: Jan 2 03:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f0575c9ed54afa56384d51e5b8f6ded386f72dc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:6f:eb:f3:d4:72:f0:17:6e:a4:35:73:96:57:
22:a2:44:ba:c0:c2:8d:af:d3:3f:69:93:45:e9:1e:
b0:da:a7:57:f5:e4:e3:fc:48:01:a4:77:7e:45:67:
8f:d6:15:5c:fd:4c:a2:1f:70:51:64:3b:b8:84:fa:
be:59:16:cc:57:2a:5c:c6:04:ae:eb:e0:d9:8d:03:
93:16:e0:62:6c:2b:b5:c1:48:ba:68:e4:ce:ff:c2:
03:02:01:ec:15:59:2f:1e:fa:cf:11:b9:84:32:3c:
53:cc:a5:4c:e2:a1:c2:64:1a:32:4d:42:ee:8c:b0:
f8:da:c1:a1:2e:a2:56:3d:c9:d7:f6:53:1e:5b:b6:
0b:4e:37:8b:69:1b:9f:f5:c4:52:64:2b:00:3d:3a:
0f:7a:8c:3a:69:22:0c:26:8f:37:5f:9a:c7:37:0a:
6e:d8:50:79:70:e4:11:de:fa:79:3c:7e:ce:ae:68:
3b:64:b1:c8:cf:33:e3:c8:d7:33:ba:92:7b:c1:a0:
f3:93:c1:57:a5:23:5b:84:94:da:9f:7a:5b:3c:8a:
2a:d4:79:18:c8:13:3f:0e:d0:30:14:fa:e6:dc:ce:
e1:d6:63:d7:5f:9a:12:90:9e:46:93:4f:8d:ee:cf:
99:7e:9f:c2:56:fc:92:a3:24:a9:55:dd:fa:0f:31:
45:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:57:5C:9E:D5:4A:FA:56:38:4D:51:E5:B8:F6:DE:D3:86:F7:2D:C4
X509v3 Authority Key Identifier:
keyid:9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/8FdcntVK-lY4TVHluPbe04b3LcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:4a81::/32
2a04:a142::/32
2a04:a147::/32
2a05:2d07::/32
2a06:3e87::/32
Signature Algorithm: sha256WithRSAEncryption
79:f9:bb:a8:2b:5e:28:ec:01:c2:0c:a4:18:6c:21:14:4a:2b:
5f:cc:23:5a:7f:e0:38:1b:3f:49:b2:13:2a:58:74:d4:11:36:
26:c3:75:bc:16:cb:8d:88:48:6d:e5:f0:db:bc:0b:32:fb:ac:
ec:8c:2a:4a:92:df:e5:db:cb:a4:ac:9a:d0:75:27:45:4b:20:
55:c6:3a:46:d6:10:53:6a:b8:69:ed:2f:67:73:e3:2a:14:34:
68:2e:11:b8:72:33:12:b5:f6:68:d2:66:f8:19:15:aa:85:20:
b2:16:30:61:78:d8:59:e2:c8:e6:f5:ff:17:17:06:05:c1:56:
8f:78:a1:29:18:00:18:15:1d:44:a7:0c:fd:02:a0:4b:40:3f:
84:07:8b:12:30:e7:df:06:51:15:a6:0b:a2:5b:ed:7d:d8:fe:
a8:8a:fa:4d:cd:fd:2b:b4:ef:8f:d5:6d:9d:94:01:c1:72:d5:
1b:f4:25:a9:50:ed:72:a3:4e:cd:b0:22:0c:8e:43:d4:9a:2f:
db:ee:9d:8b:96:55:62:3f:da:84:b9:e4:88:6f:cf:14:4f:c1:
9c:d6:03:dc:45:8b:61:c6:1e:b9:a5:d0:0c:04:73:0d:d9:06:
79:af:5c:cb:c9:48:41:1b:a3:04:de:84:f2:a4:c1:f1:a0:cf:
d4:62:72:46
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVweW4GuPm7hjy2bkp3EREOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDc0MzQ5NmM3ZmYzZWZmYjg3MDYwMTEzOWNhZDlkMmYy
NzFlMTAwHhcNMjMwMTAyMDMxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDU3NWM5ZWQ1NGFmYTU2Mzg0ZDUxZTViOGY2ZGVkMzg2ZjcyZGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtm/r89Ry8BdupDVzllciokS6wMKN
r9M/aZNF6R6w2qdX9eTj/EgBpHd+RWeP1hVc/UyiH3BRZDu4hPq+WRbMVypcxgSu
6+DZjQOTFuBibCu1wUi6aOTO/8IDAgHsFVkvHvrPEbmEMjxTzKVM4qHCZBoyTULu
jLD42sGhLqJWPcnX9lMeW7YLTjeLaRuf9cRSZCsAPToPeow6aSIMJo83X5rHNwpu
2FB5cOQR3vp5PH7Ormg7ZLHIzzPjyNczupJ7waDzk8FXpSNbhJTan3pbPIoq1HkY
yBM/DtAwFPrm3M7h1mPXX5oSkJ5Gk0+N7s+Zfp/CVvySoySpVd36DzFFfwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFPBXXJ7VSvpWOE1R5bj23tOG9y3EMB8GA1UdIwQY
MBaAFJ8HQ0lsf/Pv+4cGAROcrZ0vJx4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2Mt
NjM0MTEzNjdkOTBhLzEvOEZkY250VkstbFk0VFZIbHVQYmUwNGIzTGNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2MtNjM0MTEzNjdkOTBh
LzEvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUAKgNKgQMF
ACoEoUIDBQAqBKFHAwUAKgUtBwMFACoGPocwDQYJKoZIhvcNAQELBQADggEBAHn5
u6grXijsAcIMpBhsIRRKK1/MI1p/4DgbP0myEypYdNQRNibDdbwWy42ISG3l8Nu8
CzL7rOyMKkqS3+Xby6SsmtB1J0VLIFXGOkbWEFNquGntL2dz4yoUNGguEbhyMxK1
9mjSZvgZFaqFILIWMGF42FniyOb1/xcXBgXBVo94oSkYABgVHUSnDP0CoEtAP4QH
ixIw598GURWmC6Jb7X3Y/qiK+k3N/Su074/VbZ2UAcFy1Rv0JalQ7XKjTs2wIgyO
Q9SaL9vunYuWVWI/2oS55IhvzxRPwZzWA9xFi2HGHrml0AwEcw3ZBnmvXMvJSEEb
owTehPKkwfGgz9RickY=
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:31 2024 by rpki-client on console-fra.rpki-client.org