Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/yRbrKt_1P02AofhwgliuxgZfYzg.roa
File: yRbrKt_1P02AofhwgliuxgZfYzg.roa (raw, json)
Hash identifier: p+jgNwV3+WVyBEMpNS9BzmIqXWsAnXvggtDUveDpt+I=
Subject key identifier: C9:16:EB:2A:DF:F5:3F:4D:80:A1:F8:70:82:58:AE:C6:06:5F:63:38
Certificate issuer: /CN=9f0743496c7ff3effb870601139cad9d2f271e10
Certificate serial: 01857079727D365776172584BDA660A8C7C2
Authority key identifier: 9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/yRbrKt_1P02AofhwgliuxgZfYzg.roa
Signing time: Mon 02 Jan 2023 03:14:45 +0000
ROA not before: Mon 02 Jan 2023 03:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64404
IP address blocks: 2a05:2d01::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:72:7d:36:57:76:17:25:84:bd:a6:60:a8:c7:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0743496c7ff3effb870601139cad9d2f271e10
Validity
Not Before: Jan 2 03:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c916eb2adff53f4d80a1f8708258aec6065f6338
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:1e:22:e7:fd:d6:29:9a:b4:43:e5:b5:85:ce:
04:6c:26:f3:4c:3f:23:76:50:05:64:47:56:50:19:
b7:76:1f:d7:f7:ed:c9:c1:a5:4b:10:35:63:09:e0:
66:61:b4:35:d9:76:68:03:8f:af:7d:5c:0e:bc:0b:
8d:a2:64:11:72:9a:b7:14:e5:e3:12:5f:31:15:84:
21:44:f3:f6:8a:e2:7d:aa:bb:0b:47:76:7e:33:a5:
c6:43:4f:25:37:c2:e3:04:50:dc:86:a6:58:06:67:
be:45:14:f0:8e:a6:3c:bc:5f:dc:ea:11:d2:af:dc:
c6:e9:b8:95:95:ed:55:b0:d3:5d:46:4d:5a:b9:de:
e8:d9:d0:68:37:c0:73:cb:45:1d:33:b9:90:6b:e4:
f1:f0:1d:cf:3f:f9:e3:89:71:14:7e:00:20:f7:65:
f6:52:9c:77:a3:93:9c:c4:57:95:96:ae:be:9a:f9:
f4:97:47:17:49:16:99:f2:e2:39:a0:fb:c8:87:73:
77:66:94:53:35:ef:51:29:03:08:61:0f:67:ea:31:
c1:1d:db:a8:8c:eb:3d:e4:25:89:fd:65:3e:3d:d4:
42:bc:73:28:b7:ce:d4:27:b4:b3:44:ca:d1:49:df:
02:07:3c:dc:c0:85:29:7a:d8:61:b0:d7:01:a0:82:
15:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:16:EB:2A:DF:F5:3F:4D:80:A1:F8:70:82:58:AE:C6:06:5F:63:38
X509v3 Authority Key Identifier:
keyid:9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/yRbrKt_1P02AofhwgliuxgZfYzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:2d01::/32
Signature Algorithm: sha256WithRSAEncryption
88:f6:92:5f:a0:5e:62:b0:28:f1:8b:29:8e:94:c1:cb:a2:84:
51:e9:55:5b:46:73:97:37:87:27:4f:9d:dd:eb:59:f0:7d:4c:
c0:6e:14:bf:ee:9c:77:56:09:2e:4e:5c:ef:b7:a2:4e:34:bd:
7a:ad:d5:aa:be:aa:03:a9:1a:51:bc:76:d2:3b:8e:f4:ac:a2:
ab:02:d0:29:84:26:b0:6b:9f:42:85:d8:24:6b:b6:b5:7b:ff:
dc:b0:65:cd:3d:38:41:fe:94:6d:c3:66:05:28:3e:4a:71:08:
33:75:c1:c8:a7:0b:43:29:49:2d:4b:a9:9e:a3:33:92:56:95:
16:b0:4d:86:5e:9b:45:8e:f4:f8:c9:9f:d3:b3:ad:84:b6:10:
4c:d2:80:4b:c6:89:db:81:34:e8:7d:fc:0a:25:0d:fc:bf:7a:
10:d2:d6:d7:22:19:d9:53:6d:d8:f5:d4:cb:ca:b6:7d:bf:c8:
90:5f:cd:e5:34:e3:e2:f0:46:6e:1f:10:0a:29:e0:6c:b2:de:
5b:b5:68:d6:6e:3a:98:a6:d9:75:5e:bd:be:8f:9d:aa:2a:06:
ef:64:8a:b8:c7:df:5a:c2:f8:39:63:23:b1:b2:88:3f:6e:22:
79:7b:04:f8:1b:6e:7f:ca:64:86:7f:41:a9:df:1d:cd:4d:c7:
41:44:9b:46
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVweXJ9Nld2FyWEvaZgqMfCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDc0MzQ5NmM3ZmYzZWZmYjg3MDYwMTEzOWNhZDlkMmYy
NzFlMTAwHhcNMjMwMTAyMDMxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTE2ZWIyYWRmZjUzZjRkODBhMWY4NzA4MjU4YWVjNjA2NWY2MzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhR4i5/3WKZq0Q+W1hc4EbCbzTD8j
dlAFZEdWUBm3dh/X9+3JwaVLEDVjCeBmYbQ12XZoA4+vfVwOvAuNomQRcpq3FOXj
El8xFYQhRPP2iuJ9qrsLR3Z+M6XGQ08lN8LjBFDchqZYBme+RRTwjqY8vF/c6hHS
r9zG6biVle1VsNNdRk1aud7o2dBoN8Bzy0UdM7mQa+Tx8B3PP/njiXEUfgAg92X2
Upx3o5OcxFeVlq6+mvn0l0cXSRaZ8uI5oPvIh3N3ZpRTNe9RKQMIYQ9n6jHBHduo
jOs95CWJ/WU+PdRCvHMot87UJ7SzRMrRSd8CBzzcwIUpethhsNcBoIIV1wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMkW6yrf9T9NgKH4cIJYrsYGX2M4MB8GA1UdIwQY
MBaAFJ8HQ0lsf/Pv+4cGAROcrZ0vJx4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2Mt
NjM0MTEzNjdkOTBhLzEveVJickt0XzFQMDJBb2Zod2dsaXV4Z1pmWXpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2MtNjM0MTEzNjdkOTBh
LzEvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgUtATAN
BgkqhkiG9w0BAQsFAAOCAQEAiPaSX6BeYrAo8YspjpTBy6KEUelVW0ZzlzeHJ0+d
3etZ8H1MwG4Uv+6cd1YJLk5c77eiTjS9eq3Vqr6qA6kaUbx20juO9KyiqwLQKYQm
sGufQoXYJGu2tXv/3LBlzT04Qf6UbcNmBSg+SnEIM3XByKcLQylJLUupnqMzklaV
FrBNhl6bRY70+Mmf07OthLYQTNKAS8aJ24E06H38CiUN/L96ENLW1yIZ2VNt2PXU
y8q2fb/IkF/N5TTj4vBGbh8QCingbLLeW7Vo1m46mKbZdV69vo+dqioG72SKuMff
WsL4OWMjsbKIP24ieXsE+Btuf8pkhn9Bqd8dzU3HQUSbRg==
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:32 2024 by rpki-client on console-fra.rpki-client.org