Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/4HtAZMvEEnWssxQdRkOo4mfXcvc.roa
File: 4HtAZMvEEnWssxQdRkOo4mfXcvc.roa (raw, json)
Hash identifier: XvhHq5Ccw6ISy9cE7kUu/sYPxnSOQupzeM2XrzW3j20=
Subject key identifier: E0:7B:40:64:CB:C4:12:75:AC:B3:14:1D:46:43:A8:E2:67:D7:72:F7
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0185738FED585BBFCBBE1D5AFC92CCED3541
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/4HtAZMvEEnWssxQdRkOo4mfXcvc.roa
Signing time: Mon 02 Jan 2023 17:38:10 +0000
ROA not before: Mon 02 Jan 2023 17:38:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51999
IP address blocks: 2a0b:b83:d5::/48 maxlen: 48
2a0b:b83:d6::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:8f:ed:58:5b:bf:cb:be:1d:5a:fc:92:cc:ed:35:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 17:38:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e07b4064cbc41275acb3141d4643a8e267d772f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:fd:99:42:ae:be:0f:d5:64:0b:90:3a:68:78:
c3:26:ef:a6:57:95:cf:08:6f:5a:a4:14:9d:0b:d3:
b7:01:7e:47:2b:35:a3:d9:05:bd:73:33:5e:0d:dc:
56:b7:fb:af:3e:ea:0a:7f:66:24:f7:92:46:0d:c4:
88:f3:c2:ac:89:35:02:ee:88:cb:50:45:25:52:07:
50:16:46:db:12:3a:4d:94:07:71:e7:dd:8e:e8:5c:
a4:61:ae:f8:95:64:0a:1e:d1:ff:ee:d6:60:d7:71:
c8:98:d8:11:79:2a:4e:27:ee:41:7c:98:62:bb:ce:
86:80:cd:4a:2b:02:aa:79:96:f3:e3:4e:66:bc:20:
91:38:0c:b6:c2:76:91:cf:da:d2:2c:4c:7b:92:6b:
1d:25:2c:f4:4a:db:fa:d0:88:d8:c9:ce:16:ba:45:
3d:96:aa:78:57:9d:02:f0:ee:89:30:18:2d:74:56:
ed:ad:9d:d3:e3:f1:e7:61:af:c1:30:2c:a4:21:99:
0b:f1:0e:ad:19:bd:b2:e9:47:3a:78:a1:7c:61:e1:
49:87:ec:f1:1d:c2:f5:52:3d:e9:5d:5b:3f:33:8b:
7a:54:b1:80:f3:75:43:b7:b0:7f:4b:a4:f9:a3:fd:
69:72:f0:b3:79:32:60:df:39:a1:5c:84:ae:9c:f8:
91:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:7B:40:64:CB:C4:12:75:AC:B3:14:1D:46:43:A8:E2:67:D7:72:F7
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/4HtAZMvEEnWssxQdRkOo4mfXcvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b83:d5::-2a0b:b83:d6:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
8b:ad:db:96:c6:f7:5a:03:df:e0:68:5f:25:03:49:00:af:ac:
f5:f3:9f:5f:5f:aa:6e:57:18:51:bf:08:80:10:e6:f7:6e:43:
4f:1c:de:b9:24:c4:87:71:7c:06:5a:90:b4:e9:82:a3:95:73:
8f:52:99:a6:a8:4a:7d:bc:aa:6b:8c:ac:30:30:9d:b3:75:21:
75:15:93:19:6a:ad:21:98:d8:95:ba:75:91:96:78:5c:92:b9:
ee:f1:bd:21:a6:ac:f5:0d:12:ca:b3:02:ae:62:49:98:22:2f:
51:b0:ae:a1:a1:4b:68:fb:ab:43:1f:7b:1c:41:7a:24:65:61:
a3:3b:e1:70:72:ca:68:0a:7a:11:a6:cb:16:a3:9c:e3:65:dd:
a3:a6:59:e4:a8:41:69:41:0d:e5:6c:cf:5f:f0:16:84:0b:07:
47:1d:31:f2:d7:de:99:b8:25:2b:28:29:14:48:c0:7c:92:74:
4a:c7:f1:27:cd:9d:73:f2:f6:af:ce:8c:09:e1:b5:a2:16:70:
4a:d8:5f:82:d6:e2:fb:ce:38:fe:a2:3f:63:e3:36:2f:ca:18:
b8:7c:8a:5b:49:2b:94:91:d3:3f:02:fc:60:ad:a1:bc:59:76:
05:e6:38:a4:2e:3d:34:8e:6a:7e:72:3a:16:54:a8:51:50:6a:
e6:cb:99:6a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVzj+1YW7/Lvh1a/JLM7TVBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDdiNDA2NGNiYzQxMjc1YWNiMzE0MWQ0NjQzYThlMjY3ZDc3MmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/2ZQq6+D9VkC5A6aHjDJu+mV5XP
CG9apBSdC9O3AX5HKzWj2QW9czNeDdxWt/uvPuoKf2Yk95JGDcSI88KsiTUC7ojL
UEUlUgdQFkbbEjpNlAdx592O6FykYa74lWQKHtH/7tZg13HImNgReSpOJ+5BfJhi
u86GgM1KKwKqeZbz405mvCCROAy2wnaRz9rSLEx7kmsdJSz0Stv60IjYyc4WukU9
lqp4V50C8O6JMBgtdFbtrZ3T4/HnYa/BMCykIZkL8Q6tGb2y6Uc6eKF8YeFJh+zx
HcL1Uj3pXVs/M4t6VLGA83VDt7B/S6T5o/1pcvCzeTJg3zmhXISunPiRGwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOB7QGTLxBJ1rLMUHUZDqOJn13L3MB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvNEh0QVpNdkVFbldzc3hRZFJrT280bWZYY3ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqCwuD
ANUDBwAqCwuDANYwDQYJKoZIhvcNAQELBQADggEBAIut25bG91oD3+BoXyUDSQCv
rPXzn19fqm5XGFG/CIAQ5vduQ08c3rkkxIdxfAZakLTpgqOVc49SmaaoSn28qmuM
rDAwnbN1IXUVkxlqrSGY2JW6dZGWeFySue7xvSGmrPUNEsqzAq5iSZgiL1GwrqGh
S2j7q0MfexxBeiRlYaM74XByymgKehGmyxajnONl3aOmWeSoQWlBDeVsz1/wFoQL
B0cdMfLX3pm4JSsoKRRIwHySdErH8SfNnXPy9q/OjAnhtaIWcErYX4LW4vvOOP6i
P2PjNi/KGLh8iltJK5SR0z8C/GCtobxZdgXmOKQuPTSOan5yOhZUqFFQaubLmWo=
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:20 2024 by rpki-client on console-fra.rpki-client.org