Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/5ZQVYhhdEyhpRbYJ2iH8Oq1-Kog.roa
File: 5ZQVYhhdEyhpRbYJ2iH8Oq1-Kog.roa (raw, json)
Hash identifier: +ufW0+MND9QsMctp1HWCCzpFC+y3Ag1L8/PYyrWG+D0=
Subject key identifier: E5:94:15:62:18:5D:13:28:69:45:B6:09:DA:21:FC:3A:AD:7E:2A:88
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018573901998D733CED777362369EF2488E5
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/5ZQVYhhdEyhpRbYJ2iH8Oq1-Kog.roa
Signing time: Mon 02 Jan 2023 17:38:21 +0000
ROA not before: Mon 02 Jan 2023 17:38:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398355
IP address blocks: 2a0b:b87:ffbd::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:90:19:98:d7:33:ce:d7:77:36:23:69:ef:24:88:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 17:38:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5941562185d13286945b609da21fc3aad7e2a88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:bf:8b:b1:ff:6b:f1:f9:89:a3:1b:36:47:15:
10:4a:95:1a:9b:79:3f:69:83:f3:a5:bd:6f:5c:5b:
77:c8:03:25:80:9b:77:ec:45:e8:6d:77:91:79:e1:
2d:53:a1:07:8a:5b:3c:f2:39:52:c4:94:3a:ca:da:
d1:c3:76:42:bc:94:ad:9d:9c:1e:92:b2:7a:a2:dc:
f6:bf:5e:8a:75:38:90:d1:68:1e:16:6f:36:9f:a6:
80:49:1c:29:ba:d5:12:91:2f:45:aa:45:3a:38:28:
f1:a3:ff:15:d0:41:0f:23:a1:35:f7:90:52:11:07:
11:cb:79:bd:ae:2f:71:4f:db:28:fa:23:cd:5f:40:
9c:24:5f:92:bd:64:c2:0b:97:34:ea:2a:05:22:c6:
e8:f0:0d:96:06:72:02:2e:d7:0c:98:e5:ec:d9:7d:
cd:bc:68:d9:89:0b:2e:81:b0:45:49:3b:1c:51:2e:
c3:bf:8e:bc:72:27:92:22:f1:28:03:50:a6:16:d1:
8e:1f:57:9f:b5:54:7f:ea:c9:74:62:e3:ba:40:79:
e1:b5:6f:b5:dc:a8:f4:0c:af:b6:91:92:bd:7f:92:
52:10:78:cc:91:89:29:64:1f:2f:02:c8:b7:d2:af:
3b:d9:37:e9:c2:58:1f:b9:29:cd:c9:f4:c2:fd:13:
56:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:94:15:62:18:5D:13:28:69:45:B6:09:DA:21:FC:3A:AD:7E:2A:88
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/5ZQVYhhdEyhpRbYJ2iH8Oq1-Kog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b87:ffbd::/48
Signature Algorithm: sha256WithRSAEncryption
da:07:50:9c:de:ea:6e:b6:0c:48:4e:2f:e6:f3:92:25:9c:6f:
e2:57:16:41:1f:15:18:73:de:b8:b0:92:33:d3:02:ac:b7:d9:
6d:9a:da:69:ae:44:79:7e:ff:d8:cc:5f:22:ee:84:96:f8:e8:
9a:2d:2e:5f:a5:75:a3:dd:4a:fb:da:91:15:93:7f:51:9c:7f:
18:68:dd:52:60:6c:72:a8:f4:93:c2:43:a0:c1:af:d2:c1:91:
a2:51:b7:03:7d:19:32:fe:4b:70:3a:c6:ed:b5:fe:e5:af:49:
d0:6a:52:19:eb:51:84:de:e4:6d:57:aa:67:a1:ae:6b:23:19:
41:4a:da:9d:4d:b1:8e:5b:45:59:7a:b8:d4:c1:25:ba:51:5f:
66:b5:6a:7a:6e:61:69:03:1a:6d:ef:39:99:31:19:07:20:b4:
6c:7f:7b:66:96:cc:d5:66:ac:66:f1:0a:2a:dd:e0:73:21:86:
ae:d2:ec:54:45:01:b3:26:6c:4f:db:db:f9:27:5b:67:67:9c:
fd:38:4c:ef:45:b0:8c:2b:98:f0:47:2c:1c:30:d8:b8:4c:b0:
bb:06:f9:c1:a4:86:71:0c:c4:c1:07:0a:9c:df:71:1a:64:fe:
51:13:e7:35:d2:54:d0:3b:c0:a8:2a:bb:21:6c:ce:3f:cc:ff:
40:e1:a2:02
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzkBmY1zPO13c2I2nvJIjlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTk0MTU2MjE4NWQxMzI4Njk0NWI2MDlkYTIxZmMzYWFkN2UyYTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhb+Lsf9r8fmJoxs2RxUQSpUam3k/
aYPzpb1vXFt3yAMlgJt37EXobXeReeEtU6EHils88jlSxJQ6ytrRw3ZCvJStnZwe
krJ6otz2v16KdTiQ0WgeFm82n6aASRwputUSkS9FqkU6OCjxo/8V0EEPI6E195BS
EQcRy3m9ri9xT9so+iPNX0CcJF+SvWTCC5c06ioFIsbo8A2WBnICLtcMmOXs2X3N
vGjZiQsugbBFSTscUS7Dv468cieSIvEoA1CmFtGOH1eftVR/6sl0YuO6QHnhtW+1
3Kj0DK+2kZK9f5JSEHjMkYkpZB8vAsi30q872TfpwlgfuSnNyfTC/RNWWwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOWUFWIYXRMoaUW2Cdoh/DqtfiqIMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvNVpRVlloaGRFeWhwUmJZSjJpSDhPcTEtS29nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLh/+9
MA0GCSqGSIb3DQEBCwUAA4IBAQDaB1Cc3uputgxITi/m85IlnG/iVxZBHxUYc964
sJIz0wKst9ltmtpprkR5fv/YzF8i7oSW+OiaLS5fpXWj3Ur72pEVk39RnH8YaN1S
YGxyqPSTwkOgwa/SwZGiUbcDfRky/ktwOsbttf7lr0nQalIZ61GE3uRtV6pnoa5r
IxlBStqdTbGOW0VZerjUwSW6UV9mtWp6bmFpAxpt7zmZMRkHILRsf3tmlszVZqxm
8Qoq3eBzIYau0uxURQGzJmxP29v5J1tnZ5z9OEzvRbCMK5jwRywcMNi4TLC7BvnB
pIZxDMTBBwqc33EaZP5RE+c10lTQO8CoKrshbM4/zP9A4aIC
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:34 2024 by rpki-client on console-ams.rpki-client.org