Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/EHjKDUho5ziaqzoU9kMGN5QZHBA.roa
File: EHjKDUho5ziaqzoU9kMGN5QZHBA.roa (raw, json)
Hash identifier: 7E5YGWwLYONkviz70s/FinfFxb9iYpu41lUZ3u9PWLM=
Subject key identifier: 10:78:CA:0D:48:68:E7:38:9A:AB:3A:14:F6:43:06:37:94:19:1C:10
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0185738FE338C6EC1A4BE63B8087B36FA407
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/EHjKDUho5ziaqzoU9kMGN5QZHBA.roa
Signing time: Mon 02 Jan 2023 17:38:07 +0000
ROA not before: Mon 02 Jan 2023 17:38:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34692
IP address blocks: 2a0b:b86:12::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:8f:e3:38:c6:ec:1a:4b:e6:3b:80:87:b3:6f:a4:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 17:38:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1078ca0d4868e7389aab3a14f643063794191c10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:0c:76:10:d3:57:9e:e3:df:80:55:c0:b2:cd:
8d:97:b1:79:0d:df:4d:96:26:70:bf:80:1e:8a:14:
2c:49:6d:5b:20:46:97:f3:0e:5c:a9:03:fc:92:b5:
67:a0:61:eb:8a:b5:c4:84:98:c3:fa:18:9c:22:4a:
22:00:37:a0:b6:a5:35:ed:bd:38:02:3d:cf:21:8f:
1d:d5:a7:8e:6b:9b:22:d9:16:88:6c:61:e1:23:a4:
d5:b0:8f:b3:da:bb:60:10:43:78:05:08:3e:6e:99:
6e:e9:dd:02:73:d3:4d:a2:fc:fb:1c:c0:b7:67:a4:
9c:3b:34:07:97:16:ce:b4:48:3e:8e:25:b8:7f:3d:
2c:9e:af:2f:9c:52:4c:89:e5:60:a7:fe:63:c4:f5:
cf:5d:cd:94:18:c4:2f:08:d1:44:db:0f:b3:20:de:
61:c5:18:c5:19:dc:6a:24:d5:99:5d:c1:33:0b:f3:
f1:e7:62:69:1f:97:fe:d3:16:c5:3f:0b:76:d6:c4:
97:95:55:6a:c8:51:bb:67:2c:ec:8c:58:f8:c2:bd:
fa:b7:c2:7b:d8:2b:cd:ac:8d:f0:7e:05:2b:00:bb:
3a:78:6b:a7:d3:32:f3:dc:3a:2d:55:25:58:e2:cc:
9c:b7:03:1a:ee:c0:03:b5:64:79:43:41:36:75:7f:
ed:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:78:CA:0D:48:68:E7:38:9A:AB:3A:14:F6:43:06:37:94:19:1C:10
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/EHjKDUho5ziaqzoU9kMGN5QZHBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b86:12::/48
Signature Algorithm: sha256WithRSAEncryption
47:92:69:dd:13:b0:86:fc:1f:b2:54:73:03:72:61:95:df:fe:
a9:0d:0a:67:17:93:58:64:7a:51:1c:6c:d1:1a:c3:e9:b7:1d:
82:8e:c9:25:f4:a2:80:02:06:7e:36:1c:93:ca:59:e1:90:61:
15:28:3f:55:57:37:7d:dd:cb:82:9d:f0:ac:b5:42:51:56:83:
b4:ac:d6:64:af:46:a2:08:a3:cc:16:7f:5e:2f:53:67:8d:7a:
34:67:97:06:0c:2c:f8:00:2b:9b:95:d5:52:44:c6:e9:b2:41:
91:db:2c:9a:a2:d3:5c:d9:ce:8c:ec:2e:1c:c1:da:34:74:80:
0a:1a:9a:76:bf:16:8f:17:7e:66:fd:ad:6d:1c:92:7d:32:35:
a5:b6:9b:c6:3b:ff:05:0d:95:43:83:4a:21:59:27:20:cf:7b:
2c:07:be:26:c6:b9:ed:d4:1b:67:e3:01:e0:e5:1a:f3:46:e6:
84:69:8f:87:df:89:51:4a:2f:bb:3d:22:25:87:b0:9f:f4:cf:
58:a1:4e:e1:0e:ed:2e:00:4e:9b:08:b0:f1:12:68:7e:0b:93:
29:c5:94:b9:f6:a0:e0:2f:e7:e8:da:64:cd:cd:17:6d:f1:42:
f0:6e:74:9f:87:c8:d8:bd:84:d2:8c:f3:65:78:6d:2d:0a:cb:
39:c6:40:12
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzj+M4xuwaS+Y7gIezb6QHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDc4Y2EwZDQ4NjhlNzM4OWFhYjNhMTRmNjQzMDYzNzk0MTkxYzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQx2ENNXnuPfgFXAss2Nl7F5Dd9N
liZwv4AeihQsSW1bIEaX8w5cqQP8krVnoGHrirXEhJjD+hicIkoiADegtqU17b04
Aj3PIY8d1aeOa5si2RaIbGHhI6TVsI+z2rtgEEN4BQg+bplu6d0Cc9NNovz7HMC3
Z6ScOzQHlxbOtEg+jiW4fz0snq8vnFJMieVgp/5jxPXPXc2UGMQvCNFE2w+zIN5h
xRjFGdxqJNWZXcEzC/Px52JpH5f+0xbFPwt21sSXlVVqyFG7ZyzsjFj4wr36t8J7
2CvNrI3wfgUrALs6eGun0zLz3DotVSVY4syctwMa7sADtWR5Q0E2dX/tLQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBB4yg1IaOc4mqs6FPZDBjeUGRwQMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvRUhqS0RVaG81emlhcXpvVTlrTUdONVFaSEJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLhgAS
MA0GCSqGSIb3DQEBCwUAA4IBAQBHkmndE7CG/B+yVHMDcmGV3/6pDQpnF5NYZHpR
HGzRGsPptx2Cjskl9KKAAgZ+NhyTylnhkGEVKD9VVzd93cuCnfCstUJRVoO0rNZk
r0aiCKPMFn9eL1NnjXo0Z5cGDCz4ACubldVSRMbpskGR2yyaotNc2c6M7C4cwdo0
dIAKGpp2vxaPF35m/a1tHJJ9MjWltpvGO/8FDZVDg0ohWScgz3ssB74mxrnt1Btn
4wHg5RrzRuaEaY+H34lRSi+7PSIlh7Cf9M9YoU7hDu0uAE6bCLDxEmh+C5MpxZS5
9qDgL+fo2mTNzRdt8ULwbnSfh8jYvYTSjPNleG0tCss5xkAS
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:20 2024 by rpki-client on console-fra.rpki-client.org