Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/X5VCWR-la5c2CtbwoYxBzotlGx8.roa
File: X5VCWR-la5c2CtbwoYxBzotlGx8.roa (raw, json)
Hash identifier: TDLaxIGbm6IhUtR+JdimZA6YKY5L7KF9m8r8HDZ70NI=
Subject key identifier: 5F:95:42:59:1F:A5:6B:97:36:0A:D6:F0:A1:8C:41:CE:8B:65:1B:1F
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0185738FE95C7297EEBB310E9AFA625F8B22
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/X5VCWR-la5c2CtbwoYxBzotlGx8.roa
Signing time: Mon 02 Jan 2023 17:38:09 +0000
ROA not before: Mon 02 Jan 2023 17:38:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44754
IP address blocks: 2a0b:b87:ffe8::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:8f:e9:5c:72:97:ee:bb:31:0e:9a:fa:62:5f:8b:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 17:38:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f9542591fa56b97360ad6f0a18c41ce8b651b1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:83:f6:57:03:b9:4e:e8:a8:04:9a:27:77:a5:
3a:95:b3:57:92:6d:34:5e:b3:5e:7e:a6:6e:cc:b3:
56:03:da:05:b2:c7:23:37:72:ca:40:cd:8f:29:ab:
7c:48:14:d4:b1:50:e1:c6:ff:8c:e8:d5:9b:87:7c:
7c:f3:37:87:06:bd:cd:51:da:b0:d0:1e:0b:c0:b0:
f1:72:c8:28:42:b5:e4:ca:38:ba:a0:03:c4:b8:22:
91:94:91:68:fc:60:05:b2:ba:04:b3:37:06:6b:14:
65:c6:f2:de:08:cd:48:98:f5:00:7e:1d:aa:f6:42:
88:09:16:d9:ad:18:f8:23:86:7a:49:10:4a:59:bb:
81:0b:52:23:6c:fc:a3:9f:bc:50:f0:6c:90:b4:ab:
6d:fc:ad:53:2e:ea:fc:96:5f:44:68:ad:9a:4a:93:
2d:0e:fe:54:da:c7:e8:6c:6d:4b:53:19:a9:4f:1a:
93:20:ca:f3:c5:9b:ec:32:6a:aa:4c:a9:33:fd:31:
4d:f4:54:64:14:e3:2c:a8:83:32:50:eb:e9:0a:a6:
1c:44:08:82:01:62:fc:8b:ce:e4:28:84:72:c7:e0:
b9:be:1d:cd:9f:74:88:1f:02:95:6e:2a:cd:85:fb:
cd:5e:54:70:52:3e:6d:68:f0:0f:c6:32:b5:0a:74:
f1:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:95:42:59:1F:A5:6B:97:36:0A:D6:F0:A1:8C:41:CE:8B:65:1B:1F
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/X5VCWR-la5c2CtbwoYxBzotlGx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b87:ffe8::/48
Signature Algorithm: sha256WithRSAEncryption
46:19:dd:b5:d1:76:3c:05:24:63:b4:92:06:4c:7b:e6:62:e8:
66:e7:d3:88:df:7c:0a:e1:06:5e:7b:51:12:c5:0d:35:db:fb:
09:95:28:76:93:56:e1:6e:6e:39:be:b1:f6:be:86:7b:9e:ba:
a6:46:e8:d6:4b:8f:01:26:c3:11:da:4b:46:79:a9:ae:fa:3f:
28:03:3c:b5:5e:95:9e:9f:19:c9:b1:a9:3e:79:8d:8a:c6:11:
3d:1d:33:59:25:f1:00:70:9c:09:77:cc:dd:18:45:10:24:f4:
fc:77:b3:ce:76:27:50:68:62:96:4b:eb:dc:32:8e:18:73:43:
ea:dd:3a:3c:da:1f:af:50:27:2c:a6:12:86:a2:88:47:2b:df:
a1:fd:3f:8f:6e:10:b6:2c:90:48:51:54:2e:bb:53:dd:2d:04:
c6:4e:4c:50:7c:3d:00:d8:87:04:12:e6:cf:42:46:ab:0c:9c:
a6:1a:d0:40:3e:91:de:10:c7:f3:90:02:99:98:92:37:7f:92:
1a:4e:51:49:c2:14:e0:2e:c7:db:54:9b:4d:2e:71:5c:77:ac:
95:9a:ff:74:9f:69:6d:58:73:7d:ba:6b:e6:21:ad:87:c5:a6:
a8:14:04:3c:b8:1b:f8:04:bd:b3:ee:68:dc:4e:2b:ae:38:00:
19:b5:95:c7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzj+lccpfuuzEOmvpiX4siMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Zjk1NDI1OTFmYTU2Yjk3MzYwYWQ2ZjBhMThjNDFjZThiNjUxYjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4P2VwO5TuioBJond6U6lbNXkm00
XrNefqZuzLNWA9oFsscjN3LKQM2PKat8SBTUsVDhxv+M6NWbh3x88zeHBr3NUdqw
0B4LwLDxcsgoQrXkyji6oAPEuCKRlJFo/GAFsroEszcGaxRlxvLeCM1ImPUAfh2q
9kKICRbZrRj4I4Z6SRBKWbuBC1IjbPyjn7xQ8GyQtKtt/K1TLur8ll9EaK2aSpMt
Dv5U2sfobG1LUxmpTxqTIMrzxZvsMmqqTKkz/TFN9FRkFOMsqIMyUOvpCqYcRAiC
AWL8i87kKIRyx+C5vh3Nn3SIHwKVbirNhfvNXlRwUj5taPAPxjK1CnTxFQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFF+VQlkfpWuXNgrW8KGMQc6LZRsfMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvWDVWQ1dSLWxhNWMyQ3Rid29ZeEJ6b3RsR3g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLh//o
MA0GCSqGSIb3DQEBCwUAA4IBAQBGGd210XY8BSRjtJIGTHvmYuhm59OI33wK4QZe
e1ESxQ012/sJlSh2k1bhbm45vrH2voZ7nrqmRujWS48BJsMR2ktGeamu+j8oAzy1
XpWenxnJsak+eY2KxhE9HTNZJfEAcJwJd8zdGEUQJPT8d7POdidQaGKWS+vcMo4Y
c0Pq3To82h+vUCcsphKGoohHK9+h/T+PbhC2LJBIUVQuu1PdLQTGTkxQfD0A2IcE
EubPQkarDJymGtBAPpHeEMfzkAKZmJI3f5IaTlFJwhTgLsfbVJtNLnFcd6yVmv90
n2ltWHN9umvmIa2HxaaoFAQ8uBv4BL2z7mjcTiuuOAAZtZXH
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:20 2024 by rpki-client on console-fra.rpki-client.org