Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/czUceA1HVQVBgLYQ1rSH7R9XOic.roa
File: czUceA1HVQVBgLYQ1rSH7R9XOic.roa (raw, json)
Hash identifier: q4wCzoIvRXdWD02PNM2iAgzVMsceZ33V/Z/rmZe8v14=
Subject key identifier: 73:35:1C:78:0D:47:55:05:41:80:B6:10:D6:B4:87:ED:1F:57:3A:27
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 01874670007E1EC2981532A94FE5719B4BDA
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/czUceA1HVQVBgLYQ1rSH7R9XOic.roa
Signing time: Mon 03 Apr 2023 09:25:57 +0000
ROA not before: Mon 03 Apr 2023 09:25:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212477
IP address blocks: 2a0b:7080::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:46:70:00:7e:1e:c2:98:15:32:a9:4f:e5:71:9b:4b:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Apr 3 09:25:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73351c780d4755054180b610d6b487ed1f573a27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b1:c1:83:7a:70:5a:50:79:be:45:15:03:76:
1b:fd:d4:9c:e8:23:ac:e5:a3:a8:a0:b2:1e:95:e5:
53:4b:1c:74:ae:cd:b0:c1:e4:35:09:ed:71:1f:4e:
29:e7:b7:7a:65:c5:3a:64:b4:49:55:7a:93:a6:50:
ab:25:d8:73:38:d0:e7:6e:99:91:fa:0d:8f:e8:3a:
62:fb:a0:de:13:43:7a:4e:70:1d:86:77:56:96:fd:
3d:61:1e:f3:7b:f7:43:94:9e:63:d0:88:75:cc:82:
88:e4:c5:57:94:cf:87:ef:72:6e:d9:84:e3:19:6e:
e1:98:f8:a9:45:69:a9:95:bc:45:97:74:11:a7:fb:
00:35:72:3e:ae:ef:08:d9:cd:a2:45:fe:76:1a:30:
24:fe:64:30:8e:dd:01:c6:b0:9b:11:7f:0e:0f:b9:
55:ef:51:d4:ef:7c:c6:bc:7b:dc:d0:10:30:c6:c4:
cb:39:14:cb:3d:ea:99:fb:3c:8a:ec:f2:d3:71:82:
83:0a:0c:83:9b:f3:87:67:8a:28:d0:59:34:44:22:
b2:fa:88:e8:ab:87:30:9c:af:8f:5f:96:ee:78:64:
a1:d8:98:2b:60:b7:c6:a3:62:9f:76:81:de:cb:d4:
39:38:3a:75:e0:74:f9:f2:fb:76:0d:03:1c:09:f7:
4f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:35:1C:78:0D:47:55:05:41:80:B6:10:D6:B4:87:ED:1F:57:3A:27
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/czUceA1HVQVBgLYQ1rSH7R9XOic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:7080::/29
Signature Algorithm: sha256WithRSAEncryption
72:29:34:30:c8:46:47:3b:f1:6f:34:e5:7f:30:cd:15:ab:51:
ff:f9:c0:bf:20:d1:ee:e0:3c:f0:cc:bb:9d:17:a7:aa:2d:14:
b6:6f:2a:22:3e:ed:d6:33:99:79:c3:2a:d0:03:f4:b0:d8:6a:
b8:c7:e2:76:50:68:db:1f:1b:af:49:7d:7e:4e:c8:98:6f:99:
f6:9f:bb:95:c0:6d:e9:cc:d2:16:2a:79:24:b3:c5:bc:6e:1c:
4d:b3:59:78:a9:4f:18:65:d3:2a:83:6d:7d:dd:47:c5:c8:2e:
2a:39:ad:df:39:bd:08:fb:70:e8:47:31:8e:66:f8:a4:58:a3:
de:61:45:88:b5:75:32:5d:87:ac:4f:bf:dc:2f:17:e0:c4:c5:
dd:48:18:1b:5b:78:f2:ef:b3:05:26:ba:ad:6c:51:e5:df:64:
c4:e9:39:72:a9:5d:36:46:49:c3:59:21:5e:7f:fa:8d:14:be:
4e:02:3c:89:a0:14:e0:cb:e3:00:5a:b7:cc:fb:b9:95:18:72:
9b:b1:b1:a7:bf:b0:7f:a1:f1:ee:8b:c4:0c:89:2d:6c:ea:1d:
c5:d2:59:3d:d0:02:f5:1b:24:3b:05:16:67:4d:6e:73:87:63:
09:54:b5:cc:05:31:65:a3:9b:40:ea:e7:55:39:e8:68:e8:bc:
8f:d5:c9:bc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYdGcAB+HsKYFTKpT+Vxm0vaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwNDAzMDkyNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzM1MWM3ODBkNDc1NTA1NDE4MGI2MTBkNmI0ODdlZDFmNTczYTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurHBg3pwWlB5vkUVA3Yb/dSc6COs
5aOooLIeleVTSxx0rs2wweQ1Ce1xH04p57d6ZcU6ZLRJVXqTplCrJdhzONDnbpmR
+g2P6Dpi+6DeE0N6TnAdhndWlv09YR7ze/dDlJ5j0Ih1zIKI5MVXlM+H73Ju2YTj
GW7hmPipRWmplbxFl3QRp/sANXI+ru8I2c2iRf52GjAk/mQwjt0BxrCbEX8OD7lV
71HU73zGvHvc0BAwxsTLORTLPeqZ+zyK7PLTcYKDCgyDm/OHZ4oo0Fk0RCKy+ojo
q4cwnK+PX5bueGSh2JgrYLfGo2KfdoHey9Q5ODp14HT58vt2DQMcCfdPbQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHM1HHgNR1UFQYC2ENa0h+0fVzonMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvY3pVY2VBMUhWUVZCZ0xZUTFyU0g3UjlYT2ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgtwgDAN
BgkqhkiG9w0BAQsFAAOCAQEAcik0MMhGRzvxbzTlfzDNFatR//nAvyDR7uA88My7
nRenqi0Utm8qIj7t1jOZecMq0AP0sNhquMfidlBo2x8br0l9fk7ImG+Z9p+7lcBt
6czSFip5JLPFvG4cTbNZeKlPGGXTKoNtfd1HxcguKjmt3zm9CPtw6Ecxjmb4pFij
3mFFiLV1Ml2HrE+/3C8X4MTF3UgYG1t48u+zBSa6rWxR5d9kxOk5cqldNkZJw1kh
Xn/6jRS+TgI8iaAU4MvjAFq3zPu5lRhym7Gxp7+wf6Hx7ovEDIktbOodxdJZPdAC
9RskOwUWZ01uc4djCVS1zAUxZaObQOrnVTnoaOi8j9XJvA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:34 2024 by rpki-client on console-ams.rpki-client.org