Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/da5ucla4rjO5k7gyQOmRAzaesxw.roa
File: da5ucla4rjO5k7gyQOmRAzaesxw.roa (raw, json)
Hash identifier: n/Y5jDNfA1V4OuAbnidew/QUaiYlrN62iYEnNRyqpqE=
Subject key identifier: 75:AE:6E:72:56:B8:AE:33:B9:93:B8:32:40:E9:91:03:36:9E:B3:1C
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018806A18825E796561CAD07D1AEADD19117
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/da5ucla4rjO5k7gyQOmRAzaesxw.roa
Signing time: Wed 10 May 2023 17:07:09 +0000
ROA not before: Wed 10 May 2023 17:07:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 63023
IP address blocks: 2a0e:c7c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:06:a1:88:25:e7:96:56:1c:ad:07:d1:ae:ad:d1:91:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: May 10 17:07:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75ae6e7256b8ae33b993b83240e99103369eb31c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:41:27:54:40:16:24:4d:05:54:19:e1:f4:4f:
63:00:fa:48:84:ad:e0:06:07:59:33:87:16:7d:b2:
4a:e2:b0:7c:15:ee:f2:75:2f:90:c2:13:6a:a7:72:
47:26:15:08:80:35:56:04:c9:f4:7d:3d:f5:eb:7c:
c0:a8:9c:fc:cd:1a:b4:83:a7:71:67:c8:0b:ce:3b:
ca:71:6d:58:9d:20:c8:c2:20:05:f5:08:58:e0:0d:
8c:89:1b:14:2c:d5:81:5e:38:92:eb:f8:93:87:f6:
51:99:39:b4:fc:e0:2e:4c:86:09:be:dc:aa:9b:81:
d2:6d:9f:ef:94:fd:f0:b5:12:ff:53:47:29:97:30:
db:fe:4a:f1:83:98:16:ff:06:dc:9e:8f:3d:b7:0d:
8e:fc:41:91:14:1b:22:7c:04:53:0c:42:69:14:6e:
ac:4b:b4:2d:79:4b:ea:c8:ee:60:8e:67:e6:a4:55:
31:3c:34:6b:6f:63:81:24:21:9d:3b:1d:c3:cb:0c:
fa:6a:2d:2a:18:37:4f:ec:c4:68:f9:76:d2:cf:7f:
e7:20:e2:5a:1f:1f:fe:fd:ac:6f:a6:f6:51:23:58:
31:b2:d3:cf:54:23:21:4d:34:6f:d9:33:14:94:a6:
97:a2:bb:29:57:6b:7a:d2:93:51:cc:bd:d2:ef:be:
f0:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:AE:6E:72:56:B8:AE:33:B9:93:B8:32:40:E9:91:03:36:9E:B3:1C
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/da5ucla4rjO5k7gyQOmRAzaesxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:c7c0::/29
Signature Algorithm: sha256WithRSAEncryption
7e:f8:cf:25:cc:fc:9a:e7:79:46:cf:13:0e:d2:b4:d2:fb:70:
51:cc:83:61:79:00:c9:dd:41:ce:ad:0c:73:3e:d2:71:13:6a:
3e:54:5e:c0:c4:ae:9e:75:be:84:74:f7:76:1b:db:84:4b:96:
f9:c6:ab:50:9b:b8:84:d3:a6:f2:a8:fc:35:43:3e:4b:b0:ce:
51:00:8c:ae:9e:cf:68:c1:2d:99:a2:b6:85:b1:21:5f:9c:aa:
87:6d:ff:bd:26:7e:7a:17:78:0b:21:f1:a3:be:b5:dc:08:f7:
e0:0f:90:97:07:91:a8:30:27:3c:1b:fd:60:50:6c:0f:a1:33:
bb:12:f4:cc:85:8f:6e:b9:32:62:21:31:92:aa:da:c8:dc:a2:
5e:8a:13:44:44:49:94:e0:be:30:f6:de:0b:c2:2d:62:80:8f:
89:05:a1:2b:3f:aa:c3:ec:e1:82:42:ee:c3:9f:87:89:ee:6c:
ea:aa:53:e0:97:ec:e3:00:ff:0e:7a:6b:53:fd:df:96:f9:6d:
ff:97:dd:9e:63:26:be:a3:ff:f8:fc:c9:3b:cd:94:05:1a:a0:
c7:21:72:35:d3:9c:80:89:eb:04:42:c4:2e:9d:22:e0:9c:a1:
00:b2:b2:c8:33:0e:da:3b:3e:ea:a6:ca:28:e3:0f:c8:e5:8a:
d0:f6:aa:43
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYgGoYgl55ZWHK0H0a6t0ZEXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwNTEwMTcwNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWFlNmU3MjU2YjhhZTMzYjk5M2I4MzI0MGU5OTEwMzM2OWViMzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUEnVEAWJE0FVBnh9E9jAPpIhK3g
BgdZM4cWfbJK4rB8Fe7ydS+QwhNqp3JHJhUIgDVWBMn0fT3163zAqJz8zRq0g6dx
Z8gLzjvKcW1YnSDIwiAF9QhY4A2MiRsULNWBXjiS6/iTh/ZRmTm0/OAuTIYJvtyq
m4HSbZ/vlP3wtRL/U0cplzDb/krxg5gW/wbcno89tw2O/EGRFBsifARTDEJpFG6s
S7QteUvqyO5gjmfmpFUxPDRrb2OBJCGdOx3Dywz6ai0qGDdP7MRo+XbSz3/nIOJa
Hx/+/axvpvZRI1gxstPPVCMhTTRv2TMUlKaXorspV2t60pNRzL3S777w7wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHWubnJWuK4zuZO4MkDpkQM2nrMcMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvZGE1dWNsYTRyak81azdneVFPbVJBemFlc3h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg7HwDAN
BgkqhkiG9w0BAQsFAAOCAQEAfvjPJcz8mud5Rs8TDtK00vtwUcyDYXkAyd1Bzq0M
cz7ScRNqPlRewMSunnW+hHT3dhvbhEuW+carUJu4hNOm8qj8NUM+S7DOUQCMrp7P
aMEtmaK2hbEhX5yqh23/vSZ+ehd4CyHxo7613Aj34A+QlweRqDAnPBv9YFBsD6Ez
uxL0zIWPbrkyYiExkqrayNyiXooTRERJlOC+MPbeC8ItYoCPiQWhKz+qw+zhgkLu
w5+Hie5s6qpT4Jfs4wD/DnprU/3flvlt/5fdnmMmvqP/+PzJO82UBRqgxyFyNdOc
gInrBELELp0i4JyhALKyyDMO2js+6qbKKOMPyOWK0PaqQw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:21 2024 by rpki-client on console-fra.rpki-client.org