Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/h1O_nzrppoErbd9LPFtbnOkKNSg.roa
File: h1O_nzrppoErbd9LPFtbnOkKNSg.roa (raw, json)
Hash identifier: gZpwZ4FpDDpc/uh2s3Q/fma9S8tfxvwRVXmfFL+yS48=
Subject key identifier: 87:53:BF:9F:3A:E9:A6:81:2B:6D:DF:4B:3C:5B:5B:9C:E9:0A:35:28
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0185738FFD771EEFA79C5091B101D1686BD6
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/h1O_nzrppoErbd9LPFtbnOkKNSg.roa
Signing time: Mon 02 Jan 2023 17:38:14 +0000
ROA not before: Mon 02 Jan 2023 17:38:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205117
IP address blocks: 2a0b:b87:ffe3::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:8f:fd:77:1e:ef:a7:9c:50:91:b1:01:d1:68:6b:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 17:38:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8753bf9f3ae9a6812b6ddf4b3c5b5b9ce90a3528
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:0e:a8:b5:6d:8c:53:b3:58:7c:69:e3:0d:7a:
b5:ce:f6:f5:cb:57:36:d5:ec:ef:e2:d9:74:2f:11:
50:29:8d:3e:54:c3:68:40:32:d4:b0:97:a3:3a:84:
af:b8:28:1e:25:3b:fe:54:de:20:ca:11:d2:8a:cc:
6e:ee:cf:72:15:7a:28:09:5b:b4:f2:b6:18:99:04:
84:d9:dc:63:52:5d:5d:71:48:4c:5b:48:c8:b1:7e:
d6:e2:18:e0:60:9b:60:ea:8d:a3:2a:78:a2:0f:9d:
76:30:c0:9b:6b:99:b2:2b:c4:f3:9f:3d:52:a3:79:
8d:ba:88:42:a9:65:bf:87:65:46:21:8a:73:e3:65:
c2:00:12:81:3f:5d:a7:1c:f1:90:5f:da:a7:ab:71:
3c:4c:6f:3b:95:1b:79:dc:64:82:46:30:50:fe:60:
77:6d:dd:ba:e7:ab:b2:9e:1a:20:a0:04:68:fd:cb:
2d:c6:f5:78:1a:52:5b:76:30:45:03:77:85:36:64:
1b:3c:b0:0d:3d:ab:71:8f:c5:c3:52:2b:f7:4f:3e:
2c:6d:d2:ce:37:e0:9d:af:a1:07:2e:8b:50:01:0c:
28:f5:36:28:96:cb:15:c3:56:a5:c7:44:04:98:ff:
cb:6b:91:72:61:ec:25:2c:f0:3e:2e:8a:4c:42:96:
20:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:53:BF:9F:3A:E9:A6:81:2B:6D:DF:4B:3C:5B:5B:9C:E9:0A:35:28
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/h1O_nzrppoErbd9LPFtbnOkKNSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b87:ffe3::/48
Signature Algorithm: sha256WithRSAEncryption
be:93:18:d7:17:10:3e:d2:d7:42:68:66:6b:6f:fa:3d:6e:22:
1f:61:23:eb:14:23:47:87:27:82:ab:6b:e4:3f:08:88:81:91:
1e:06:0c:d0:7c:9d:3b:cf:b0:85:fb:67:6f:39:6c:8b:80:23:
14:9f:15:9a:97:be:96:59:0a:5a:16:4c:2b:4f:4a:7a:e1:85:
0d:1b:22:38:d2:f7:dc:a1:ea:20:af:12:0e:08:2b:18:67:ba:
5b:8f:35:f2:c2:7d:df:6c:b4:dc:cc:70:a7:6c:cf:10:9e:22:
92:d9:3a:98:bd:3c:2b:df:79:0d:2a:1b:c7:e2:6f:de:63:bc:
14:f5:e4:2d:75:8b:5e:93:1e:a5:bb:47:50:2c:5a:09:aa:5d:
09:f8:ea:75:1d:22:12:06:02:26:c6:01:f0:c2:49:4b:de:29:
aa:c4:93:3b:3d:8a:08:99:b4:14:69:8e:f0:27:20:c0:61:bb:
d2:aa:33:20:28:01:f5:78:43:83:f1:73:f9:40:35:ed:67:50:
b6:fb:cf:d0:62:ef:35:1f:94:b8:9e:87:76:15:7c:16:68:10:
26:70:8c:38:b9:1a:af:fd:b8:78:c3:d8:40:5c:1d:d2:f2:47:
a8:97:4e:19:3e:36:1b:4f:a1:86:03:a5:ca:c2:a4:29:7b:62:
fd:31:d8:2f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzj/13Hu+nnFCRsQHRaGvWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzUzYmY5ZjNhZTlhNjgxMmI2ZGRmNGIzYzViNWI5Y2U5MGEzNTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnA6otW2MU7NYfGnjDXq1zvb1y1c2
1ezv4tl0LxFQKY0+VMNoQDLUsJejOoSvuCgeJTv+VN4gyhHSisxu7s9yFXooCVu0
8rYYmQSE2dxjUl1dcUhMW0jIsX7W4hjgYJtg6o2jKniiD512MMCba5myK8Tznz1S
o3mNuohCqWW/h2VGIYpz42XCABKBP12nHPGQX9qnq3E8TG87lRt53GSCRjBQ/mB3
bd2656uynhogoARo/cstxvV4GlJbdjBFA3eFNmQbPLANPatxj8XDUiv3Tz4sbdLO
N+Cdr6EHLotQAQwo9TYolssVw1alx0QEmP/La5FyYewlLPA+LopMQpYgCQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIdTv5866aaBK23fSzxbW5zpCjUoMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvaDFPX256cnBwb0VyYmQ5TFBGdGJuT2tLTlNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLh//j
MA0GCSqGSIb3DQEBCwUAA4IBAQC+kxjXFxA+0tdCaGZrb/o9biIfYSPrFCNHhyeC
q2vkPwiIgZEeBgzQfJ07z7CF+2dvOWyLgCMUnxWal76WWQpaFkwrT0p64YUNGyI4
0vfcoeogrxIOCCsYZ7pbjzXywn3fbLTczHCnbM8QniKS2TqYvTwr33kNKhvH4m/e
Y7wU9eQtdYtekx6lu0dQLFoJql0J+Op1HSISBgImxgHwwklL3imqxJM7PYoImbQU
aY7wJyDAYbvSqjMgKAH1eEOD8XP5QDXtZ1C2+8/QYu81H5S4nod2FXwWaBAmcIw4
uRqv/bh4w9hAXB3S8keol04ZPjYbT6GGA6XKwqQpe2L9Mdgv
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:21 2024 by rpki-client on console-fra.rpki-client.org