Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/ihXUlegAd9vPTmQUzglKgjFUmI4.roa
File: ihXUlegAd9vPTmQUzglKgjFUmI4.roa (raw, json)
Hash identifier: dhpV9wHaQalGRfZdePoZix5Okse+maLC+680pBMyce4=
Subject key identifier: 8A:15:D4:95:E8:00:77:DB:CF:4E:64:14:CE:09:4A:82:31:54:98:8E
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0185738FE8E72475667EED7CB4E48E740E60
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/ihXUlegAd9vPTmQUzglKgjFUmI4.roa
Signing time: Mon 02 Jan 2023 17:38:09 +0000
ROA not before: Mon 02 Jan 2023 17:38:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44024
IP address blocks: 2a0b:b83:b8::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:8f:e8:e7:24:75:66:7e:ed:7c:b4:e4:8e:74:0e:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 17:38:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a15d495e80077dbcf4e6414ce094a823154988e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:64:b2:36:66:f6:86:81:b6:30:5f:a8:c3:cc:
88:d5:94:b2:f4:70:66:03:33:13:91:03:ce:0e:ca:
bf:c4:77:be:25:48:bb:f7:5d:ed:b2:51:51:fc:bd:
c5:14:12:08:92:c5:92:f7:85:72:d9:7d:40:78:bd:
6f:86:bd:25:b3:2a:90:05:9a:20:b3:3c:d9:bb:a4:
bd:3f:cb:17:f1:76:eb:d4:5c:86:19:df:17:1d:79:
17:71:a0:8e:de:4f:31:3d:1d:7d:c8:bc:14:54:8c:
1b:ee:a9:44:46:52:e4:04:74:2e:7d:a5:0f:09:37:
03:43:f3:00:16:73:78:3f:18:0c:79:30:92:c0:aa:
30:95:3e:c5:f0:65:df:cd:03:e4:65:4a:a9:58:4d:
bb:b9:40:98:8f:41:1d:7e:55:60:ab:dc:1c:98:6e:
70:68:0c:6e:72:ec:89:91:b6:b3:c0:b1:43:33:99:
65:e4:3f:9a:9e:8e:19:68:21:47:17:b6:0f:b4:eb:
d3:b4:04:99:d3:92:b4:a4:41:71:60:21:4b:03:7e:
42:57:7f:a8:98:a1:f4:2d:c4:6c:98:d0:7b:58:11:
00:81:de:96:49:14:13:e6:ff:60:62:fa:7d:70:2f:
67:c9:9b:1c:2a:76:c7:2d:8e:08:61:4d:ba:53:5c:
01:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:15:D4:95:E8:00:77:DB:CF:4E:64:14:CE:09:4A:82:31:54:98:8E
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/ihXUlegAd9vPTmQUzglKgjFUmI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b83:b8::/48
Signature Algorithm: sha256WithRSAEncryption
3d:5c:7b:50:23:b7:34:f4:0b:6f:ef:3b:34:c1:8c:bc:99:02:
c7:df:37:cd:00:f2:5e:66:57:34:04:69:1e:3c:5c:52:17:f6:
53:df:2e:39:fe:ed:78:68:04:9b:d1:08:23:73:95:82:8e:d7:
25:b2:22:42:09:a6:6e:2a:dc:2b:90:b3:bf:02:3a:1a:fa:5b:
fb:5f:3c:88:1e:19:9a:97:52:42:3c:40:9d:de:c3:ac:12:6f:
f3:c4:ff:7b:c7:ca:ce:e5:39:09:f5:56:a3:93:db:48:65:99:
af:a7:c3:55:67:b8:f1:23:b1:b0:fb:32:78:c0:13:ff:0b:92:
a9:e5:f9:2d:93:61:81:66:67:51:0b:91:aa:14:c2:67:89:d8:
05:5d:75:96:73:13:37:31:d8:e3:02:d8:a0:eb:06:d5:f0:a0:
bf:ce:cf:3a:65:bd:97:55:38:68:08:c8:f3:ee:99:f8:d4:c3:
46:bf:d9:90:11:a9:5a:e3:ea:48:af:ea:6b:c7:15:40:56:b2:
33:63:4d:6c:dc:b7:7a:ad:0f:5b:60:07:f4:43:51:20:ad:82:
ba:b9:2b:e5:ad:9f:42:a8:61:9b:cc:4d:dd:37:60:f6:3a:ed:
c1:e3:2c:7e:a4:34:99:e9:f8:b1:d2:f6:e6:61:e0:65:4a:21:
f3:21:4f:82
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzj+jnJHVmfu18tOSOdA5gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTE1ZDQ5NWU4MDA3N2RiY2Y0ZTY0MTRjZTA5NGE4MjMxNTQ5ODhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWSyNmb2hoG2MF+ow8yI1ZSy9HBm
AzMTkQPODsq/xHe+JUi7913tslFR/L3FFBIIksWS94Vy2X1AeL1vhr0lsyqQBZog
szzZu6S9P8sX8Xbr1FyGGd8XHXkXcaCO3k8xPR19yLwUVIwb7qlERlLkBHQufaUP
CTcDQ/MAFnN4PxgMeTCSwKowlT7F8GXfzQPkZUqpWE27uUCYj0EdflVgq9wcmG5w
aAxucuyJkbazwLFDM5ll5D+ano4ZaCFHF7YPtOvTtASZ05K0pEFxYCFLA35CV3+o
mKH0LcRsmNB7WBEAgd6WSRQT5v9gYvp9cC9nyZscKnbHLY4IYU26U1wBHwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIoV1JXoAHfbz05kFM4JSoIxVJiOMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvaWhYVWxlZ0FkOXZQVG1RVXpnbEtnakZVbUk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLgwC4
MA0GCSqGSIb3DQEBCwUAA4IBAQA9XHtQI7c09Atv7zs0wYy8mQLH3zfNAPJeZlc0
BGkePFxSF/ZT3y45/u14aASb0Qgjc5WCjtclsiJCCaZuKtwrkLO/Ajoa+lv7XzyI
Hhmal1JCPECd3sOsEm/zxP97x8rO5TkJ9Vajk9tIZZmvp8NVZ7jxI7Gw+zJ4wBP/
C5Kp5fktk2GBZmdRC5GqFMJnidgFXXWWcxM3MdjjAtig6wbV8KC/zs86Zb2XVTho
CMjz7pn41MNGv9mQEala4+pIr+prxxVAVrIzY01s3Ld6rQ9bYAf0Q1EgrYK6uSvl
rZ9CqGGbzE3dN2D2Ou3B4yx+pDSZ6fix0vbmYeBlSiHzIU+C
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:21 2024 by rpki-client on console-fra.rpki-client.org