Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/lZi8t-B-xblXTzQLHre31e0JCPk.roa
File: lZi8t-B-xblXTzQLHre31e0JCPk.roa (raw, json)
Hash identifier: eFbWBJO+u0sbqVQbS2knMU4AjMu8xn32Dcar72xJcH0=
Subject key identifier: 95:98:BC:B7:E0:7E:C5:B9:57:4F:34:0B:1E:B7:B7:D5:ED:09:08:F9
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0185739008B4BD64DA3996BC5968641362DE
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/lZi8t-B-xblXTzQLHre31e0JCPk.roa
Signing time: Mon 02 Jan 2023 17:38:17 +0000
ROA not before: Mon 02 Jan 2023 17:38:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210667
IP address blocks: 2a0b:b87:ff14::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:90:08:b4:bd:64:da:39:96:bc:59:68:64:13:62:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 17:38:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9598bcb7e07ec5b9574f340b1eb7b7d5ed0908f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:7d:09:d0:01:26:09:5c:18:05:25:5c:ee:f1:
a8:35:3b:a6:25:7c:0b:49:91:5d:3e:50:d5:49:3f:
8a:33:e8:69:50:e8:0a:63:61:fc:54:74:69:bf:bb:
95:97:e4:78:99:5e:0c:a2:d7:d0:55:de:b7:21:ac:
ec:0a:56:6e:4b:37:b1:8f:bc:f8:72:c7:bf:79:6d:
3a:cf:9b:8e:d3:99:50:34:ac:16:67:5a:c7:bf:23:
0f:55:db:b4:f7:92:4e:57:e0:30:b2:93:46:51:ca:
03:38:c0:24:b0:64:a6:9a:e0:f0:52:a2:9a:30:0b:
4d:4b:36:39:11:24:b7:8a:83:56:d1:e5:64:e9:d3:
3e:a9:a7:bf:81:6a:81:e3:3d:f9:86:ee:5b:ac:c5:
31:5c:5f:7c:5f:d0:c2:c4:63:6a:6c:86:5c:7e:6b:
46:b8:f3:66:ff:e5:d7:55:7e:06:de:a7:63:05:ae:
e5:08:78:d9:1e:25:03:81:dc:27:a1:51:a1:c4:6b:
b8:38:2b:a9:28:6e:7f:c7:65:f5:d4:12:61:8d:ec:
0b:03:c7:f8:95:df:0d:78:9e:2f:56:59:15:64:28:
0b:3b:f2:64:42:d2:f0:ba:05:29:01:10:3b:ee:a4:
b5:92:67:ea:ab:c7:85:70:e2:c3:fe:19:ec:b2:27:
cf:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:98:BC:B7:E0:7E:C5:B9:57:4F:34:0B:1E:B7:B7:D5:ED:09:08:F9
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/lZi8t-B-xblXTzQLHre31e0JCPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b87:ff14::/48
Signature Algorithm: sha256WithRSAEncryption
73:b0:cb:74:46:9b:0b:65:9a:d1:c2:b1:f8:1c:72:9a:a4:90:
33:e7:c4:e9:05:09:25:8e:78:0a:0e:87:93:c4:a2:ca:13:26:
ec:97:be:69:76:d4:63:16:7f:d0:12:44:fd:97:ce:1f:2d:dc:
42:e6:f1:2c:4b:ea:5e:a3:a1:47:6d:17:a6:13:a8:3c:2a:97:
c6:4f:f6:a8:22:3f:e2:2c:78:f9:18:c1:76:fa:92:dd:0f:bf:
72:52:c9:38:4a:fd:80:1f:5d:2c:db:53:6b:9f:c1:87:07:9c:
80:a0:b1:a8:51:44:bc:d9:b4:8f:9b:11:79:13:8b:3b:ba:52:
8e:d6:c0:53:6c:6f:77:c8:85:7f:28:55:51:13:1e:80:d0:d7:
29:8e:c3:e0:30:79:5c:ee:0b:a6:64:fe:50:52:52:e3:c2:1c:
7a:0b:f0:06:3f:67:7b:75:bd:9e:bf:41:be:49:b9:25:54:81:
e1:7c:1b:00:21:cd:e1:2a:ae:d5:d2:e7:3c:2e:07:88:79:14:
d0:aa:4e:47:ae:84:fb:1f:1c:88:5e:76:85:51:ba:2c:fb:e7:
60:c4:35:7b:37:9c:7b:51:19:6c:5d:2d:80:4d:45:35:0c:51:
95:a3:b4:cf:06:cb:45:6c:cf:5f:85:ae:42:ff:cf:41:e9:b7:
c0:58:74:97
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzkAi0vWTaOZa8WWhkE2LeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTk4YmNiN2UwN2VjNWI5NTc0ZjM0MGIxZWI3YjdkNWVkMDkwOGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh30J0AEmCVwYBSVc7vGoNTumJXwL
SZFdPlDVST+KM+hpUOgKY2H8VHRpv7uVl+R4mV4MotfQVd63IazsClZuSzexj7z4
cse/eW06z5uO05lQNKwWZ1rHvyMPVdu095JOV+AwspNGUcoDOMAksGSmmuDwUqKa
MAtNSzY5ESS3ioNW0eVk6dM+qae/gWqB4z35hu5brMUxXF98X9DCxGNqbIZcfmtG
uPNm/+XXVX4G3qdjBa7lCHjZHiUDgdwnoVGhxGu4OCupKG5/x2X11BJhjewLA8f4
ld8NeJ4vVlkVZCgLO/JkQtLwugUpARA77qS1kmfqq8eFcOLD/hnssifPNwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJWYvLfgfsW5V080Cx63t9XtCQj5MB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvbFppOHQtQi14YmxYVHpRTEhyZTMxZTBKQ1BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLh/8U
MA0GCSqGSIb3DQEBCwUAA4IBAQBzsMt0RpsLZZrRwrH4HHKapJAz58TpBQkljngK
DoeTxKLKEybsl75pdtRjFn/QEkT9l84fLdxC5vEsS+peo6FHbRemE6g8KpfGT/ao
Ij/iLHj5GMF2+pLdD79yUsk4Sv2AH10s21Nrn8GHB5yAoLGoUUS82bSPmxF5E4s7
ulKO1sBTbG93yIV/KFVREx6A0NcpjsPgMHlc7gumZP5QUlLjwhx6C/AGP2d7db2e
v0G+SbklVIHhfBsAIc3hKq7V0uc8LgeIeRTQqk5HroT7HxyIXnaFUbos++dgxDV7
N5x7URlsXS2ATUU1DFGVo7TPBstFbM9fha5C/89B6bfAWHSX
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:34 2024 by rpki-client on console-ams.rpki-client.org