Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/oCEWvImeDHMf1O3Yhi6wL0JlMTU.roa
File: oCEWvImeDHMf1O3Yhi6wL0JlMTU.roa (raw, json)
Hash identifier: KR9DgmYdrJW0LvMs20GM4bUH6yqQejT6vavRYqu2jC0=
Subject key identifier: A0:21:16:BC:89:9E:0C:73:1F:D4:ED:D8:86:2E:B0:2F:42:65:31:35
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0185738FF7E1B71B83080FF2E9F62D22A895
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/oCEWvImeDHMf1O3Yhi6wL0JlMTU.roa
Signing time: Mon 02 Jan 2023 17:38:13 +0000
ROA not before: Mon 02 Jan 2023 17:38:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201331
IP address blocks: 2a0b:b87:ffea::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:8f:f7:e1:b7:1b:83:08:0f:f2:e9:f6:2d:22:a8:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 17:38:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a02116bc899e0c731fd4edd8862eb02f42653135
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:fd:d5:31:11:21:e9:fc:5e:83:72:5a:35:09:
ff:24:7e:a1:4d:02:8d:2f:96:5a:be:08:7a:c2:12:
d4:8a:39:66:5d:77:39:23:c5:c6:f8:4e:59:ae:77:
ad:a1:fb:6a:7b:b5:07:ab:75:3c:25:b8:cf:ca:fd:
b9:a4:e9:a2:cb:d2:04:c5:2f:e4:7b:08:e1:e0:d2:
5f:01:9d:2b:12:d6:62:ec:5c:6d:67:61:d8:6b:bd:
7b:d3:fb:6b:1c:c4:6e:1b:0c:f6:b9:a1:3d:bb:f1:
8e:f6:69:be:c4:c1:fe:f3:07:1b:25:ab:a0:7b:0a:
14:3b:cf:87:0e:96:3a:a0:fa:4d:cd:41:02:70:25:
a5:ab:ac:da:23:29:1f:e6:8f:67:99:a8:4d:ef:98:
97:1f:8c:e3:e7:9f:42:a4:5a:73:83:53:40:95:8f:
dd:ce:35:c2:37:db:6d:12:74:4f:3b:96:dc:4c:23:
ca:5c:97:b2:b6:b4:0d:74:b7:49:6b:8d:ab:fa:b4:
b3:0f:6b:fa:c2:90:bb:b2:f7:fd:e0:f6:56:40:86:
f3:cd:85:2e:a6:23:ec:b7:a6:a5:9b:c3:f0:b0:52:
9c:17:3b:35:cd:45:be:e6:f9:69:8a:08:d0:ec:c7:
35:96:6d:bc:72:32:3a:c5:60:0e:8c:12:e4:09:9e:
2b:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:21:16:BC:89:9E:0C:73:1F:D4:ED:D8:86:2E:B0:2F:42:65:31:35
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/oCEWvImeDHMf1O3Yhi6wL0JlMTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b87:ffea::/48
Signature Algorithm: sha256WithRSAEncryption
22:ec:3e:92:04:f7:c7:31:f2:a1:0e:b3:d0:95:b0:d7:b5:62:
12:52:db:69:fd:4a:20:04:b0:c4:d7:ea:c8:56:ce:2d:30:2b:
6d:21:a7:a5:90:d3:89:8e:9d:56:0d:67:34:bb:65:d3:e4:aa:
32:e8:e7:0e:1c:c4:c2:4c:d4:a7:60:ce:65:b2:fe:48:ee:dd:
e1:e6:99:3c:ad:45:14:f8:ce:d5:6a:63:34:fe:27:6a:5a:83:
dd:e0:5c:e9:50:c9:88:f9:96:3a:a6:b1:42:da:e0:20:06:25:
32:2d:b4:bc:a4:42:dd:c9:2e:4a:44:77:1b:d7:61:e5:ec:89:
cb:7f:a4:2e:77:52:86:ee:22:52:ba:77:d8:3f:e8:b6:e8:c2:
65:af:b2:cb:28:92:7c:f8:38:c7:f6:4e:71:4a:a3:3f:98:54:
7b:bf:bf:43:e9:a3:37:2d:f0:52:ab:5f:9e:fc:02:18:de:11:
2b:e5:c2:7d:de:22:78:23:ea:4c:8e:a9:42:bc:fb:94:fe:dd:
76:e5:e2:dd:26:61:e5:b8:d7:e8:95:45:01:88:0b:a5:a1:68:
9c:f1:21:fb:ac:4b:35:ab:38:ab:fb:7e:68:6a:71:41:aa:fc:
de:66:9d:ac:e7:51:84:a3:c5:f8:fc:fc:1b:0b:21:d1:67:61:
22:c9:cf:c1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzj/fhtxuDCA/y6fYtIqiVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDIxMTZiYzg5OWUwYzczMWZkNGVkZDg4NjJlYjAyZjQyNjUzMTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoP3VMREh6fxeg3JaNQn/JH6hTQKN
L5Zavgh6whLUijlmXXc5I8XG+E5Zrnetoftqe7UHq3U8JbjPyv25pOmiy9IExS/k
ewjh4NJfAZ0rEtZi7FxtZ2HYa7170/trHMRuGwz2uaE9u/GO9mm+xMH+8wcbJaug
ewoUO8+HDpY6oPpNzUECcCWlq6zaIykf5o9nmahN75iXH4zj559CpFpzg1NAlY/d
zjXCN9ttEnRPO5bcTCPKXJeytrQNdLdJa42r+rSzD2v6wpC7svf94PZWQIbzzYUu
piPst6alm8PwsFKcFzs1zUW+5vlpigjQ7Mc1lm28cjI6xWAOjBLkCZ4r3wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKAhFryJngxzH9Tt2IYusC9CZTE1MB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvb0NFV3ZJbWVESE1mMU8zWWhpNndMMEpsTVRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLh//q
MA0GCSqGSIb3DQEBCwUAA4IBAQAi7D6SBPfHMfKhDrPQlbDXtWISUttp/UogBLDE
1+rIVs4tMCttIaelkNOJjp1WDWc0u2XT5Koy6OcOHMTCTNSnYM5lsv5I7t3h5pk8
rUUU+M7VamM0/idqWoPd4FzpUMmI+ZY6prFC2uAgBiUyLbS8pELdyS5KRHcb12Hl
7InLf6Qud1KG7iJSunfYP+i26MJlr7LLKJJ8+DjH9k5xSqM/mFR7v79D6aM3LfBS
q1+e/AIY3hEr5cJ93iJ4I+pMjqlCvPuU/t125eLdJmHluNfolUUBiAuloWic8SH7
rEs1qzir+35oanFBqvzeZp2s51GEo8X4/PwbCyHRZ2Eiyc/B
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:34 2024 by rpki-client on console-ams.rpki-client.org