Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/u0FfQPIfZVZUxoYMyNF0vkR9eu4.roa
File: u0FfQPIfZVZUxoYMyNF0vkR9eu4.roa (raw, json)
Hash identifier: ygxBfQZX5DefRSFNSTXd/VKg+8U2e/kb6Q9Xo3clHxg=
Subject key identifier: BB:41:5F:40:F2:1F:65:56:54:C6:86:0C:C8:D1:74:BE:44:7D:7A:EE
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0185738FDBF4CE22B87E5A255F9411D08212
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/u0FfQPIfZVZUxoYMyNF0vkR9eu4.roa
Signing time: Mon 02 Jan 2023 17:38:05 +0000
ROA not before: Mon 02 Jan 2023 17:38:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21071
IP address blocks: 2a0b:b87:ff12::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:8f:db:f4:ce:22:b8:7e:5a:25:5f:94:11:d0:82:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 17:38:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb415f40f21f655654c6860cc8d174be447d7aee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:13:1f:2f:ed:99:21:f9:bc:1f:3f:ea:57:08:
31:8e:8d:b6:e1:fc:7d:49:b6:9f:cf:94:d1:ee:31:
97:8e:5d:4e:09:be:30:12:04:77:41:06:6e:e9:47:
36:13:81:b2:75:35:05:25:66:e3:16:82:8a:59:b3:
74:c2:67:a0:44:7b:23:fc:31:f2:ae:e3:ce:a6:b6:
91:57:6e:60:80:f2:1e:a8:69:2d:e9:c2:81:15:fd:
b6:56:2d:42:94:f8:f4:49:20:fd:80:e6:e6:85:25:
ec:cd:0d:db:96:3b:1e:18:59:2f:11:9b:14:a6:ff:
dd:f0:d4:80:76:c4:8f:50:a3:ea:70:95:8a:bf:3d:
c7:6d:c6:eb:d1:91:9b:69:83:62:8f:ae:e1:75:ba:
7b:fd:e3:98:15:1d:b2:cd:28:44:b9:b5:cd:ac:ea:
11:45:ca:c7:ad:5f:c7:3a:80:f9:2f:6d:25:1f:5e:
18:ed:5a:ed:eb:6d:1b:95:89:fa:c5:fe:c6:88:67:
c7:50:50:3c:ec:9f:88:fa:59:9b:42:0a:01:1f:7a:
72:ff:c8:95:ba:f7:e1:2f:70:1a:6b:0b:46:0c:b8:
fa:58:e4:c9:1b:46:0e:12:c8:c7:42:9a:8d:be:17:
32:ae:b1:91:90:02:df:da:87:51:6b:b2:53:24:a8:
e5:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:41:5F:40:F2:1F:65:56:54:C6:86:0C:C8:D1:74:BE:44:7D:7A:EE
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/u0FfQPIfZVZUxoYMyNF0vkR9eu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b87:ff12::/48
Signature Algorithm: sha256WithRSAEncryption
7d:92:cd:9f:3f:04:c7:8c:63:c4:c2:73:e0:3f:cf:7b:2e:96:
d2:ea:ed:7f:01:65:df:cd:e1:6c:2b:ac:3b:2c:2f:24:53:ea:
ac:04:60:82:50:6c:c0:8c:04:eb:34:fc:fa:51:28:02:0b:5a:
88:57:74:43:b3:39:8a:96:d1:2d:11:d5:09:0d:1a:bd:da:6e:
55:c1:16:95:c5:fe:4e:bb:17:45:7e:f3:7c:f3:e3:db:a7:51:
90:d8:f8:b5:3a:1f:43:08:6d:97:b4:e4:6c:63:13:2c:f4:65:
04:a9:d9:0f:e1:ce:b0:82:ad:b9:6f:e3:47:49:91:55:1e:4b:
ea:fd:d4:d3:81:42:1d:72:68:8d:03:ef:cc:0a:0e:c4:4c:d8:
c0:f9:80:c2:ee:74:02:2a:81:86:95:2c:45:82:c7:7f:04:cd:
57:d0:57:18:1a:2b:f3:f5:8c:85:6e:ef:87:78:cd:e8:b3:de:
85:ee:8e:c2:18:ce:b4:25:be:d4:62:2b:4d:ae:ab:0d:3c:75:
fd:d0:b3:8f:5e:01:c9:f5:29:cf:86:a2:aa:29:fa:c9:b7:50:
4f:72:f8:52:a9:c5:88:08:01:58:dc:c4:52:ef:4e:e5:ce:4b:
e4:56:b4:5a:5a:4a:0a:dc:72:1d:66:b5:bf:20:da:a7:96:4a:
15:1a:1b:84
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzj9v0ziK4flolX5QR0IISMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjQxNWY0MGYyMWY2NTU2NTRjNjg2MGNjOGQxNzRiZTQ0N2Q3YWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBMfL+2ZIfm8Hz/qVwgxjo224fx9
Sbafz5TR7jGXjl1OCb4wEgR3QQZu6Uc2E4GydTUFJWbjFoKKWbN0wmegRHsj/DHy
ruPOpraRV25ggPIeqGkt6cKBFf22Vi1ClPj0SSD9gObmhSXszQ3bljseGFkvEZsU
pv/d8NSAdsSPUKPqcJWKvz3Hbcbr0ZGbaYNij67hdbp7/eOYFR2yzShEubXNrOoR
RcrHrV/HOoD5L20lH14Y7Vrt620blYn6xf7GiGfHUFA87J+I+lmbQgoBH3py/8iV
uvfhL3AaawtGDLj6WOTJG0YOEsjHQpqNvhcyrrGRkALf2odRa7JTJKjl2QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLtBX0DyH2VWVMaGDMjRdL5EfXruMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvdTBGZlFQSWZaVlpVeG9ZTXlORjB2a1I5ZXU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLh/8S
MA0GCSqGSIb3DQEBCwUAA4IBAQB9ks2fPwTHjGPEwnPgP897LpbS6u1/AWXfzeFs
K6w7LC8kU+qsBGCCUGzAjATrNPz6USgCC1qIV3RDszmKltEtEdUJDRq92m5VwRaV
xf5OuxdFfvN88+Pbp1GQ2Pi1Oh9DCG2XtORsYxMs9GUEqdkP4c6wgq25b+NHSZFV
Hkvq/dTTgUIdcmiNA+/MCg7ETNjA+YDC7nQCKoGGlSxFgsd/BM1X0FcYGivz9YyF
bu+HeM3os96F7o7CGM60Jb7UYitNrqsNPHX90LOPXgHJ9SnPhqKqKfrJt1BPcvhS
qcWICAFY3MRS707lzkvkVrRaWkoK3HIdZrW/INqnlkoVGhuE
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:27 2023 by rpki-client on console-ams.rpki-client.org