Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/v41Iv2YG7J2iUO1BvB88jcmTPbY.roa
File: v41Iv2YG7J2iUO1BvB88jcmTPbY.roa (raw, json)
Hash identifier: ch7PQbNvvI7jz2PqeTGR2ulhhNhQNwt60nKpy8ykuXM=
Subject key identifier: BF:8D:48:BF:66:06:EC:9D:A2:50:ED:41:BC:1F:3C:8D:C9:93:3D:B6
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0187F6FB22802EB32954957F2800A62EA8B3
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/v41Iv2YG7J2iUO1BvB88jcmTPbY.roa
Signing time: Sun 07 May 2023 16:11:06 +0000
ROA not before: Sun 07 May 2023 16:11:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23470
IP address blocks: 2a0b:7080::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:f6:fb:22:80:2e:b3:29:54:95:7f:28:00:a6:2e:a8:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: May 7 16:11:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf8d48bf6606ec9da250ed41bc1f3c8dc9933db6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e4:05:af:27:9c:a4:5a:14:12:59:87:ea:11:
84:a9:72:7c:3b:ad:97:25:27:91:98:f2:5e:0e:2f:
f7:43:45:55:46:bf:2f:75:8f:07:7a:2a:fb:79:1b:
7c:4e:1b:ae:40:72:ac:0a:74:ff:20:c2:cd:a4:8e:
4d:a7:9f:ec:14:7f:0d:4c:45:71:e7:aa:a5:25:24:
36:33:61:e7:63:ac:cc:38:ba:b3:95:86:49:3a:00:
bc:ca:a6:4d:79:60:f9:0e:97:b8:b2:dd:28:e7:f2:
4d:a1:2c:e8:5a:7f:52:8b:47:71:79:82:0b:96:59:
05:c1:88:e7:79:8c:f5:48:ca:e6:fb:c5:9b:c2:1b:
fd:e7:ba:1c:ce:c7:e7:17:64:55:49:6b:b9:06:e0:
01:4e:aa:1c:a8:7e:85:d5:b0:f6:59:01:c9:3e:af:
a2:35:55:a8:c9:b5:63:71:38:d2:9e:fa:51:05:49:
e0:03:fc:42:14:58:c8:26:44:4e:17:9a:ef:ba:8c:
06:fd:66:16:37:b4:3f:f7:90:a0:69:0d:ad:16:af:
b5:f0:1f:b1:31:4d:86:9b:38:50:9a:9b:c2:b8:ed:
45:49:30:06:93:58:dd:d9:83:dd:28:cd:35:5d:fb:
c5:69:da:e2:4c:61:89:f6:e3:87:49:ae:c3:5a:1b:
15:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:8D:48:BF:66:06:EC:9D:A2:50:ED:41:BC:1F:3C:8D:C9:93:3D:B6
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/v41Iv2YG7J2iUO1BvB88jcmTPbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:7080::/29
Signature Algorithm: sha256WithRSAEncryption
25:9c:da:bd:54:0a:c0:fc:c5:1c:bf:37:b6:3a:9e:1d:7b:2a:
f7:99:4d:88:99:b3:fb:4a:5b:00:6f:9e:cf:97:fe:dd:37:21:
21:6b:8d:2f:34:1f:e0:6e:35:cd:00:29:07:b5:5f:ec:09:48:
24:9a:00:00:a1:a8:3d:bd:5b:d2:af:d9:9d:8c:62:17:92:d5:
ec:e4:b9:13:1d:2c:c2:2d:8a:70:ef:41:0a:bc:21:17:49:15:
ed:9a:18:7e:a3:a2:15:81:42:a8:ca:b3:3b:0b:e9:0b:6e:a7:
4e:b9:0b:20:b8:c2:b9:68:a6:4c:c1:cd:35:2f:69:55:68:1a:
97:e9:c0:34:8b:78:ae:15:bd:58:ab:b9:9d:24:4c:18:f8:a6:
51:a2:43:e5:ec:ae:37:d6:8c:5f:1c:93:7a:0b:78:38:5f:fa:
85:45:03:35:33:f3:43:8e:ba:5e:df:bd:dd:12:9d:63:5f:c5:
25:2e:84:6d:11:f8:d9:c6:60:69:4e:fd:9f:a2:1a:7f:cc:d2:
13:6d:8e:92:9b:26:bf:23:e0:42:94:8a:21:81:f8:0e:a1:5a:
03:e2:98:8e:71:06:57:e4:b5:52:d5:54:81:de:5d:b5:0a:e9:
7e:20:31:b3:41:cc:91:b4:79:56:a3:ee:16:c5:03:80:16:bd:
9d:32:2a:4b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYf2+yKALrMpVJV/KACmLqizMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwNTA3MTYxMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjhkNDhiZjY2MDZlYzlkYTI1MGVkNDFiYzFmM2M4ZGM5OTMzZGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+QFryecpFoUElmH6hGEqXJ8O62X
JSeRmPJeDi/3Q0VVRr8vdY8Heir7eRt8ThuuQHKsCnT/IMLNpI5Np5/sFH8NTEVx
56qlJSQ2M2HnY6zMOLqzlYZJOgC8yqZNeWD5Dpe4st0o5/JNoSzoWn9Si0dxeYIL
llkFwYjneYz1SMrm+8Wbwhv957oczsfnF2RVSWu5BuABTqocqH6F1bD2WQHJPq+i
NVWoybVjcTjSnvpRBUngA/xCFFjIJkROF5rvuowG/WYWN7Q/95CgaQ2tFq+18B+x
MU2GmzhQmpvCuO1FSTAGk1jd2YPdKM01XfvFadriTGGJ9uOHSa7DWhsVUQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFL+NSL9mBuydolDtQbwfPI3Jkz22MB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvdjQxSXYyWUc3SjJpVU8xQnZCODhqY21UUGJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgtwgDAN
BgkqhkiG9w0BAQsFAAOCAQEAJZzavVQKwPzFHL83tjqeHXsq95lNiJmz+0pbAG+e
z5f+3TchIWuNLzQf4G41zQApB7Vf7AlIJJoAAKGoPb1b0q/ZnYxiF5LV7OS5Ex0s
wi2KcO9BCrwhF0kV7ZoYfqOiFYFCqMqzOwvpC26nTrkLILjCuWimTMHNNS9pVWga
l+nANIt4rhW9WKu5nSRMGPimUaJD5eyuN9aMXxyTegt4OF/6hUUDNTPzQ466Xt+9
3RKdY1/FJS6EbRH42cZgaU79n6Iaf8zSE22OkpsmvyPgQpSKIYH4DqFaA+KYjnEG
V+S1UtVUgd5dtQrpfiAxs0HMkbR5VqPuFsUDgBa9nTIqSw==
-----END CERTIFICATE-----
Generated at Fri Dec 22 11:33:35 2023 by rpki-client on console-ams.rpki-client.org