Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/wp97BUkrbmfMdzLqhgeGAetGwz8.roa
File: wp97BUkrbmfMdzLqhgeGAetGwz8.roa (raw, json)
Hash identifier: 45KfTndqXwUWwiU1pwbcwd9qWtd1FMBT9rpfaPzGISE=
Subject key identifier: C2:9F:7B:05:49:2B:6E:67:CC:77:32:EA:86:07:86:01:EB:46:C3:3F
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0188E3D2B437E31036D4408A60781E3CCC83
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/wp97BUkrbmfMdzLqhgeGAetGwz8.roa
Signing time: Thu 22 Jun 2023 15:56:56 +0000
ROA not before: Thu 22 Jun 2023 15:56:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 2a0b:b87:ffb0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e3:d2:b4:37:e3:10:36:d4:40:8a:60:78:1e:3c:cc:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jun 22 15:56:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c29f7b05492b6e67cc7732ea86078601eb46c33f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:7b:95:32:e0:5e:ab:5a:18:c0:6d:97:86:3e:
be:0a:0f:dc:7d:43:de:20:56:00:bb:3c:3a:ad:c3:
5a:d5:91:e8:9b:84:d5:77:58:a1:67:61:94:51:c5:
2c:2c:ff:06:5d:bf:28:c6:b9:91:3c:54:0b:01:a6:
e6:c7:c2:78:5c:a3:ff:23:e4:b0:6c:cf:0f:ef:00:
97:b3:61:d2:65:43:25:ec:4f:f0:92:67:eb:1a:c1:
d5:2f:d3:37:f9:ff:94:08:39:85:2f:81:40:c4:fb:
ca:52:25:6d:42:6c:d5:cb:91:34:9f:d7:c0:31:5a:
79:86:5f:6c:71:b8:4c:ce:15:4c:94:cd:5d:c0:6e:
ae:03:fd:1a:08:b6:b8:cd:73:e3:d2:f8:af:65:ef:
43:25:8e:ac:3a:ab:ef:bc:cb:f6:77:65:34:96:2b:
1a:73:de:46:68:40:f6:88:dd:4d:2d:5c:c3:f2:78:
80:70:20:6f:b9:bb:c0:35:1e:43:1b:f7:59:25:b1:
ec:2e:2c:93:be:51:7e:91:45:84:e1:a1:3a:a6:c8:
08:4b:89:18:1e:7e:d8:1a:8d:4c:77:59:0b:9a:0e:
2b:a8:d7:db:dc:a6:98:a2:c2:56:23:55:0b:f2:51:
cf:3e:2a:4c:9b:41:36:59:39:f3:04:51:4c:08:ed:
df:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:9F:7B:05:49:2B:6E:67:CC:77:32:EA:86:07:86:01:EB:46:C3:3F
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/wp97BUkrbmfMdzLqhgeGAetGwz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b87:ffb0::/48
Signature Algorithm: sha256WithRSAEncryption
42:b0:04:f4:29:06:b3:71:de:ec:e8:6f:4e:36:59:af:71:a6:
dc:aa:86:b7:ac:42:bd:2c:95:e9:49:d3:21:ea:60:44:3d:69:
04:d7:b7:5d:2e:99:7f:c4:22:5d:12:b0:a7:c6:da:dd:e2:03:
fb:d7:11:ab:24:4a:0f:78:8c:73:49:97:f5:25:c6:ab:e1:e1:
fa:89:f9:5e:3a:84:d4:e9:47:66:b6:be:d5:03:6f:a0:9e:b1:
1a:bd:f3:76:7e:64:37:b2:ac:11:cb:fb:c0:7b:c5:d4:b2:6a:
8b:e8:d4:ee:ec:c5:b8:bb:49:36:76:82:90:7a:3d:96:93:1e:
a1:44:fc:eb:d0:dc:bb:63:5d:fe:6c:a6:6e:0c:76:39:37:0c:
e8:35:8f:32:1f:44:79:b9:95:3c:8b:0d:58:17:e7:1a:be:47:
df:c9:8b:cb:01:9a:1d:88:53:5b:fd:aa:21:aa:05:f4:7b:e6:
08:1d:3d:16:ed:d1:da:b3:87:ce:95:03:4e:d8:2f:5c:47:28:
bb:48:d8:87:26:3f:b2:d9:ba:20:1b:ed:78:01:56:1b:78:78:
a3:a2:db:76:38:86:d9:08:b6:5a:92:c9:2e:4c:9d:f7:03:4e:
c0:ca:75:7d:ad:bd:a6:c5:bf:4f:cb:30:91:8f:39:18:44:66:
8d:30:c6:f2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYjj0rQ34xA21ECKYHgePMyDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwNjIyMTU1NjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjlmN2IwNTQ5MmI2ZTY3Y2M3NzMyZWE4NjA3ODYwMWViNDZjMzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnuVMuBeq1oYwG2Xhj6+Cg/cfUPe
IFYAuzw6rcNa1ZHom4TVd1ihZ2GUUcUsLP8GXb8oxrmRPFQLAabmx8J4XKP/I+Sw
bM8P7wCXs2HSZUMl7E/wkmfrGsHVL9M3+f+UCDmFL4FAxPvKUiVtQmzVy5E0n9fA
MVp5hl9scbhMzhVMlM1dwG6uA/0aCLa4zXPj0vivZe9DJY6sOqvvvMv2d2U0lisa
c95GaED2iN1NLVzD8niAcCBvubvANR5DG/dZJbHsLiyTvlF+kUWE4aE6psgIS4kY
Hn7YGo1Md1kLmg4rqNfb3KaYosJWI1UL8lHPPipMm0E2WTnzBFFMCO3fpwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMKfewVJK25nzHcy6oYHhgHrRsM/MB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvd3A5N0JVa3JibWZNZHpMcWhnZUdBZXRHd3o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLh/+w
MA0GCSqGSIb3DQEBCwUAA4IBAQBCsAT0KQazcd7s6G9ONlmvcabcqoa3rEK9LJXp
SdMh6mBEPWkE17ddLpl/xCJdErCnxtrd4gP71xGrJEoPeIxzSZf1Jcar4eH6ifle
OoTU6Udmtr7VA2+gnrEavfN2fmQ3sqwRy/vAe8XUsmqL6NTu7MW4u0k2doKQej2W
kx6hRPzr0Ny7Y13+bKZuDHY5NwzoNY8yH0R5uZU8iw1YF+cavkffyYvLAZodiFNb
/aohqgX0e+YIHT0W7dHas4fOlQNO2C9cRyi7SNiHJj+y2bogG+14AVYbeHijott2
OIbZCLZakskuTJ33A07AynV9rb2mxb9PyzCRjzkYRGaNMMby
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:21 2024 by rpki-client on console-fra.rpki-client.org