Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/LXxxv812DXTzL032ZHlMlWzTco4.roa
File: LXxxv812DXTzL032ZHlMlWzTco4.roa (raw, json)
Hash identifier: iJMccWCkXhPFk4UtVCuvDi3hkajCu2ls+uAsJzaOYVY=
Subject key identifier: 2D:7C:71:BF:CD:76:0D:74:F3:2F:4D:F6:64:79:4C:95:6C:D3:72:8E
Certificate issuer: /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial: 01856F429CC6DDC089A0AD5B7FA35C8F070B
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/LXxxv812DXTzL032ZHlMlWzTco4.roa
Signing time: Sun 01 Jan 2023 21:35:14 +0000
ROA not before: Sun 01 Jan 2023 21:35:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203323
IP address blocks: 2a05:4140:3f0::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:9c:c6:dd:c0:89:a0:ad:5b:7f:a3:5c:8f:07:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Validity
Not Before: Jan 1 21:35:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d7c71bfcd760d74f32f4df664794c956cd3728e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:32:30:9d:ed:cd:ab:ec:c6:ec:37:40:88:71:
e5:98:d8:94:86:aa:2c:39:d5:b9:0e:12:62:d6:29:
be:10:36:5d:9e:f7:29:58:13:d3:3c:04:fc:fc:31:
0b:12:5f:7a:a4:ac:7d:4f:fc:0e:16:2a:3b:fd:85:
71:5c:48:03:04:0a:2d:e2:74:60:44:a5:88:a7:68:
51:5b:3f:d2:5c:39:50:ab:c8:a5:03:5c:a7:4d:61:
8e:90:3f:33:ab:df:52:93:64:a3:6f:f1:5f:3d:c3:
49:19:df:e0:56:79:83:83:96:97:e0:95:13:d7:c1:
db:29:c9:97:15:08:75:5a:68:f4:45:91:d1:81:15:
3d:7a:03:d3:09:0b:00:11:0c:fc:9d:fe:c5:db:76:
25:33:86:92:fd:97:c4:39:a8:70:46:63:87:d1:4a:
d8:89:56:f8:61:77:32:68:56:88:56:8a:32:2e:48:
c3:96:20:c0:f2:3c:13:de:4c:e8:23:2b:31:0b:72:
da:39:e9:b7:fa:51:95:9e:48:21:d4:42:6a:c0:75:
2e:60:52:73:52:f6:ec:76:93:fd:cb:5a:54:94:f6:
00:c7:1e:84:70:cb:14:39:64:88:7e:cb:05:f0:3e:
2a:97:8c:b4:31:ca:a1:92:0a:ef:2b:4f:a4:1f:cb:
fc:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:7C:71:BF:CD:76:0D:74:F3:2F:4D:F6:64:79:4C:95:6C:D3:72:8E
X509v3 Authority Key Identifier:
keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/LXxxv812DXTzL032ZHlMlWzTco4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:4140:3f0::/44
Signature Algorithm: sha256WithRSAEncryption
93:05:44:ba:a0:0c:45:f6:af:2c:49:5d:bc:6b:0a:14:74:23:
76:5d:cd:3a:28:00:69:8a:da:1e:c6:86:bb:7c:e8:a0:60:f2:
8c:43:ca:56:a3:39:c8:b6:e9:52:1e:6b:c6:92:59:a6:df:d0:
84:2b:7a:d6:96:2e:e8:8f:0b:77:17:e8:91:f9:eb:47:fe:4c:
04:fd:49:82:ce:0e:26:c5:cd:d2:ea:bc:77:bc:fb:36:43:96:
00:dd:5e:2e:5d:a5:77:a5:99:0e:71:4b:98:71:d5:22:56:22:
d4:00:2a:7e:b4:ae:18:d2:b1:70:0a:3c:f6:eb:47:02:47:93:
32:43:96:ae:f3:e5:ee:00:c0:85:fe:64:01:8b:49:b6:f7:2a:
26:81:1b:4e:7d:af:24:05:76:27:e3:32:29:90:3b:7d:79:ef:
50:f8:a9:6a:5c:c6:c6:28:d4:7b:71:80:45:4d:98:9e:51:54:
59:b1:71:e1:86:68:79:04:98:86:80:6d:d2:11:69:80:79:91:
53:b5:ba:7b:f5:ef:bf:d2:1b:20:bb:c2:9e:9d:74:6e:3b:01:
47:22:79:c5:12:36:c6:38:66:f2:2b:91:f3:52:97:5a:6f:05:
ab:16:a5:9b:8c:49:db:e6:15:83:67:14:aa:c3:e4:cc:31:64:
26:36:40:65
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQpzG3cCJoK1bf6NcjwcLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjMwMTAxMjEzNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDdjNzFiZmNkNzYwZDc0ZjMyZjRkZjY2NDc5NGM5NTZjZDM3MjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1DIwne3Nq+zG7DdAiHHlmNiUhqos
OdW5DhJi1im+EDZdnvcpWBPTPAT8/DELEl96pKx9T/wOFio7/YVxXEgDBAot4nRg
RKWIp2hRWz/SXDlQq8ilA1ynTWGOkD8zq99Sk2Sjb/FfPcNJGd/gVnmDg5aX4JUT
18HbKcmXFQh1Wmj0RZHRgRU9egPTCQsAEQz8nf7F23YlM4aS/ZfEOahwRmOH0UrY
iVb4YXcyaFaIVooyLkjDliDA8jwT3kzoIysxC3LaOem3+lGVnkgh1EJqwHUuYFJz
UvbsdpP9y1pUlPYAxx6EcMsUOWSIfssF8D4ql4y0McqhkgrvK0+kH8v8uQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFC18cb/Ndg108y9N9mR5TJVs03KOMB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvTFh4eHY4MTJEWFR6TDAzMlpIbE1sV3pUY280LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgVBQAPw
MA0GCSqGSIb3DQEBCwUAA4IBAQCTBUS6oAxF9q8sSV28awoUdCN2Xc06KABpitoe
xoa7fOigYPKMQ8pWoznItulSHmvGklmm39CEK3rWli7ojwt3F+iR+etH/kwE/UmC
zg4mxc3S6rx3vPs2Q5YA3V4uXaV3pZkOcUuYcdUiViLUACp+tK4Y0rFwCjz260cC
R5MyQ5au8+XuAMCF/mQBi0m29yomgRtOfa8kBXYn4zIpkDt9ee9Q+KlqXMbGKNR7
cYBFTZieUVRZsXHhhmh5BJiGgG3SEWmAeZFTtbp79e+/0hsgu8KenXRuOwFHInnF
EjbGOGbyK5HzUpdabwWrFqWbjEnb5hWDZxSqw+TMMWQmNkBl
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:06 2024 by rpki-client on console-ams.rpki-client.org