Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/PYiqKgLRIbqY7_iGEdtKZLahFe8.roa
File: PYiqKgLRIbqY7_iGEdtKZLahFe8.roa (raw, json)
Hash identifier: 5TXPHgecYkpBMALtBVg3sjYPFIfmLnqZPYJv4phc8SE=
Subject key identifier: 3D:88:AA:2A:02:D1:21:BA:98:EF:F8:86:11:DB:4A:64:B6:A1:15:EF
Certificate issuer: /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial: 01856F429A2B68D4D2AFA295140CC7DD7D93
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/PYiqKgLRIbqY7_iGEdtKZLahFe8.roa
Signing time: Sun 01 Jan 2023 21:35:13 +0000
ROA not before: Sun 01 Jan 2023 21:35:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49245
IP address blocks: 2a05:4140:14::/48 maxlen: 48
2a05:4140:12::/48 maxlen: 48
2a05:4140:15::/48 maxlen: 48
2a05:4140:13::/48 maxlen: 48
2a05:4140:3::/48 maxlen: 48
2a05:4140:11::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:9a:2b:68:d4:d2:af:a2:95:14:0c:c7:dd:7d:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Validity
Not Before: Jan 1 21:35:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d88aa2a02d121ba98eff88611db4a64b6a115ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:2d:0a:72:a1:13:fe:34:df:8f:0d:e6:89:06:
ec:a5:7b:92:ad:b0:9b:87:ae:f2:a0:ae:c3:67:90:
68:97:97:4e:69:b5:29:2d:33:60:53:06:c8:22:64:
30:70:0c:6b:1b:34:a0:dd:cb:41:8d:83:5a:96:01:
02:9a:ab:4d:25:73:d2:76:5b:82:d4:c9:e1:4a:12:
e2:fa:8a:fb:4d:a2:45:e0:7b:9e:33:1d:75:72:c5:
39:ea:a9:87:d9:9a:1b:21:e6:49:54:3e:4b:f3:e4:
e8:77:fb:05:0c:8f:df:7a:30:14:d6:92:e9:d4:25:
f7:14:07:98:01:31:a5:3c:22:a7:51:6b:a3:bb:81:
6a:ac:27:7f:9e:e9:ed:c9:f1:05:e3:ef:5b:c8:27:
5a:c8:13:d0:67:77:51:dd:31:74:3c:4b:9f:00:b4:
5b:d3:0d:14:3b:91:e2:27:1a:f5:85:d4:18:c8:32:
63:8d:7e:be:e6:ba:74:00:49:14:c1:2e:e7:70:ee:
a4:41:a2:be:5c:d3:f0:30:62:9d:9a:21:58:ff:69:
4e:a3:44:d0:93:f5:b9:46:50:5a:ad:1b:1b:86:8f:
fd:e8:de:1f:3b:7a:aa:e1:9b:9f:1c:4f:ba:e0:4b:
a5:73:43:8c:bb:2d:a5:cb:e2:d1:cd:81:85:72:f1:
d2:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:88:AA:2A:02:D1:21:BA:98:EF:F8:86:11:DB:4A:64:B6:A1:15:EF
X509v3 Authority Key Identifier:
keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/PYiqKgLRIbqY7_iGEdtKZLahFe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:4140:3::/48
2a05:4140:11::-2a05:4140:15:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
89:e9:82:75:7b:98:4b:93:fb:c6:6c:a6:ea:f2:dd:fc:1f:fe:
a6:30:14:14:60:89:6f:96:e1:c5:5b:bd:07:ac:96:d9:9b:52:
8e:67:00:3b:a7:b5:87:85:dc:3d:75:e8:51:00:b9:0b:48:49:
1a:48:a2:da:5e:3b:66:68:0d:15:f2:69:7f:1d:15:72:08:02:
1f:82:0b:ac:64:73:ce:cd:ba:24:dc:a8:d4:55:12:f3:78:36:
cb:35:95:8b:5d:37:23:e9:62:21:c7:b2:d7:94:b7:00:3f:f3:
e3:37:39:62:6c:8c:c0:2e:6d:4b:0a:ac:c0:8a:fe:f0:ad:6e:
27:ce:bf:56:d8:6c:1c:cd:02:a3:bc:ad:86:44:c2:90:7a:29:
35:84:1a:42:91:84:0f:0d:2e:18:f2:38:eb:b6:1c:f8:f5:1c:
a0:f6:d4:ed:7a:b6:68:04:49:fc:56:58:7d:6f:08:54:f4:04:
77:11:6e:c9:6f:b5:9c:d6:ab:7c:3b:7b:45:98:4a:cc:b6:a1:
13:37:70:23:12:ee:da:dc:d5:02:14:55:0f:34:88:0c:21:f4:
ab:c5:5d:42:cb:e0:20:35:4e:ae:d1:d0:ec:22:96:5c:ac:64:
45:68:a7:a3:96:0c:d7:95:6d:24:fd:22:1b:2e:50:a3:da:d0:
42:d5:9e:f1
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVvQporaNTSr6KVFAzH3X2TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjMwMTAxMjEzNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDg4YWEyYTAyZDEyMWJhOThlZmY4ODYxMWRiNGE2NGI2YTExNWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiC0KcqET/jTfjw3miQbspXuSrbCb
h67yoK7DZ5Bol5dOabUpLTNgUwbIImQwcAxrGzSg3ctBjYNalgECmqtNJXPSdluC
1MnhShLi+or7TaJF4HueMx11csU56qmH2ZobIeZJVD5L8+Tod/sFDI/fejAU1pLp
1CX3FAeYATGlPCKnUWuju4FqrCd/nuntyfEF4+9byCdayBPQZ3dR3TF0PEufALRb
0w0UO5HiJxr1hdQYyDJjjX6+5rp0AEkUwS7ncO6kQaK+XNPwMGKdmiFY/2lOo0TQ
k/W5RlBarRsbho/96N4fO3qq4ZufHE+64Eulc0OMuy2ly+LRzYGFcvHSawIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFD2IqioC0SG6mO/4hhHbSmS2oRXvMB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvUFlpcUtnTFJJYnFZN19pR0VkdEtaTGFoRmU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcAKgVBQAAD
MBIDBwAqBUFAABEDBwEqBUFAABQwDQYJKoZIhvcNAQELBQADggEBAInpgnV7mEuT
+8Zspury3fwf/qYwFBRgiW+W4cVbvQesltmbUo5nADuntYeF3D116FEAuQtISRpI
otpeO2ZoDRXyaX8dFXIIAh+CC6xkc87NuiTcqNRVEvN4Nss1lYtdNyPpYiHHsteU
twA/8+M3OWJsjMAubUsKrMCK/vCtbifOv1bYbBzNAqO8rYZEwpB6KTWEGkKRhA8N
LhjyOOu2HPj1HKD21O16tmgESfxWWH1vCFT0BHcRbslvtZzWq3w7e0WYSsy2oRM3
cCMS7trc1QIUVQ80iAwh9KvFXULL4CA1Tq7R0OwillysZEVop6OWDNeVbST9Ihsu
UKPa0ELVnvE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:53 2023 by rpki-client on console-ams.rpki-client.org