Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/SqmnZc2fYpgiB9P7WjIyL3nYylY.roa
File: SqmnZc2fYpgiB9P7WjIyL3nYylY.roa (raw, json)
Hash identifier: DgHPWxlkrP5Bi0cCxRpUjPQ09+NXQcNOeQLaCU3QNFU=
Subject key identifier: 4A:A9:A7:65:CD:9F:62:98:22:07:D3:FB:5A:32:32:2F:79:D8:CA:56
Certificate issuer: /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial: 01856F429D15EC6D2AA148E0E5CB1E01AB23
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/SqmnZc2fYpgiB9P7WjIyL3nYylY.roa
Signing time: Sun 01 Jan 2023 21:35:14 +0000
ROA not before: Sun 01 Jan 2023 21:35:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203363
IP address blocks: 2a05:4140:700::/40 maxlen: 40
2a05:4140:800::/40 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:9d:15:ec:6d:2a:a1:48:e0:e5:cb:1e:01:ab:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Validity
Not Before: Jan 1 21:35:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4aa9a765cd9f62982207d3fb5a32322f79d8ca56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:7f:0d:c7:6a:b9:27:f5:b5:99:6b:9a:9e:b3:
b7:31:b4:c4:39:17:4a:94:15:98:d6:8e:56:32:d0:
8d:7f:cf:e4:ab:56:b3:74:68:80:c8:35:51:d8:e1:
a7:91:77:29:8b:3b:80:4b:b8:2a:ed:0c:a4:1b:e0:
95:c7:1c:ed:09:8a:0b:ae:7e:89:8a:3f:a5:26:a8:
d3:58:aa:43:3d:56:b0:53:cc:4a:27:5b:28:84:71:
c9:fc:de:81:a3:4d:d5:96:dd:82:08:6f:f0:63:6a:
d9:28:be:4b:e4:9e:c8:18:51:3f:02:34:00:c2:2a:
be:20:30:d1:ba:e0:53:b3:a1:41:18:7b:ca:49:a5:
20:4b:54:24:6b:7c:aa:b7:c1:47:6e:f9:6e:89:29:
9e:d0:a8:cf:70:76:e1:fe:00:ba:a9:8d:6b:9d:66:
60:16:0e:cb:e7:6e:f4:7c:46:c0:dc:66:6f:96:6b:
53:9b:fb:d8:31:68:4e:c3:b1:5b:e3:cf:8f:f0:b0:
52:90:f3:b3:a4:70:c5:03:4b:d5:a0:80:0a:5f:34:
8e:e5:9b:f3:f4:24:fd:d6:1f:ba:9a:94:d1:d3:06:
61:f6:4c:22:ee:ce:d1:8d:12:f6:72:3a:c6:c2:52:
fb:51:cf:9c:69:03:be:46:b9:ba:a7:9b:59:d8:49:
29:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:A9:A7:65:CD:9F:62:98:22:07:D3:FB:5A:32:32:2F:79:D8:CA:56
X509v3 Authority Key Identifier:
keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/SqmnZc2fYpgiB9P7WjIyL3nYylY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:4140:700::-2a05:4140:8ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
62:ac:4b:db:8e:b1:b6:ba:f1:6c:da:14:70:2d:ff:96:ec:08:
56:95:3b:5a:7c:21:23:71:50:ab:f1:bb:36:b5:3d:4f:f3:4d:
9e:e4:29:05:e4:ca:e0:7d:0a:0f:5b:33:16:ba:ee:8c:31:64:
2b:03:5f:dd:5e:08:28:a1:6e:54:37:97:71:fb:a8:8b:45:61:
fe:7d:72:12:33:24:ae:52:f8:35:86:ee:88:79:46:8c:a8:96:
eb:4f:a4:59:99:fb:ae:8b:88:a8:4a:86:ee:c8:7c:44:41:8a:
07:e7:4d:fb:33:ed:87:1f:e8:15:77:28:4a:d3:40:fe:d2:5f:
82:1f:76:a7:da:f3:da:be:ed:4b:62:3e:1d:55:00:1f:18:0b:
84:1c:b0:cd:15:5f:54:44:45:0c:cc:21:8c:92:bf:9a:f4:56:
80:9d:10:22:7e:40:6e:f6:7c:27:c0:eb:60:58:1d:6f:f2:4f:
3f:7b:72:61:52:70:ea:ab:bb:af:12:29:b1:3d:62:95:be:ba:
0a:00:7a:65:d5:09:f2:52:f0:23:d0:d2:fd:50:8b:b4:aa:39:
c5:f3:df:00:08:ff:63:6a:e2:0a:e4:bf:25:82:71:f0:62:51:
89:96:3b:f4:f6:ba:e4:ca:e0:55:7d:08:aa:98:f2:9d:04:4a:
f3:e7:f3:e1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvQp0V7G0qoUjg5cseAasjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjMwMTAxMjEzNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWE5YTc2NWNkOWY2Mjk4MjIwN2QzZmI1YTMyMzIyZjc5ZDhjYTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8H8Nx2q5J/W1mWuanrO3MbTEORdK
lBWY1o5WMtCNf8/kq1azdGiAyDVR2OGnkXcpizuAS7gq7QykG+CVxxztCYoLrn6J
ij+lJqjTWKpDPVawU8xKJ1sohHHJ/N6Bo03Vlt2CCG/wY2rZKL5L5J7IGFE/AjQA
wiq+IDDRuuBTs6FBGHvKSaUgS1Qka3yqt8FHbvluiSme0KjPcHbh/gC6qY1rnWZg
Fg7L5270fEbA3GZvlmtTm/vYMWhOw7Fb48+P8LBSkPOzpHDFA0vVoIAKXzSO5Zvz
9CT91h+6mpTR0wZh9kwi7s7RjRL2cjrGwlL7Uc+caQO+Rrm6p5tZ2EkpswIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEqpp2XNn2KYIgfT+1oyMi952MpWMB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvU3FtblpjMmZZcGdpQjlQN1dqSXlMM25ZeWxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBgAqBUFA
BwMGACoFQUAIMA0GCSqGSIb3DQEBCwUAA4IBAQBirEvbjrG2uvFs2hRwLf+W7AhW
lTtafCEjcVCr8bs2tT1P802e5CkF5MrgfQoPWzMWuu6MMWQrA1/dXggooW5UN5dx
+6iLRWH+fXISMySuUvg1hu6IeUaMqJbrT6RZmfuui4ioSobuyHxEQYoH5037M+2H
H+gVdyhK00D+0l+CH3an2vPavu1LYj4dVQAfGAuEHLDNFV9UREUMzCGMkr+a9FaA
nRAifkBu9nwnwOtgWB1v8k8/e3JhUnDqq7uvEimxPWKVvroKAHpl1QnyUvAj0NL9
UIu0qjnF898ACP9jauIK5L8lgnHwYlGJljv09rrkyuBVfQiqmPKdBErz5/Ph
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:06 2023 by rpki-client on console-fra.rpki-client.org