Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/u8XFQL_hCavkLqbAJFia9JyuQOs.roa
File: u8XFQL_hCavkLqbAJFia9JyuQOs.roa (raw, json)
Hash identifier: 9YKo3thK78thZA04E9SCQgeUMgQjzQkpVK3FoPO7n8M=
Subject key identifier: BB:C5:C5:40:BF:E1:09:AB:E4:2E:A6:C0:24:58:9A:F4:9C:AE:40:EB
Certificate issuer: /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial: 01856F429FCF0255535402A63AC6B4C59F75
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/u8XFQL_hCavkLqbAJFia9JyuQOs.roa
Signing time: Sun 01 Jan 2023 21:35:15 +0000
ROA not before: Sun 01 Jan 2023 21:35:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211138
IP address blocks: 2a05:4140:500::/40 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:9f:cf:02:55:53:54:02:a6:3a:c6:b4:c5:9f:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Validity
Not Before: Jan 1 21:35:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbc5c540bfe109abe42ea6c024589af49cae40eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:5e:d9:d4:f5:3e:d6:b6:26:d0:70:b7:a4:e7:
fc:92:8c:a2:d6:73:bc:da:a9:89:b6:e7:a8:7d:a2:
ce:f1:04:6f:4d:39:cd:a7:4a:85:4c:82:c2:e4:93:
6c:37:ec:72:8e:73:27:d4:1d:38:b8:b2:c5:5e:45:
d6:b4:91:f2:81:56:3a:68:b6:ae:c3:ec:17:74:0b:
09:cb:c4:4e:c5:89:a6:16:f6:f8:df:6b:19:0f:de:
99:a9:f3:ec:65:44:79:2e:51:91:43:65:c2:9b:e6:
3d:c3:fa:14:e6:5d:89:75:d8:28:64:f4:d2:5f:09:
55:d0:4d:0e:9e:6d:11:d7:13:ed:b1:56:3e:1b:6e:
99:9c:44:6b:08:0d:9e:00:73:13:e1:fb:a6:a8:65:
ca:d5:a3:7d:dc:63:9f:9c:41:b1:5e:52:b9:51:67:
c2:25:12:f5:96:3a:13:96:4b:19:99:d9:f0:34:c3:
b8:c4:c6:78:11:ff:e1:9c:93:eb:e1:ae:f5:fb:c2:
06:a1:43:78:24:e2:47:f6:42:7d:76:b7:d5:f6:b9:
5d:af:90:94:27:bb:34:33:7a:fc:02:4d:3e:31:bd:
9f:fb:61:3b:df:ae:74:b0:ac:a2:2c:8a:da:52:c5:
1a:d8:53:ee:66:72:4e:28:d9:34:b0:69:55:93:09:
24:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:C5:C5:40:BF:E1:09:AB:E4:2E:A6:C0:24:58:9A:F4:9C:AE:40:EB
X509v3 Authority Key Identifier:
keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/u8XFQL_hCavkLqbAJFia9JyuQOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:4140:500::/40
Signature Algorithm: sha256WithRSAEncryption
0a:6f:49:b6:eb:e3:7e:53:3a:61:9e:7b:3a:79:ed:81:0c:ea:
b0:37:f5:9a:1c:8a:6e:49:dc:51:f4:5e:41:e8:0d:40:fd:d1:
9c:6e:09:5f:02:57:d7:42:68:0b:69:95:f8:bc:5e:52:65:76:
87:b2:02:ff:b4:ec:9d:3c:55:55:4a:b4:74:e7:06:f2:56:86:
85:40:49:90:99:77:81:37:33:d8:4c:bc:24:13:e6:86:02:d0:
5e:dd:cc:d2:bc:c1:1f:fb:6e:fb:fe:bc:9d:81:45:4e:2f:9c:
ae:67:9b:29:cc:d6:fe:8b:81:f7:cd:d3:f4:61:32:22:c2:bc:
42:c5:5d:4a:e6:07:46:84:ff:92:d4:20:11:26:3f:b3:41:1c:
ec:f1:8c:4a:ad:80:1f:3a:6b:4e:3e:f4:28:1c:56:8d:eb:2f:
79:00:8e:8f:74:65:73:ba:f2:19:7d:80:14:32:80:24:fa:9c:
9a:48:f3:db:ee:b6:89:29:29:d8:7b:b3:5b:2c:57:cb:ce:bb:
d9:a1:91:d7:af:bd:54:36:62:69:a3:03:36:06:26:20:8d:30:
4f:27:a3:41:42:20:72:bf:30:ba:9d:3d:10:65:99:04:e8:e3:
9c:d0:b9:e6:fb:57:29:47:81:c4:fd:11:e4:22:93:fb:d2:d0:
09:4f:ba:21
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVvQp/PAlVTVAKmOsa0xZ91MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjMwMTAxMjEzNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmM1YzU0MGJmZTEwOWFiZTQyZWE2YzAyNDU4OWFmNDljYWU0MGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAql7Z1PU+1rYm0HC3pOf8koyi1nO8
2qmJtueofaLO8QRvTTnNp0qFTILC5JNsN+xyjnMn1B04uLLFXkXWtJHygVY6aLau
w+wXdAsJy8ROxYmmFvb432sZD96ZqfPsZUR5LlGRQ2XCm+Y9w/oU5l2JddgoZPTS
XwlV0E0Onm0R1xPtsVY+G26ZnERrCA2eAHMT4fumqGXK1aN93GOfnEGxXlK5UWfC
JRL1ljoTlksZmdnwNMO4xMZ4Ef/hnJPr4a71+8IGoUN4JOJH9kJ9drfV9rldr5CU
J7s0M3r8Ak0+Mb2f+2E73650sKyiLIraUsUa2FPuZnJOKNk0sGlVkwkk0wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFLvFxUC/4Qmr5C6mwCRYmvScrkDrMB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvdThYRlFMX2hDYXZrTHFiQUpGaWE5Snl1UU9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgVBQAUw
DQYJKoZIhvcNAQELBQADggEBAApvSbbr435TOmGeezp57YEM6rA39Zocim5J3FH0
XkHoDUD90ZxuCV8CV9dCaAtplfi8XlJldoeyAv+07J08VVVKtHTnBvJWhoVASZCZ
d4E3M9hMvCQT5oYC0F7dzNK8wR/7bvv+vJ2BRU4vnK5nmynM1v6LgffN0/RhMiLC
vELFXUrmB0aE/5LUIBEmP7NBHOzxjEqtgB86a04+9CgcVo3rL3kAjo90ZXO68hl9
gBQygCT6nJpI89vutokpKdh7s1ssV8vOu9mhkdevvVQ2YmmjAzYGJiCNME8no0FC
IHK/MLqdPRBlmQTo45zQueb7VylHgcT9EeQik/vS0AlPuiE=
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:06 2024 by rpki-client on console-ams.rpki-client.org