Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/vO2mAcORSqzQP1wvhRN9igqnVmc.roa
File: vO2mAcORSqzQP1wvhRN9igqnVmc.roa (raw, json)
Hash identifier: cCIlDh9ajhVoSUr+eH8UBUSwSre6atScV4lVUjdKcE0=
Subject key identifier: BC:ED:A6:01:C3:91:4A:AC:D0:3F:5C:2F:85:13:7D:8A:0A:A7:56:67
Certificate issuer: /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial: 01856F42A2C8B991D01D09A24DF4EEEE022C
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/vO2mAcORSqzQP1wvhRN9igqnVmc.roa
Signing time: Sun 01 Jan 2023 21:35:15 +0000
ROA not before: Sun 01 Jan 2023 21:35:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211772
IP address blocks: 2a05:4140:375::/48 maxlen: 48
2a05:4140:325::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:a2:c8:b9:91:d0:1d:09:a2:4d:f4:ee:ee:02:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Validity
Not Before: Jan 1 21:35:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bceda601c3914aacd03f5c2f85137d8a0aa75667
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:90:a1:3d:cd:df:28:de:f8:7d:6a:9e:c8:dc:
58:67:81:ca:23:1e:52:98:6a:ff:99:5e:d9:82:83:
8f:d7:98:04:62:d1:98:c3:6b:b7:ff:ef:d1:fd:2e:
26:ec:0d:ca:7c:e0:bf:b3:30:5b:e2:98:7e:22:ec:
48:8b:2d:3a:d5:ec:d7:d0:9e:17:4f:f1:85:51:d7:
f4:1d:23:f2:20:f7:65:f9:4c:db:0f:b2:50:f1:6d:
04:32:30:c2:9e:02:a1:3d:c7:6b:7d:36:04:df:7a:
68:93:ac:4e:24:ed:40:0e:08:13:c2:84:5c:19:c4:
2b:2c:e1:0f:a7:5c:1b:7f:36:c7:a2:fa:a9:63:f6:
f0:49:74:d8:5c:c1:2e:d4:bf:a9:ff:26:8e:bd:7c:
c9:98:2c:5b:df:bb:26:20:a6:b4:fc:8a:2f:0c:ee:
f8:2c:91:5e:7a:86:bf:db:ec:64:d7:93:55:59:e9:
ab:73:15:8c:7e:43:07:e1:5f:7a:2c:fe:2f:b4:a7:
68:93:3e:3a:70:18:89:f7:55:58:e3:d3:98:65:5e:
d8:4f:d0:cb:8e:50:cd:52:c8:7c:cc:6f:75:4b:f7:
29:b4:d6:3e:ef:39:07:61:1d:72:9d:0d:02:37:6c:
ac:fe:78:02:82:c9:d0:2f:53:30:b9:18:ba:db:44:
b5:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:ED:A6:01:C3:91:4A:AC:D0:3F:5C:2F:85:13:7D:8A:0A:A7:56:67
X509v3 Authority Key Identifier:
keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/vO2mAcORSqzQP1wvhRN9igqnVmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:4140:325::/48
2a05:4140:375::/48
Signature Algorithm: sha256WithRSAEncryption
59:5d:5a:06:4b:29:fc:13:2f:ca:5d:e6:ff:0e:41:56:3d:a4:
90:5f:92:ee:fb:41:74:28:ce:4a:99:af:7d:b4:91:22:00:99:
d5:16:2f:4b:06:84:68:08:d0:52:0a:ed:40:1d:07:81:56:ff:
19:03:7e:c4:65:04:cc:33:d9:54:de:06:7a:ad:d8:55:76:e4:
9d:87:9b:80:1e:02:c2:25:65:60:65:6b:e8:0a:d7:8e:3a:cc:
a6:78:8d:5d:a1:2d:f2:c8:7c:d5:bf:46:2d:ee:cc:cc:53:2d:
9a:2c:ed:30:6e:d3:d0:35:43:84:e7:83:4b:04:c2:8a:6d:93:
f0:37:a3:1f:63:0e:bc:b0:da:d0:2b:33:7f:4d:c4:cb:d7:bf:
33:f5:96:0f:dd:4a:64:64:6c:e7:3f:26:1a:6b:1f:9f:3f:19:
bd:a4:a0:15:42:39:72:ef:06:3d:95:cc:3b:af:e4:e6:c9:06:
a9:e0:b1:8f:3a:ac:48:46:2d:9a:95:6c:6a:55:19:d8:47:a7:
57:ab:50:99:ef:ba:38:ec:63:0d:84:59:06:f8:78:90:dc:8d:
b1:c6:9c:32:90:c3:6e:59:b0:7e:73:a1:47:35:06:62:7f:64:
34:b8:91:2b:83:1d:7e:2e:ce:9d:aa:9d:aa:4e:49:e4:56:df:
34:f9:75:db
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvQqLIuZHQHQmiTfTu7gIsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjMwMTAxMjEzNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2VkYTYwMWMzOTE0YWFjZDAzZjVjMmY4NTEzN2Q4YTBhYTc1NjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5ChPc3fKN74fWqeyNxYZ4HKIx5S
mGr/mV7ZgoOP15gEYtGYw2u3/+/R/S4m7A3KfOC/szBb4ph+IuxIiy061ezX0J4X
T/GFUdf0HSPyIPdl+UzbD7JQ8W0EMjDCngKhPcdrfTYE33pok6xOJO1ADggTwoRc
GcQrLOEPp1wbfzbHovqpY/bwSXTYXMEu1L+p/yaOvXzJmCxb37smIKa0/IovDO74
LJFeeoa/2+xk15NVWemrcxWMfkMH4V96LP4vtKdokz46cBiJ91VY49OYZV7YT9DL
jlDNUsh8zG91S/cptNY+7zkHYR1ynQ0CN2ys/ngCgsnQL1MwuRi620S1gQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLztpgHDkUqs0D9cL4UTfYoKp1ZnMB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvdk8ybUFjT1JTcXpRUDF3dmhSTjlpZ3FuVm1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgVBQAMl
AwcAKgVBQAN1MA0GCSqGSIb3DQEBCwUAA4IBAQBZXVoGSyn8Ey/KXeb/DkFWPaSQ
X5Lu+0F0KM5Kma99tJEiAJnVFi9LBoRoCNBSCu1AHQeBVv8ZA37EZQTMM9lU3gZ6
rdhVduSdh5uAHgLCJWVgZWvoCteOOsymeI1doS3yyHzVv0Yt7szMUy2aLO0wbtPQ
NUOE54NLBMKKbZPwN6MfYw68sNrQKzN/TcTL178z9ZYP3UpkZGznPyYaax+fPxm9
pKAVQjly7wY9lcw7r+TmyQap4LGPOqxIRi2alWxqVRnYR6dXq1CZ77o47GMNhFkG
+HiQ3I2xxpwykMNuWbB+c6FHNQZif2Q0uJErgx1+Ls6dqp2qTknkVt80+XXb
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:06 2024 by rpki-client on console-ams.rpki-client.org