Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/69v9zdE3ubDW3ixuBdr56V-h18c.roa
File: 69v9zdE3ubDW3ixuBdr56V-h18c.roa (raw, json)
Hash identifier: z/aKxMN5QDjwqliUrkVzyZP0LV2cl5+ruFBP55YZcsA=
Subject key identifier: EB:DB:FD:CD:D1:37:B9:B0:D6:DE:2C:6E:05:DA:F9:E9:5F:A1:D7:C7
Certificate issuer: /CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Certificate serial: 018A70EED2F70694CC9204F0DBDDE2F7CB7E
Authority key identifier: 2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/69v9zdE3ubDW3ixuBdr56V-h18c.roa
Signing time: Thu 07 Sep 2023 18:36:54 +0000
ROA not before: Thu 07 Sep 2023 18:36:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212144
IP address blocks: 2a06:5fc0::/30 maxlen: 30
2a10:3f80::/30 maxlen: 30
2a05:9a40::/29 maxlen: 30
2a05:9a40::/30 maxlen: 30
2a10:3c80::/29 maxlen: 29
2a05:9a44::/30 maxlen: 30
2a10:b40::/29 maxlen: 29
2a0d:6f80::/30 maxlen: 30
2a10:77c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:70:ee:d2:f7:06:94:cc:92:04:f0:db:dd:e2:f7:cb:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Validity
Not Before: Sep 7 18:36:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ebdbfdcdd137b9b0d6de2c6e05daf9e95fa1d7c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a1:ac:c7:5f:6f:5d:d2:e3:da:ab:9d:c3:f4:
2d:d9:26:ff:bd:c5:11:bd:c8:1f:ee:08:bd:c5:95:
18:5b:b6:8b:35:e3:fc:fb:92:71:3d:9f:09:03:cd:
0d:0a:1b:fb:c6:a2:fe:dd:aa:c6:c2:02:cb:82:1c:
50:87:bd:57:80:14:2e:14:77:29:9c:8c:e2:fa:95:
e3:d7:6a:8d:0c:17:15:12:5d:f2:8b:4f:1d:36:c2:
b4:b2:17:82:9e:9f:67:82:53:7b:7d:52:50:50:3b:
6a:c8:e6:04:8b:9e:dd:e0:c2:3d:8d:2e:dd:c2:6a:
3b:df:e6:7a:d7:d6:ea:a1:e6:d0:aa:bf:e2:82:20:
81:0c:2a:8a:b6:15:10:13:2b:68:cb:f0:d5:69:bc:
9d:68:b2:b8:77:62:d4:74:69:a9:2b:0c:79:a0:8b:
4d:6e:02:7c:af:8a:72:ad:0e:3f:df:df:6a:51:51:
d5:d5:82:8d:ce:fa:6f:c5:42:60:ee:f0:5f:ec:bc:
bc:98:b6:00:5a:46:60:40:9a:95:cb:23:06:cb:fd:
cd:4f:2d:91:9b:db:70:79:c3:9b:ea:ae:65:dc:dd:
5a:40:19:b3:c3:a8:ee:16:ac:a6:7d:f5:90:ee:4a:
7d:67:de:27:80:d9:a9:6f:3f:b6:78:4f:f9:b4:3e:
91:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:DB:FD:CD:D1:37:B9:B0:D6:DE:2C:6E:05:DA:F9:E9:5F:A1:D7:C7
X509v3 Authority Key Identifier:
keyid:2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/69v9zdE3ubDW3ixuBdr56V-h18c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:9a40::/29
2a06:5fc0::/30
2a0d:6f80::/30
2a10:b40::/29
2a10:3c80::/29
2a10:3f80::/30
2a10:77c0::/29
Signature Algorithm: sha256WithRSAEncryption
04:31:1a:22:0c:4a:6d:cd:3a:eb:b1:b0:e3:f9:cf:a2:65:20:
18:a2:1e:cf:0e:55:23:9a:46:75:78:a4:6f:03:95:6e:dd:4a:
af:42:54:9d:64:e9:b8:f2:6a:ec:8d:0d:5d:7c:42:de:2f:e3:
9a:f4:72:6b:10:e2:e0:ea:47:ab:2e:56:7f:5d:52:4f:a0:85:
a4:c8:f7:ee:24:02:dc:3f:dd:5c:45:6e:75:e1:03:07:c9:b0:
d5:7a:dd:80:a6:68:a4:a6:e9:34:d1:31:72:be:5a:30:a2:35:
00:72:eb:56:41:0b:46:cd:cc:d9:34:92:fe:a1:ff:bf:71:2d:
d0:d9:83:e3:7c:e1:d1:1f:0b:ba:9e:46:10:ab:e1:42:e8:39:
6b:79:9f:28:ab:50:a6:af:0a:7d:bb:60:d6:11:36:d6:d3:b8:
32:f8:60:96:81:e3:41:98:da:42:a0:e3:72:c5:d4:91:8d:ac:
fe:65:99:9e:ba:ad:fe:74:da:1f:5a:8d:d2:0f:02:a0:3a:85:
3f:d2:61:95:83:da:11:a1:e5:44:44:cc:05:37:6a:26:b0:e2:
d6:d7:2a:78:17:9d:5a:d3:96:39:bc:72:cc:4e:71:62:47:38:
dd:ed:f1:d0:89:e0:c0:ed:4d:a3:1e:8c:c5:63:21:79:46:b5:
35:83:ac:e1
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYpw7tL3BpTMkgTw293i98t+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMTQ1YThiZGYyYmNhMTUwZjI1ZWQ1NGEyNzdiOGY2NTNl
ZmRiM2UwHhcNMjMwOTA3MTgzNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmRiZmRjZGQxMzdiOWIwZDZkZTJjNmUwNWRhZjllOTVmYTFkN2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqGsx19vXdLj2qudw/Qt2Sb/vcUR
vcgf7gi9xZUYW7aLNeP8+5JxPZ8JA80NChv7xqL+3arGwgLLghxQh71XgBQuFHcp
nIzi+pXj12qNDBcVEl3yi08dNsK0sheCnp9nglN7fVJQUDtqyOYEi57d4MI9jS7d
wmo73+Z619bqoebQqr/igiCBDCqKthUQEytoy/DVabydaLK4d2LUdGmpKwx5oItN
bgJ8r4pyrQ4/399qUVHV1YKNzvpvxUJg7vBf7Ly8mLYAWkZgQJqVyyMGy/3NTy2R
m9twecOb6q5l3N1aQBmzw6juFqymffWQ7kp9Z94ngNmpbz+2eE/5tD6RgwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFOvb/c3RN7mw1t4sbgXa+elfodfHMB8GA1UdIwQY
MBaAFCsUWovfK8oVDyXtVKJ3uPZT79s+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMt
MzA0MGJlZDNjY2NkLzEvNjl2OXpkRTN1YkRXM2l4dUJkcjU2Vi1oMThjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMtMzA0MGJlZDNjY2Nk
LzEvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKgWaQAMF
AioGX8ADBQIqDW+AAwUDKhALQAMFAyoQPIADBQIqED+AAwUDKhB3wDANBgkqhkiG
9w0BAQsFAAOCAQEABDEaIgxKbc0667Gw4/nPomUgGKIezw5VI5pGdXikbwOVbt1K
r0JUnWTpuPJq7I0NXXxC3i/jmvRyaxDi4OpHqy5Wf11ST6CFpMj37iQC3D/dXEVu
deEDB8mw1XrdgKZopKbpNNExcr5aMKI1AHLrVkELRs3M2TSS/qH/v3Et0NmD43zh
0R8Lup5GEKvhQug5a3mfKKtQpq8Kfbtg1hE21tO4MvhgloHjQZjaQqDjcsXUkY2s
/mWZnrqt/nTaH1qN0g8CoDqFP9JhlYPaEaHlRETMBTdqJrDi1tcqeBedWtOWObxy
zE5xYkc43e3x0IngwO1Nox6MxWMheUa1NYOs4Q==
-----END CERTIFICATE-----
Generated at Thu Sep 7 19:36:37 2023 by rpki-client on console-fra.rpki-client.org