Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/0h9XwTRMGrAjI2WaYVzdMFzPCVQ.roa
File: 0h9XwTRMGrAjI2WaYVzdMFzPCVQ.roa (raw, json)
Hash identifier: KShmHHaIKvMmOYdksN4iFdjuasvyMf7W3X5zPwQggu8=
Subject key identifier: D2:1F:57:C1:34:4C:1A:B0:23:23:65:9A:61:5C:DD:30:5C:CF:09:54
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 0186A2CD9C3EFB7415271ED374F49A07CBA5
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/0h9XwTRMGrAjI2WaYVzdMFzPCVQ.roa
Signing time: Thu 02 Mar 2023 14:50:29 +0000
ROA not before: Thu 02 Mar 2023 14:50:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203323
IP address blocks: 2a0a:280:1600::/40 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a2:cd:9c:3e:fb:74:15:27:1e:d3:74:f4:9a:07:cb:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Mar 2 14:50:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d21f57c1344c1ab02323659a615cdd305ccf0954
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e9:48:8b:9b:e2:c6:d6:e8:77:57:62:df:b8:
25:1a:33:1a:bb:79:77:bd:0a:f8:25:ea:e8:97:d9:
d1:14:20:6a:3f:65:67:1d:c9:c9:1c:2a:8f:2b:2d:
37:40:06:e7:63:f3:07:fc:18:3c:0b:ae:c1:18:9d:
2c:dc:4f:fe:da:f4:bf:d0:7e:43:db:c3:4f:82:6e:
75:c8:a9:25:0c:ce:4a:a3:18:4a:8c:1c:00:0d:13:
87:be:ea:59:79:cb:4a:9a:4b:8e:0a:4e:9b:69:1a:
3c:78:7b:27:5d:90:83:11:ef:02:35:f7:e7:3f:41:
9e:a3:bd:54:f4:c2:a4:c4:05:f8:41:ab:b8:7d:19:
06:68:11:92:b0:31:92:6e:a0:a6:1e:e0:e4:b0:fc:
c0:ce:31:16:f0:85:9a:c9:a7:7a:65:59:df:28:46:
05:22:77:8d:ac:33:91:08:54:40:84:44:12:75:3a:
3d:c5:07:7d:09:fc:61:7a:ff:ff:26:eb:85:11:80:
53:fd:a4:72:d5:87:17:19:cc:f8:13:51:2f:45:33:
b2:a5:d9:14:63:82:12:05:c3:db:b1:31:d0:a7:58:
c9:87:9c:be:a9:f6:a8:c2:df:de:2c:da:e2:9a:4a:
d7:81:0a:62:85:55:da:f9:f8:69:a2:64:a8:85:7c:
c0:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:1F:57:C1:34:4C:1A:B0:23:23:65:9A:61:5C:DD:30:5C:CF:09:54
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/0h9XwTRMGrAjI2WaYVzdMFzPCVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280:1600::/40
Signature Algorithm: sha256WithRSAEncryption
a9:f0:89:65:13:6b:f8:58:f8:5a:16:cf:f5:33:4d:48:03:15:
74:28:e5:31:e3:5b:5a:1a:62:81:e2:6e:c0:4e:26:a7:f9:1d:
59:c9:83:cd:3b:1f:78:2d:d9:85:62:f3:ef:44:58:ae:83:bd:
0f:9e:09:61:f7:3d:e9:7a:cd:15:02:b8:05:ab:b4:d3:b0:68:
9b:d7:d4:7a:12:bb:2d:1b:35:57:1d:00:28:53:6e:02:b6:77:
1a:a3:7e:58:6c:f9:0a:60:20:46:2a:31:cb:23:a2:d3:0d:e5:
6f:49:79:b5:57:47:10:65:ec:8b:4b:39:67:28:e1:cf:0c:3d:
5e:77:1f:29:ad:38:2c:5d:c8:07:07:a9:e3:9f:c0:b4:6b:75:
d9:5b:66:a8:6e:06:ac:e5:c3:0d:02:de:40:5d:a9:04:c2:54:
c9:59:b3:6c:ac:ff:60:21:1a:71:d5:71:d6:03:9b:bd:93:f2:
94:48:6f:e6:ba:f8:56:03:23:a5:59:0f:09:dd:a0:5b:71:16:
5d:cf:2e:5a:d4:45:6f:f1:12:70:34:08:13:89:b2:60:af:da:
f1:72:76:cf:09:78:ba:0f:30:bf:91:88:0f:ea:9a:40:e8:b6:
6b:45:da:9f:28:f8:7c:72:51:1e:6f:09:98:d5:d1:85:d0:13:
4b:e7:a3:4d
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYaizZw++3QVJx7TdPSaB8ulMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjMwMzAyMTQ1MDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjFmNTdjMTM0NGMxYWIwMjMyMzY1OWE2MTVjZGQzMDVjY2YwOTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuelIi5vixtbod1di37glGjMau3l3
vQr4Jerol9nRFCBqP2VnHcnJHCqPKy03QAbnY/MH/Bg8C67BGJ0s3E/+2vS/0H5D
28NPgm51yKklDM5KoxhKjBwADROHvupZectKmkuOCk6baRo8eHsnXZCDEe8CNffn
P0Geo71U9MKkxAX4Qau4fRkGaBGSsDGSbqCmHuDksPzAzjEW8IWayad6ZVnfKEYF
IneNrDORCFRAhEQSdTo9xQd9Cfxhev//JuuFEYBT/aRy1YcXGcz4E1EvRTOypdkU
Y4ISBcPbsTHQp1jJh5y+qfaowt/eLNrimkrXgQpihVXa+fhpomSohXzA8QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNIfV8E0TBqwIyNlmmFc3TBczwlUMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvMGg5WHdUUk1HckFqSTJXYVlWemRNRnpQQ1ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgoCgBYw
DQYJKoZIhvcNAQELBQADggEBAKnwiWUTa/hY+FoWz/UzTUgDFXQo5THjW1oaYoHi
bsBOJqf5HVnJg807H3gt2YVi8+9EWK6DvQ+eCWH3Pel6zRUCuAWrtNOwaJvX1HoS
uy0bNVcdAChTbgK2dxqjflhs+QpgIEYqMcsjotMN5W9JebVXRxBl7ItLOWco4c8M
PV53HymtOCxdyAcHqeOfwLRrddlbZqhuBqzlww0C3kBdqQTCVMlZs2ys/2AhGnHV
cdYDm72T8pRIb+a6+FYDI6VZDwndoFtxFl3PLlrURW/xEnA0CBOJsmCv2vFyds8J
eLoPML+RiA/qmkDotmtF2p8o+HxyUR5vCZjV0YXQE0vno00=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:51:21 2024 by rpki-client on console-fra.rpki-client.org