Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/ROAyttCKaaXI_Q0xlMFksJ877zk.roa
File: ROAyttCKaaXI_Q0xlMFksJ877zk.roa (raw, json)
Hash identifier: FNiqMboDZrBcJ+LWPXMP4yNZ8aDCZScOxYw8E+zlBt0=
Subject key identifier: 44:E0:32:B6:D0:8A:69:A5:C8:FD:0D:31:94:C1:64:B0:9F:3B:EF:39
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 0189C627B58B68D776D03E21B556008407E4
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/ROAyttCKaaXI_Q0xlMFksJ877zk.roa
Signing time: Sat 05 Aug 2023 14:43:58 +0000
ROA not before: Sat 05 Aug 2023 14:43:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 150249
IP address blocks: 2a0a:280:1000::/40 maxlen: 48
2a0a:280:2a00::/40 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c6:27:b5:8b:68:d7:76:d0:3e:21:b5:56:00:84:07:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Aug 5 14:43:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44e032b6d08a69a5c8fd0d3194c164b09f3bef39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ca:21:c9:c4:3f:d0:8d:d9:a9:a9:07:69:73:
ac:67:6e:55:6a:bb:f5:f8:fd:db:b5:e1:fd:c4:c8:
6c:8f:49:fa:9f:52:06:ba:50:dd:32:9e:b6:22:79:
8d:68:ee:ae:e2:18:95:f0:34:46:de:9d:92:93:93:
05:50:3d:d3:b4:12:24:1c:ec:ea:30:da:56:69:90:
c3:29:55:6b:99:54:98:1b:07:8d:bc:14:5e:d7:69:
f4:2d:83:c7:ec:bf:7d:32:05:a0:a3:4b:19:b3:50:
18:ad:35:f6:bc:51:59:69:11:9f:3d:4f:a4:36:a5:
7a:5f:e8:e1:ba:46:1c:20:e2:ff:bb:96:84:06:a7:
ba:86:9f:15:de:b7:a9:3a:26:5b:33:c0:82:dc:74:
3e:fb:af:31:09:63:19:20:a5:83:15:44:6c:3e:02:
25:8d:b7:07:a0:d7:93:3c:74:f0:9d:51:83:06:9e:
65:05:22:02:2f:26:ce:2a:e0:eb:60:60:30:3f:bf:
b5:94:4e:87:05:50:57:85:90:6e:31:f7:81:00:77:
28:6b:05:01:7c:af:02:1c:57:c0:79:f2:ab:24:93:
e3:f8:c2:cd:6a:10:eb:1f:e8:18:22:da:96:81:ba:
c3:76:6b:10:15:23:a4:87:ce:d1:ff:7b:c7:5e:73:
71:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:E0:32:B6:D0:8A:69:A5:C8:FD:0D:31:94:C1:64:B0:9F:3B:EF:39
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/ROAyttCKaaXI_Q0xlMFksJ877zk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280:1000::/40
2a0a:280:2a00::/40
Signature Algorithm: sha256WithRSAEncryption
41:ff:d4:0b:1b:29:c8:c0:11:de:a9:32:01:2d:94:3b:71:f8:
03:22:83:2d:1c:a4:c6:eb:b2:f7:05:bb:39:74:55:b0:6b:31:
22:aa:eb:57:99:76:98:ca:ae:55:48:f6:cb:56:04:5a:dc:68:
bb:36:1f:b3:1b:9c:99:d2:f9:79:a4:8c:b5:37:d1:db:ed:ff:
ba:92:4f:17:ab:9d:77:45:c3:b9:cf:38:55:15:af:00:10:13:
f9:e7:df:7a:48:31:34:01:3a:20:6e:bd:e9:2d:a7:f4:f1:da:
01:ab:33:b9:92:c3:97:1e:f7:89:b6:9e:46:4f:b8:09:49:c8:
ad:e4:f7:0a:a4:a4:74:41:0e:95:df:b5:19:6f:00:34:18:39:
72:1f:7c:e9:86:ee:a3:e9:f7:21:61:a3:1d:c5:cb:03:b0:46:
f8:42:21:90:be:48:2e:0f:74:97:21:de:74:cd:7a:c9:8a:22:
9b:07:33:69:39:08:a6:7d:ce:80:2b:46:0c:7a:1d:d6:c7:0f:
c3:b7:5d:55:a4:12:9f:e3:15:b2:5a:c3:22:ec:ab:cb:80:a4:
9b:a6:70:9f:fc:64:89:ca:20:af:37:7d:47:3c:98:ef:b8:2f:
cb:38:cb:6f:fe:a2:8a:39:5f:70:ac:86:02:28:29:1c:1f:76:
17:28:54:f8
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYnGJ7WLaNd20D4htVYAhAfkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjMwODA1MTQ0MzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGUwMzJiNmQwOGE2OWE1YzhmZDBkMzE5NGMxNjRiMDlmM2JlZjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8ohycQ/0I3ZqakHaXOsZ25Varv1
+P3bteH9xMhsj0n6n1IGulDdMp62InmNaO6u4hiV8DRG3p2Sk5MFUD3TtBIkHOzq
MNpWaZDDKVVrmVSYGweNvBRe12n0LYPH7L99MgWgo0sZs1AYrTX2vFFZaRGfPU+k
NqV6X+jhukYcIOL/u5aEBqe6hp8V3repOiZbM8CC3HQ++68xCWMZIKWDFURsPgIl
jbcHoNeTPHTwnVGDBp5lBSICLybOKuDrYGAwP7+1lE6HBVBXhZBuMfeBAHcoawUB
fK8CHFfAefKrJJPj+MLNahDrH+gYItqWgbrDdmsQFSOkh87R/3vHXnNx5wIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFETgMrbQimmlyP0NMZTBZLCfO+85MB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvUk9BeXR0Q0thYVhJX1EweGxNRmtzSjg3N3prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYAKgoCgBAD
BgAqCgKAKjANBgkqhkiG9w0BAQsFAAOCAQEAQf/UCxspyMAR3qkyAS2UO3H4AyKD
LRykxuuy9wW7OXRVsGsxIqrrV5l2mMquVUj2y1YEWtxouzYfsxucmdL5eaSMtTfR
2+3/upJPF6udd0XDuc84VRWvABAT+effekgxNAE6IG696S2n9PHaAaszuZLDlx73
ibaeRk+4CUnIreT3CqSkdEEOld+1GW8ANBg5ch986Ybuo+n3IWGjHcXLA7BG+EIh
kL5ILg90lyHedM16yYoimwczaTkIpn3OgCtGDHod1scPw7ddVaQSn+MVslrDIuyr
y4Ckm6Zwn/xkicogrzd9RzyY77gvyzjLb/6iijlfcKyGAigpHB92FyhU+A==
-----END CERTIFICATE-----
Generated at Sat Aug 5 15:40:13 2023 by rpki-client on console-fra.rpki-client.org