Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/kIXGWcCH97jt5_pHHmv-WZDPUTE.roa
File: kIXGWcCH97jt5_pHHmv-WZDPUTE.roa (raw, json)
Hash identifier: xKf3vzIlZV2cukxrvy7898xmTAsz56QrILFQgMBO/3I=
Subject key identifier: 90:85:C6:59:C0:87:F7:B8:ED:E7:FA:47:1E:6B:FE:59:90:CF:51:31
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 0186C658CC95B896B13EB99A7DB4B18CF0B8
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/kIXGWcCH97jt5_pHHmv-WZDPUTE.roa
Signing time: Thu 09 Mar 2023 12:29:13 +0000
ROA not before: Thu 09 Mar 2023 12:29:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200866
IP address blocks: 2a0a:280:2200::/40 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c6:58:cc:95:b8:96:b1:3e:b9:9a:7d:b4:b1:8c:f0:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Mar 9 12:29:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9085c659c087f7b8ede7fa471e6bfe5990cf5131
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:fe:d9:7f:de:3e:86:58:fd:de:e9:eb:ee:12:
62:48:ef:b5:6a:5f:67:33:3a:f0:2d:66:eb:2e:27:
70:36:77:65:e6:75:00:bf:9c:3c:17:41:84:4f:a8:
e4:28:7d:f4:74:7c:61:b4:c0:10:ba:a1:84:4b:97:
74:40:46:57:d1:c6:cd:21:39:b0:25:de:02:30:93:
56:6b:1e:fb:99:68:f7:15:16:ee:37:8c:76:68:3d:
eb:61:f1:2c:73:47:1b:c1:c2:af:f8:fd:1b:36:13:
94:0c:40:e7:d7:88:30:4a:af:9a:1d:c6:5d:40:5e:
f2:15:f0:c7:99:81:d8:0b:2a:e4:b3:30:da:f0:5a:
72:1e:c0:a1:50:a9:35:d8:03:6f:e1:3f:8c:3d:21:
27:f8:17:c2:69:12:6e:8b:20:5e:70:2d:32:9c:3c:
65:e0:dc:38:38:20:14:e8:28:fe:6f:2c:72:7b:66:
01:a4:52:df:8f:2d:a5:88:dc:3f:46:be:16:f7:8f:
9e:78:a1:f1:88:ab:b4:6d:e2:7d:0f:29:ad:5f:48:
86:1f:d7:af:ee:58:67:da:cf:2f:79:c3:0e:1b:32:
93:f3:32:8e:37:fb:64:c9:3f:69:a8:fd:c9:3f:de:
3c:1b:ae:13:35:4f:c8:b7:b7:9e:26:71:df:4d:e2:
fa:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:85:C6:59:C0:87:F7:B8:ED:E7:FA:47:1E:6B:FE:59:90:CF:51:31
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/kIXGWcCH97jt5_pHHmv-WZDPUTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280:2200::/40
Signature Algorithm: sha256WithRSAEncryption
7a:e9:75:4f:aa:1d:c4:54:4f:07:fe:fa:c1:8f:67:d3:e2:74:
c9:a4:10:bf:d0:f6:c6:5e:50:f3:ca:c7:fd:28:5f:be:84:8c:
4f:c0:a2:d3:30:c5:a0:24:53:b3:94:8f:c7:5e:5c:2a:02:cb:
f4:fb:c7:90:d9:d5:41:7e:88:ec:71:7e:82:45:ed:fa:85:d8:
e2:66:17:cd:64:30:b4:d4:f0:b8:e7:0b:76:9f:e0:1d:1c:d5:
73:09:11:b3:eb:36:e7:9d:d5:9b:64:a3:00:50:7d:78:05:55:
79:76:a0:59:3b:4e:3f:e2:a0:5c:48:3b:89:94:29:3b:7f:5d:
af:a6:ea:78:7b:20:6c:34:71:74:ed:9e:23:59:ca:01:24:69:
e2:4d:68:a0:04:bc:c2:7a:9d:5c:36:b8:9e:7e:4b:f7:4c:61:
36:33:c1:c5:b2:99:ed:c6:91:f0:27:8f:d5:55:54:6a:a5:47:
28:1b:48:47:ad:72:8d:3f:5c:10:fd:42:ec:0d:06:8e:8e:95:
c9:e4:8e:70:4d:f6:a4:be:46:94:b4:a6:8c:f6:27:c6:9f:ec:
31:66:52:a7:90:78:c6:45:d6:66:56:9f:68:57:50:75:b9:e6:
dc:c5:ca:1b:66:5d:b5:33:00:21:4e:f5:59:fa:13:97:f4:74:
e5:d5:9f:62
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYbGWMyVuJaxPrmafbSxjPC4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjMwMzA5MTIyOTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDg1YzY1OWMwODdmN2I4ZWRlN2ZhNDcxZTZiZmU1OTkwY2Y1MTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvP7Zf94+hlj93unr7hJiSO+1al9n
MzrwLWbrLidwNndl5nUAv5w8F0GET6jkKH30dHxhtMAQuqGES5d0QEZX0cbNITmw
Jd4CMJNWax77mWj3FRbuN4x2aD3rYfEsc0cbwcKv+P0bNhOUDEDn14gwSq+aHcZd
QF7yFfDHmYHYCyrkszDa8FpyHsChUKk12ANv4T+MPSEn+BfCaRJuiyBecC0ynDxl
4Nw4OCAU6Cj+byxye2YBpFLfjy2liNw/Rr4W94+eeKHxiKu0beJ9DymtX0iGH9ev
7lhn2s8vecMOGzKT8zKON/tkyT9pqP3JP948G64TNU/It7eeJnHfTeL6fwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJCFxlnAh/e47ef6Rx5r/lmQz1ExMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEva0lYR1djQ0g5N2p0NV9wSEhtdi1XWkRQVVRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgoCgCIw
DQYJKoZIhvcNAQELBQADggEBAHrpdU+qHcRUTwf++sGPZ9PidMmkEL/Q9sZeUPPK
x/0oX76EjE/AotMwxaAkU7OUj8deXCoCy/T7x5DZ1UF+iOxxfoJF7fqF2OJmF81k
MLTU8LjnC3af4B0c1XMJEbPrNued1ZtkowBQfXgFVXl2oFk7Tj/ioFxIO4mUKTt/
Xa+m6nh7IGw0cXTtniNZygEkaeJNaKAEvMJ6nVw2uJ5+S/dMYTYzwcWyme3GkfAn
j9VVVGqlRygbSEetco0/XBD9QuwNBo6OlcnkjnBN9qS+RpS0poz2J8af7DFmUqeQ
eMZF1mZWn2hXUHW55tzFyhtmXbUzACFO9Vn6E5f0dOXVn2I=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:32 2024 by rpki-client on console-ams.rpki-client.org