Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/ob13X_iXzw9V1OA--GEjZQClgvQ.roa
File: ob13X_iXzw9V1OA--GEjZQClgvQ.roa (raw, json)
Hash identifier: 6JcmobY/yzMt5Iku30C7gjRVuCkzzF3Q/daA5hTZk2U=
Subject key identifier: A1:BD:77:5F:F8:97:CF:0F:55:D4:E0:3E:F8:61:23:65:00:A5:82:F4
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 0186C572FEFC2BDF6528B66A221CDCDE9497
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/ob13X_iXzw9V1OA--GEjZQClgvQ.roa
Signing time: Thu 09 Mar 2023 08:18:13 +0000
ROA not before: Thu 09 Mar 2023 08:18:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199676
IP address blocks: 2a0a:280:2100::/40 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c5:72:fe:fc:2b:df:65:28:b6:6a:22:1c:dc:de:94:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Mar 9 08:18:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1bd775ff897cf0f55d4e03ef861236500a582f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:91:22:db:38:27:24:7b:0c:44:6b:02:20:b8:
df:86:11:8c:c9:57:62:b5:cc:46:60:e3:ff:3d:62:
c6:d5:27:a9:e9:b9:9c:0f:e6:8b:55:28:5b:4f:4e:
dc:18:92:e8:18:37:1d:a7:9f:94:7c:1c:9b:e6:1d:
3c:60:2d:bf:17:90:67:e2:05:cd:9b:fd:eb:41:c1:
85:19:08:ed:d1:f0:c0:6b:52:de:23:0b:cf:54:22:
61:22:ff:0d:c7:3d:68:41:05:a4:c1:6b:a0:f4:1b:
77:f9:b2:2a:8e:b0:2c:da:16:ee:9c:6a:b7:2e:ab:
06:db:02:2f:9a:81:cf:da:4d:6e:f6:2f:06:df:c7:
e0:5a:3c:b9:8e:73:ce:f8:9e:0d:d3:73:23:56:30:
3f:24:07:18:1e:93:d6:e8:3a:35:c7:44:0e:1a:2d:
28:a9:1b:31:16:09:9a:16:c3:98:58:c1:95:b5:e8:
93:0d:5d:7e:cb:83:17:0f:7b:fe:de:02:b5:de:4f:
0e:d5:8e:d6:d8:8f:74:ae:3d:74:f5:0f:6e:18:25:
92:81:74:b3:48:4e:e4:d6:18:f2:fb:1b:2f:00:40:
4c:a9:de:2b:bd:e0:cd:e7:f9:ff:38:97:b7:66:5d:
7e:1b:26:0e:f1:59:d1:4a:8f:d9:96:62:e0:d3:8e:
5a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:BD:77:5F:F8:97:CF:0F:55:D4:E0:3E:F8:61:23:65:00:A5:82:F4
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/ob13X_iXzw9V1OA--GEjZQClgvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280:2100::/40
Signature Algorithm: sha256WithRSAEncryption
17:5a:6d:19:12:e2:f8:03:a4:71:06:85:6a:a5:fb:a9:76:42:
c5:43:18:bc:1e:7c:f2:79:6c:fc:17:80:84:e4:7b:80:9e:5d:
83:b7:83:62:81:ca:18:e4:ec:74:6f:dc:83:f2:be:d4:b6:db:
86:4d:27:06:9d:4f:e2:e1:80:b8:41:01:c0:8b:1c:a8:fc:32:
79:8b:e7:33:90:89:ef:ed:f5:04:39:c3:1c:d5:7b:72:6a:a1:
dd:2c:25:f9:fa:4f:72:5a:23:2f:4c:a0:24:5f:33:b3:71:e3:
2d:ab:64:75:9e:60:ce:6b:45:89:36:48:73:0d:c6:8e:67:03:
21:c7:67:8d:0c:5e:64:c4:01:1c:9a:81:fd:b8:e0:ce:9e:54:
59:dc:84:04:9b:71:50:b2:d9:e2:ed:38:bc:13:57:23:21:11:
d2:b1:fe:1e:59:93:0e:a0:01:e4:69:45:ea:48:43:b9:5d:71:
63:43:ba:e9:48:6f:a6:d2:97:0c:15:a6:ee:6c:7b:cf:b3:72:
ba:29:c0:53:57:92:71:0a:87:e3:cd:fc:84:dd:ec:a7:d7:b4:
47:6b:8a:20:66:5f:2f:e2:ba:ff:01:0c:47:03:13:6e:55:c2:
22:a9:51:12:48:db:74:b4:07:62:19:38:97:23:3c:ff:44:20:
d8:95:e4:12
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYbFcv78K99lKLZqIhzc3pSXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjMwMzA5MDgxODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWJkNzc1ZmY4OTdjZjBmNTVkNGUwM2VmODYxMjM2NTAwYTU4MmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5Ei2zgnJHsMRGsCILjfhhGMyVdi
tcxGYOP/PWLG1Sep6bmcD+aLVShbT07cGJLoGDcdp5+UfByb5h08YC2/F5Bn4gXN
m/3rQcGFGQjt0fDAa1LeIwvPVCJhIv8Nxz1oQQWkwWug9Bt3+bIqjrAs2hbunGq3
LqsG2wIvmoHP2k1u9i8G38fgWjy5jnPO+J4N03MjVjA/JAcYHpPW6Do1x0QOGi0o
qRsxFgmaFsOYWMGVteiTDV1+y4MXD3v+3gK13k8O1Y7W2I90rj109Q9uGCWSgXSz
SE7k1hjy+xsvAEBMqd4rveDN5/n/OJe3Zl1+GyYO8VnRSo/ZlmLg045a7QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKG9d1/4l88PVdTgPvhhI2UApYL0MB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvb2IxM1hfaVh6dzlWMU9BLS1HRWpaUUNsZ3ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgoCgCEw
DQYJKoZIhvcNAQELBQADggEBABdabRkS4vgDpHEGhWql+6l2QsVDGLwefPJ5bPwX
gITke4CeXYO3g2KByhjk7HRv3IPyvtS224ZNJwadT+LhgLhBAcCLHKj8MnmL5zOQ
ie/t9QQ5wxzVe3Jqod0sJfn6T3JaIy9MoCRfM7Nx4y2rZHWeYM5rRYk2SHMNxo5n
AyHHZ40MXmTEARyagf244M6eVFnchASbcVCy2eLtOLwTVyMhEdKx/h5Zkw6gAeRp
RepIQ7ldcWNDuulIb6bSlwwVpu5se8+zcropwFNXknEKh+PN/ITd7KfXtEdriiBm
Xy/iuv8BDEcDE25VwiKpURJI23S0B2IZOJcjPP9EINiV5BI=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:32 2024 by rpki-client on console-ams.rpki-client.org