Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/p-rLD1IdEoF_NvzK8jTDrzc7omI.roa
File: p-rLD1IdEoF_NvzK8jTDrzc7omI.roa (raw, json)
Hash identifier: CGHivcLlKI8bRqp5KtdA34ThpQP/78LmZQDJkWKxva0=
Subject key identifier: A7:EA:CB:0F:52:1D:12:81:7F:36:FC:CA:F2:34:C3:AF:37:3B:A2:62
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 01869218F76BB67600AE24AE6CB26DDBC1F9
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/p-rLD1IdEoF_NvzK8jTDrzc7omI.roa
Signing time: Mon 27 Feb 2023 08:59:15 +0000
ROA not before: Mon 27 Feb 2023 08:59:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202952
IP address blocks: 2a0a:280:1400::/40 maxlen: 44
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:92:18:f7:6b:b6:76:00:ae:24:ae:6c:b2:6d:db:c1:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Feb 27 08:59:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7eacb0f521d12817f36fccaf234c3af373ba262
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:cf:1b:a8:ab:a9:3c:8d:2e:73:47:91:32:06:
bd:5e:00:1f:28:c1:e7:c4:8c:53:66:d9:e2:f4:8e:
23:c7:4e:84:45:65:67:82:3f:e0:2e:4a:68:9a:8e:
74:f2:8c:8c:67:4a:47:00:6e:f8:ee:35:b0:9d:35:
86:10:71:41:2c:5c:89:b3:1d:de:80:26:87:02:47:
4e:97:3c:8d:ac:64:e5:64:30:74:ea:09:2f:73:ec:
d1:b0:08:59:65:d9:7d:97:1a:22:89:4f:5a:af:36:
0b:36:17:62:81:9c:88:6c:20:e4:2f:50:c5:cb:87:
fa:ce:99:f5:5c:c3:6c:a4:0d:35:49:f1:32:0e:1d:
da:83:4e:a7:29:4f:0a:2c:86:78:d2:c6:04:55:19:
ac:0b:34:07:e6:6f:b6:50:4c:ca:c9:df:71:b0:bf:
60:5c:f9:1f:d2:c7:9d:7d:32:ce:79:91:fa:a3:54:
56:ae:21:e4:f8:fa:86:15:e9:d3:76:f6:08:36:df:
33:f6:1a:17:c0:1e:89:c6:c3:4f:6c:53:5a:6b:67:
39:1e:c6:7d:32:59:59:d6:84:ba:17:fe:99:9c:89:
c2:ad:38:08:b0:f9:8b:88:c5:48:f6:c9:dd:a2:db:
63:e4:67:df:2f:16:a0:67:db:bd:7a:3e:8d:0a:b2:
e7:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:EA:CB:0F:52:1D:12:81:7F:36:FC:CA:F2:34:C3:AF:37:3B:A2:62
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/p-rLD1IdEoF_NvzK8jTDrzc7omI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280:1400::/40
Signature Algorithm: sha256WithRSAEncryption
1e:74:a9:0c:66:30:3a:7c:10:9f:8e:3f:f5:6d:38:26:d7:a3:
3e:03:b5:0c:b3:03:1a:79:3c:a2:39:e0:20:14:61:3d:cc:a8:
54:fa:1a:79:5b:dc:1a:f4:91:6f:39:78:08:25:52:80:3f:50:
4c:9c:f1:c9:57:ba:40:9c:db:d8:63:7a:14:0f:c7:57:1d:33:
da:98:6b:0f:9a:fb:b6:08:9e:26:d8:cf:c1:80:5a:90:4d:52:
2c:40:7e:c3:bf:02:fc:07:e9:80:e0:0f:8b:8a:16:51:27:76:
16:71:f4:b8:cc:12:db:ad:93:b2:19:8c:ca:cb:9b:d3:f0:fe:
84:47:21:7e:ea:8f:4b:f9:e9:18:4d:3b:30:ab:2e:96:ba:fb:
d1:48:22:79:5a:be:26:c4:87:41:5c:f1:b5:c0:82:e5:54:11:
49:e8:b9:90:41:74:66:0a:0e:de:21:e2:83:cd:3f:14:75:13:
4f:76:1b:76:3c:b5:f6:2e:28:f5:12:e1:29:a0:62:eb:15:33:
6f:5e:df:29:4d:b3:57:8d:70:c4:70:39:4b:8a:ff:cb:de:0e:
c3:91:2d:b7:d5:d4:52:8b:2e:c8:95:11:20:c1:31:09:aa:f5:
ec:c3:ef:81:64:4f:d5:be:60:56:08:ef:00:a0:b9:95:2e:0f:
a1:27:35:6a
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYaSGPdrtnYAriSubLJt28H5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjMwMjI3MDg1OTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2VhY2IwZjUyMWQxMjgxN2YzNmZjY2FmMjM0YzNhZjM3M2JhMjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzM8bqKupPI0uc0eRMga9XgAfKMHn
xIxTZtni9I4jx06ERWVngj/gLkpomo508oyMZ0pHAG747jWwnTWGEHFBLFyJsx3e
gCaHAkdOlzyNrGTlZDB06gkvc+zRsAhZZdl9lxoiiU9arzYLNhdigZyIbCDkL1DF
y4f6zpn1XMNspA01SfEyDh3ag06nKU8KLIZ40sYEVRmsCzQH5m+2UEzKyd9xsL9g
XPkf0sedfTLOeZH6o1RWriHk+PqGFenTdvYINt8z9hoXwB6JxsNPbFNaa2c5HsZ9
MllZ1oS6F/6ZnInCrTgIsPmLiMVI9sndottj5GffLxagZ9u9ej6NCrLnVQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKfqyw9SHRKBfzb8yvI0w683O6JiMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvcC1yTEQxSWRFb0ZfTnZ6SzhqVERyemM3b21JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgoCgBQw
DQYJKoZIhvcNAQELBQADggEBAB50qQxmMDp8EJ+OP/VtOCbXoz4DtQyzAxp5PKI5
4CAUYT3MqFT6Gnlb3Br0kW85eAglUoA/UEyc8clXukCc29hjehQPx1cdM9qYaw+a
+7YInibYz8GAWpBNUixAfsO/AvwH6YDgD4uKFlEndhZx9LjMEtutk7IZjMrLm9Pw
/oRHIX7qj0v56RhNOzCrLpa6+9FIInlavibEh0Fc8bXAguVUEUnouZBBdGYKDt4h
4oPNPxR1E092G3Y8tfYuKPUS4SmgYusVM29e3ylNs1eNcMRwOUuK/8veDsORLbfV
1FKLLsiVESDBMQmq9ezD74FkT9W+YFYI7wCguZUuD6EnNWo=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:32 2024 by rpki-client on console-ams.rpki-client.org