Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/x-AfdoyHfsK3BPHrXlM9nLTsvRY.roa
File: x-AfdoyHfsK3BPHrXlM9nLTsvRY.roa (raw, json)
Hash identifier: mnlcROhH6j1KS/TV17KTQpyBQPzpFFHCsFMeaZbo+r4=
Subject key identifier: C7:E0:1F:76:8C:87:7E:C2:B7:04:F1:EB:5E:53:3D:9C:B4:EC:BD:16
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 0186B203D4AD479CF3E1751482C4A4F488B9
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/x-AfdoyHfsK3BPHrXlM9nLTsvRY.roa
Signing time: Sun 05 Mar 2023 13:44:00 +0000
ROA not before: Sun 05 Mar 2023 13:44:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210633
IP address blocks: 2a0a:280:1a00::/40 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b2:03:d4:ad:47:9c:f3:e1:75:14:82:c4:a4:f4:88:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Mar 5 13:44:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c7e01f768c877ec2b704f1eb5e533d9cb4ecbd16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4c:89:e2:b2:20:a9:c9:5c:c1:dc:25:bc:32:
43:87:a4:ef:d1:89:6e:94:a9:20:c0:45:0a:f8:c4:
f1:61:c9:cb:12:5c:91:61:0d:67:9d:38:98:8f:70:
76:cc:14:53:79:f3:a7:f9:70:21:f6:77:d1:33:b9:
8c:14:92:1d:4e:7f:4a:9a:0a:59:f5:9b:82:aa:32:
19:cd:31:ce:1c:7e:c8:7d:07:65:29:1b:a5:f5:22:
d8:46:fb:b0:3d:e6:2c:e3:4a:59:d6:e2:d2:8f:2b:
f3:db:ff:2d:f2:52:13:6f:40:d1:e2:17:e0:26:80:
c4:4b:5c:f6:5f:19:b3:85:45:34:7c:74:cf:7a:dd:
d4:7e:39:ac:d9:25:95:8c:af:51:37:c9:95:7c:89:
3c:f7:2c:6c:60:ea:82:15:e1:6a:53:43:c5:5d:51:
fe:93:ce:12:d7:77:20:14:e3:bb:52:30:57:4d:df:
5e:ed:d6:f5:2a:6b:ba:c5:a6:37:e8:b5:90:70:3d:
c2:54:26:b4:0d:28:c5:a6:04:89:40:70:89:75:27:
8d:c5:d3:01:30:d0:0f:a8:61:b8:b3:a5:76:55:02:
92:66:ae:5b:4c:89:3a:8f:54:b4:66:cc:70:cc:72:
98:ff:26:d6:30:41:b6:d8:26:66:ae:7f:ec:a4:d0:
5e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:E0:1F:76:8C:87:7E:C2:B7:04:F1:EB:5E:53:3D:9C:B4:EC:BD:16
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/x-AfdoyHfsK3BPHrXlM9nLTsvRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280:1a00::/40
Signature Algorithm: sha256WithRSAEncryption
26:bc:20:27:de:41:53:39:54:38:3d:c1:04:f5:63:ab:c8:6c:
e0:81:92:d2:34:f6:f1:5a:ad:3f:ee:33:d6:18:cd:57:e6:26:
9d:f3:74:96:62:18:7e:bb:ce:ad:1e:8f:1d:99:d7:4e:c2:d4:
9d:9b:e4:cd:86:c7:b9:6d:ae:cc:0e:dc:a5:2d:1d:7b:27:b2:
07:39:a4:5d:94:e8:68:0c:c0:37:26:bd:9d:e8:16:9f:47:20:
57:7d:43:d1:e4:1e:4f:cb:9f:4e:88:62:68:5a:e4:2c:11:da:
08:d3:a2:1e:fc:db:b5:f5:a5:28:6c:f9:11:e2:20:58:81:c7:
26:81:d8:59:7c:3f:85:e0:74:a1:51:ca:cf:5c:97:9e:9b:3a:
01:a1:dc:a5:41:9e:ad:dc:9b:0c:a4:79:e6:97:0f:a0:6e:11:
eb:6c:cb:75:05:ec:07:7e:7d:ab:e6:44:eb:66:34:16:f3:c8:
58:20:7c:5c:84:01:94:56:25:ff:3c:70:1c:6a:84:07:bb:79:
59:a7:02:a6:8f:c3:f4:fd:5a:a9:4c:07:93:ca:f0:80:54:52:
06:75:bf:8d:24:a8:59:ea:09:71:e3:9a:d0:82:8b:59:cb:a8:
95:56:88:9f:e3:3b:79:0e:c1:5b:48:4d:8d:79:25:8f:7f:d4:
75:f2:07:79
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYayA9StR5zz4XUUgsSk9Ii5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjMwMzA1MTM0NDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2UwMWY3NjhjODc3ZWMyYjcwNGYxZWI1ZTUzM2Q5Y2I0ZWNiZDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokyJ4rIgqclcwdwlvDJDh6Tv0Ylu
lKkgwEUK+MTxYcnLElyRYQ1nnTiYj3B2zBRTefOn+XAh9nfRM7mMFJIdTn9KmgpZ
9ZuCqjIZzTHOHH7IfQdlKRul9SLYRvuwPeYs40pZ1uLSjyvz2/8t8lITb0DR4hfg
JoDES1z2XxmzhUU0fHTPet3Ufjms2SWVjK9RN8mVfIk89yxsYOqCFeFqU0PFXVH+
k84S13cgFOO7UjBXTd9e7db1Kmu6xaY36LWQcD3CVCa0DSjFpgSJQHCJdSeNxdMB
MNAPqGG4s6V2VQKSZq5bTIk6j1S0ZsxwzHKY/ybWMEG22CZmrn/spNBeFwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFMfgH3aMh37CtwTx615TPZy07L0WMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEveC1BZmRveUhmc0szQlBIclhsTTluTFRzdlJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgoCgBow
DQYJKoZIhvcNAQELBQADggEBACa8ICfeQVM5VDg9wQT1Y6vIbOCBktI09vFarT/u
M9YYzVfmJp3zdJZiGH67zq0ejx2Z107C1J2b5M2Gx7ltrswO3KUtHXsnsgc5pF2U
6GgMwDcmvZ3oFp9HIFd9Q9HkHk/Ln06IYmha5CwR2gjToh7827X1pShs+RHiIFiB
xyaB2Fl8P4XgdKFRys9cl56bOgGh3KVBnq3cmwykeeaXD6BuEetsy3UF7Ad+favm
ROtmNBbzyFggfFyEAZRWJf88cBxqhAe7eVmnAqaPw/T9WqlMB5PK8IBUUgZ1v40k
qFnqCXHjmtCCi1nLqJVWiJ/jO3kOwVtITY15JY9/1HXyB3k=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:51:21 2024 by rpki-client on console-fra.rpki-client.org