Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/xotDxFfNxAmyN9kjzB1uaoQj3n8.roa
File: xotDxFfNxAmyN9kjzB1uaoQj3n8.roa (raw, json)
Hash identifier: BNaDpsHUywWE511OiFE/s2ImRIhl/XWvMBzlts0w8XA=
Subject key identifier: C6:8B:43:C4:57:CD:C4:09:B2:37:D9:23:CC:1D:6E:6A:84:23:DE:7F
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 018CAF3643E8FFE60A30F5E4E3A3CAD5486F
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/xotDxFfNxAmyN9kjzB1uaoQj3n8.roa
Signing time: Thu 28 Dec 2023 06:56:58 +0000
ROA not before: Thu 28 Dec 2023 06:56:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203686
IP address blocks: 2a0a:280:3100::/40 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:af:36:43:e8:ff:e6:0a:30:f5:e4:e3:a3:ca:d5:48:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Dec 28 06:56:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c68b43c457cdc409b237d923cc1d6e6a8423de7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ac:48:5f:bd:9a:65:6a:ce:a1:73:e7:ba:18:
01:ca:4c:f4:10:25:58:15:b7:af:00:e6:87:c4:d5:
e0:29:45:5e:b8:b2:b2:fa:e7:11:05:e4:c0:5e:7b:
d3:3d:c7:df:fb:db:aa:3f:87:ef:7e:f9:08:83:09:
c7:8e:e7:32:a0:f7:11:c0:01:6f:91:f5:79:32:97:
c5:89:ee:ac:e9:e3:85:1e:35:83:71:55:b2:d9:14:
05:64:ef:4f:3c:3c:82:41:12:fd:45:f2:04:7e:b4:
6b:23:ce:a1:ca:e6:d2:f3:5b:2b:ac:10:cf:81:f4:
ee:5d:94:0f:35:d9:54:df:37:44:71:6e:db:1e:18:
7d:dc:27:18:90:56:89:a5:8d:4c:7d:e5:dc:e4:fd:
4c:b5:50:96:9e:0c:e8:ca:46:71:46:9c:93:e8:9b:
00:d3:55:cc:46:2b:ef:df:1c:f1:d4:ac:19:c4:6b:
8e:e1:32:6c:9b:46:16:79:ed:58:2a:c3:03:c3:71:
87:ca:58:af:87:2b:16:8f:d6:4c:15:9e:8b:57:ba:
38:55:bf:dd:9a:54:11:a7:ad:87:7a:5c:a3:69:3b:
50:f5:06:ff:d2:0a:9e:88:d9:ca:db:c9:6a:97:e0:
e7:42:97:c5:84:d2:6a:58:f3:50:9d:95:43:99:2c:
27:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:8B:43:C4:57:CD:C4:09:B2:37:D9:23:CC:1D:6E:6A:84:23:DE:7F
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/xotDxFfNxAmyN9kjzB1uaoQj3n8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280:3100::/40
Signature Algorithm: sha256WithRSAEncryption
13:95:51:74:5b:1d:3e:e2:58:0c:78:84:e9:e7:23:cf:95:ab:
1d:f5:ce:d1:36:9c:a0:cc:16:2e:fa:93:2b:9d:9e:5d:66:06:
54:61:91:57:81:8d:2f:85:16:00:7b:33:f8:48:1c:f4:06:95:
9f:03:b2:98:f1:12:d3:ce:ad:a9:52:5c:65:ee:d7:c6:ff:0b:
f6:a6:36:7c:e5:ca:e7:25:6d:b6:47:52:ed:84:4f:8d:c6:57:
2f:d3:01:23:fc:f7:ca:e6:3a:1c:94:ce:e6:37:32:6f:fb:d2:
4d:99:56:db:30:35:65:08:ed:76:3a:38:ae:48:54:38:e6:8d:
e4:12:60:68:e0:d0:b1:2f:6a:30:3d:63:0f:7f:41:de:dd:0d:
91:89:5d:3a:4d:ab:a6:e4:fe:96:72:a7:a6:86:0d:d0:f2:94:
a0:43:59:77:d2:ec:cb:3d:43:cd:29:2b:b7:53:bb:f7:c5:39:
a3:09:85:e2:e2:d5:3c:33:79:00:c2:3e:30:c7:c8:f9:19:f6:
20:3f:99:31:35:98:9a:3d:a3:30:22:b2:db:2f:0d:39:3c:4b:
b1:77:4e:b1:d4:46:c9:31:de:97:7e:0d:10:e4:72:c4:93:19:
9e:9e:b1:0e:40:5f:f3:a5:ed:f4:eb:44:b7:8c:76:cd:24:94:
d1:eb:d5:40
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYyvNkPo/+YKMPXk46PK1UhvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjMxMjI4MDY1NjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjhiNDNjNDU3Y2RjNDA5YjIzN2Q5MjNjYzFkNmU2YTg0MjNkZTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6xIX72aZWrOoXPnuhgBykz0ECVY
FbevAOaHxNXgKUVeuLKy+ucRBeTAXnvTPcff+9uqP4fvfvkIgwnHjucyoPcRwAFv
kfV5MpfFie6s6eOFHjWDcVWy2RQFZO9PPDyCQRL9RfIEfrRrI86hyubS81srrBDP
gfTuXZQPNdlU3zdEcW7bHhh93CcYkFaJpY1MfeXc5P1MtVCWngzoykZxRpyT6JsA
01XMRivv3xzx1KwZxGuO4TJsm0YWee1YKsMDw3GHylivhysWj9ZMFZ6LV7o4Vb/d
mlQRp62HelyjaTtQ9Qb/0gqeiNnK28lql+DnQpfFhNJqWPNQnZVDmSwnzwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFMaLQ8RXzcQJsjfZI8wdbmqEI95/MB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEveG90RHhGZk54QW15TjlranpCMXVhb1FqM244LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgoCgDEw
DQYJKoZIhvcNAQELBQADggEBABOVUXRbHT7iWAx4hOnnI8+Vqx31ztE2nKDMFi76
kyudnl1mBlRhkVeBjS+FFgB7M/hIHPQGlZ8DspjxEtPOralSXGXu18b/C/amNnzl
yuclbbZHUu2ET43GVy/TASP898rmOhyUzuY3Mm/70k2ZVtswNWUI7XY6OK5IVDjm
jeQSYGjg0LEvajA9Yw9/Qd7dDZGJXTpNq6bk/pZyp6aGDdDylKBDWXfS7Ms9Q80p
K7dTu/fFOaMJheLi1TwzeQDCPjDHyPkZ9iA/mTE1mJo9ozAistsvDTk8S7F3TrHU
Rskx3pd+DRDkcsSTGZ6esQ5AX/Ol7fTrRLeMds0klNHr1UA=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:51:21 2024 by rpki-client on console-fra.rpki-client.org