Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/9HE4bcQ53jHaTbP2-O2LnVBGiDw.roa
File: 9HE4bcQ53jHaTbP2-O2LnVBGiDw.roa (raw, json)
Hash identifier: UF299zYP+vU53WVrfPwRslTVRoEV+nu7jD+H7XC8vaE=
Subject key identifier: F4:71:38:6D:C4:39:DE:31:DA:4D:B3:F6:F8:ED:8B:9D:50:46:88:3C
Certificate issuer: /CN=f60846f21c56a8513d31c155dd199197a3ffc7c0
Certificate serial: 01879ACFC9393FFF8BDF26E88406730BDA56
Authority key identifier: F6:08:46:F2:1C:56:A8:51:3D:31:C1:55:DD:19:91:97:A3:FF:C7:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9ghG8hxWqFE9McFV3RmRl6P_x8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/9HE4bcQ53jHaTbP2-O2LnVBGiDw.roa
Signing time: Wed 19 Apr 2023 18:38:41 +0000
ROA not before: Wed 19 Apr 2023 18:38:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48606
IP address blocks: 2a0c:5705::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9a:cf:c9:39:3f:ff:8b:df:26:e8:84:06:73:0b:da:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f60846f21c56a8513d31c155dd199197a3ffc7c0
Validity
Not Before: Apr 19 18:38:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f471386dc439de31da4db3f6f8ed8b9d5046883c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:60:fc:2a:d3:4f:fc:4a:8b:1a:1d:8f:32:11:
6a:64:8f:12:91:c0:0d:aa:b0:8d:12:cc:22:9f:d4:
a9:9c:8e:cf:e9:9a:f1:14:41:05:26:7a:dc:49:1b:
79:ee:f5:48:48:5b:da:36:f8:9e:fe:ad:12:3f:ce:
de:b8:92:21:8d:1f:94:7f:c7:d6:e6:48:e1:c1:82:
2a:7f:12:bf:a8:82:83:04:1e:46:23:4d:38:45:a3:
50:17:dd:9a:28:15:7f:59:f9:c1:da:19:c3:28:b6:
7c:2e:33:bb:d3:cf:53:02:65:8a:6b:d4:f7:42:27:
63:15:b1:ce:aa:74:b2:ea:55:ba:ad:b6:b8:9e:58:
c4:14:bf:22:ee:a3:60:10:99:8b:6b:89:35:b6:7d:
fd:dc:ed:94:07:9e:b3:9a:b4:2d:11:57:c6:5c:71:
94:69:1e:0a:6f:8e:3c:93:2b:60:16:3a:d8:58:54:
f7:00:d2:57:60:b6:7d:f8:0d:dc:ca:a3:0e:68:34:
f5:47:25:c9:7e:ca:12:57:89:50:71:5e:f8:ce:a9:
fc:fe:ff:5c:42:4e:37:9b:0d:56:fd:a5:2a:57:44:
78:4b:60:d0:d2:f5:d3:69:8e:1e:80:48:54:5a:02:
8d:79:93:b7:49:cc:13:a1:0e:bf:2d:ee:10:40:23:
75:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:71:38:6D:C4:39:DE:31:DA:4D:B3:F6:F8:ED:8B:9D:50:46:88:3C
X509v3 Authority Key Identifier:
keyid:F6:08:46:F2:1C:56:A8:51:3D:31:C1:55:DD:19:91:97:A3:FF:C7:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9ghG8hxWqFE9McFV3RmRl6P_x8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/9HE4bcQ53jHaTbP2-O2LnVBGiDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/9ghG8hxWqFE9McFV3RmRl6P_x8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:5705::/32
Signature Algorithm: sha256WithRSAEncryption
51:97:a8:e4:0a:19:b3:b5:72:be:3e:6f:e6:b4:cb:ba:7d:92:
eb:e1:e7:7b:7e:dd:3b:9a:6f:f5:96:9b:65:db:fd:78:66:ea:
ed:f4:44:60:c9:0e:60:af:f8:c3:5e:10:f2:98:10:1a:5d:12:
af:1c:7d:fb:f8:c7:c6:b1:90:09:6e:cd:a5:ce:6f:c1:60:1e:
c1:02:fe:43:74:69:d4:66:d4:df:8e:b3:15:b4:83:2a:fa:86:
6d:f9:d7:5d:20:1b:ab:35:14:0d:cb:77:d9:45:4d:1a:2c:9f:
d9:38:ea:a2:d7:11:bf:bc:c4:8c:03:2a:0a:a0:33:4c:f8:fa:
d9:54:a7:86:c9:74:44:f2:9d:60:b8:45:e6:7f:d2:3b:6c:fd:
73:f4:30:a1:89:27:a7:98:f0:e6:9f:4b:e4:31:1e:a7:59:48:
ec:bf:6d:ea:fc:80:3e:5f:e4:3f:cd:e2:80:bc:9f:48:00:b6:
e1:68:79:13:ff:b9:3c:8d:f0:74:c9:d5:df:1f:00:2d:7e:35:
14:f2:c8:1f:35:ef:62:bd:04:49:0d:af:08:63:00:da:2c:4c:
74:57:f8:4e:dd:ec:66:3d:73:ab:6f:5c:a8:38:5f:10:56:81:
48:06:91:9e:f4:60:5f:03:1a:c0:18:73:8e:67:e8:0d:00:66:
6c:5d:52:8d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYeaz8k5P/+L3ybohAZzC9pWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MDg0NmYyMWM1NmE4NTEzZDMxYzE1NWRkMTk5MTk3YTNm
ZmM3YzAwHhcNMjMwNDE5MTgzODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDcxMzg2ZGM0MzlkZTMxZGE0ZGIzZjZmOGVkOGI5ZDUwNDY4ODNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2D8KtNP/EqLGh2PMhFqZI8SkcAN
qrCNEswin9SpnI7P6ZrxFEEFJnrcSRt57vVISFvaNvie/q0SP87euJIhjR+Uf8fW
5kjhwYIqfxK/qIKDBB5GI004RaNQF92aKBV/WfnB2hnDKLZ8LjO7089TAmWKa9T3
QidjFbHOqnSy6lW6rba4nljEFL8i7qNgEJmLa4k1tn393O2UB56zmrQtEVfGXHGU
aR4Kb448kytgFjrYWFT3ANJXYLZ9+A3cyqMOaDT1RyXJfsoSV4lQcV74zqn8/v9c
Qk43mw1W/aUqV0R4S2DQ0vXTaY4egEhUWgKNeZO3ScwToQ6/Le4QQCN1ZQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPRxOG3EOd4x2k2z9vjti51QRog8MB8GA1UdIwQY
MBaAFPYIRvIcVqhRPTHBVd0ZkZej/8fAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWdoRzhoeFdxRkU5TWNGVjNSbVJsNlBfeDhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9hMGY0YmUtNGMwZC00ZGY1LTkwYzYt
YTZkNDVlZjdkMjI3LzEvOUhFNGJjUTUzakhhVGJQMi1PMkxuVkJHaUR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9hMGY0YmUtNGMwZC00ZGY1LTkwYzYtYTZkNDVlZjdkMjI3
LzEvOWdoRzhoeFdxRkU5TWNGVjNSbVJsNlBfeDhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgxXBTAN
BgkqhkiG9w0BAQsFAAOCAQEAUZeo5AoZs7Vyvj5v5rTLun2S6+Hne37dO5pv9Zab
Zdv9eGbq7fREYMkOYK/4w14Q8pgQGl0Srxx9+/jHxrGQCW7Npc5vwWAewQL+Q3Rp
1GbU346zFbSDKvqGbfnXXSAbqzUUDct32UVNGiyf2TjqotcRv7zEjAMqCqAzTPj6
2VSnhsl0RPKdYLhF5n/SO2z9c/QwoYknp5jw5p9L5DEep1lI7L9t6vyAPl/kP83i
gLyfSAC24Wh5E/+5PI3wdMnV3x8ALX41FPLIHzXvYr0ESQ2vCGMA2ixMdFf4Tt3s
Zj1zq29cqDhfEFaBSAaRnvRgXwMawBhzjmfoDQBmbF1SjQ==
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:19 2024 by rpki-client on console-fra.rpki-client.org