Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/MiVsC8ar1iwP5Pq-RQOIcUkahx0.roa
File: MiVsC8ar1iwP5Pq-RQOIcUkahx0.roa (raw, json)
Hash identifier: dgTfmJ3+3Q1lSWS4iyAaFvaSMPHFkdQuSLMwZ59tdCc=
Subject key identifier: 32:25:6C:0B:C6:AB:D6:2C:0F:E4:FA:BE:45:03:88:71:49:1A:87:1D
Certificate issuer: /CN=1e5703846d7a8364bec303034db91acbff42da0c
Certificate serial: 0185E94297860AF5ECF9D3CE1A075CD3F5BA
Authority key identifier: 1E:57:03:84:6D:7A:83:64:BE:C3:03:03:4D:B9:1A:CB:FF:42:DA:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlcDhG16g2S-wwMDTbkay_9C2gw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/MiVsC8ar1iwP5Pq-RQOIcUkahx0.roa
Signing time: Wed 25 Jan 2023 14:08:53 +0000
ROA not before: Wed 25 Jan 2023 14:08:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13127
IP address blocks: 2001:67c:14b0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e9:42:97:86:0a:f5:ec:f9:d3:ce:1a:07:5c:d3:f5:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5703846d7a8364bec303034db91acbff42da0c
Validity
Not Before: Jan 25 14:08:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32256c0bc6abd62c0fe4fabe45038871491a871d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:52:fc:7c:56:9e:ad:a8:67:78:12:fa:c4:d8:
da:0c:cd:1f:e2:2e:83:ef:f3:d3:56:b9:17:fd:d1:
72:35:44:b9:45:cf:77:3e:03:58:83:32:a2:af:2a:
46:c9:fe:c3:ca:0a:bc:93:4b:22:1a:f2:a4:b6:52:
58:3e:b6:c2:65:bd:69:9e:fe:90:bf:19:08:fb:e1:
10:70:c5:43:b0:97:e5:bd:a6:2d:d1:d7:8f:07:15:
04:eb:12:28:54:63:db:f5:b9:f0:dd:88:88:d4:36:
8f:c1:5c:c6:39:18:9d:ca:1b:5d:71:17:a3:b2:1d:
3c:db:b0:fc:5d:8f:fe:a0:c3:f8:c0:cd:7d:96:fe:
ef:d5:06:61:65:f2:7e:3c:f4:8a:aa:89:e8:4a:f6:
15:0f:27:27:86:a9:1f:71:16:cd:9e:c9:e4:d9:66:
76:03:fb:ef:5e:ea:b9:73:c1:1b:b6:31:ec:fa:a8:
c9:e9:f2:97:cf:5f:fc:5b:8e:36:c5:2d:81:46:42:
39:59:f7:4a:9c:69:d2:92:4f:20:49:91:4a:94:e4:
21:4a:07:9d:63:33:01:b3:44:40:01:62:6d:9c:c5:
c9:a0:1d:d7:28:60:ca:46:6b:d1:cd:30:56:22:22:
51:11:4e:ce:77:7b:9b:c4:89:2a:a0:b7:01:65:56:
bd:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:25:6C:0B:C6:AB:D6:2C:0F:E4:FA:BE:45:03:88:71:49:1A:87:1D
X509v3 Authority Key Identifier:
keyid:1E:57:03:84:6D:7A:83:64:BE:C3:03:03:4D:B9:1A:CB:FF:42:DA:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlcDhG16g2S-wwMDTbkay_9C2gw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/MiVsC8ar1iwP5Pq-RQOIcUkahx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/HlcDhG16g2S-wwMDTbkay_9C2gw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:14b0::/48
Signature Algorithm: sha256WithRSAEncryption
13:0c:bd:ea:cd:e1:9f:97:b7:66:21:b2:73:6d:e5:02:89:c9:
d6:7e:56:a1:39:cb:0b:94:ed:5e:a7:9d:75:7c:3f:68:6a:75:
30:7c:68:6c:b4:de:cb:3e:20:1b:45:2a:d7:ec:8d:5b:1d:5f:
65:94:55:bc:63:3a:ae:59:e1:32:6f:72:10:a1:21:80:b5:0b:
aa:2c:fc:3a:cb:74:95:51:b6:c5:ea:c1:c6:f7:c6:9e:ac:df:
43:b5:c6:56:f5:7e:60:47:9b:74:9b:16:5f:44:8a:3a:10:ab:
4c:16:cb:34:4c:22:a3:67:6f:09:60:92:13:b6:71:13:ad:a3:
41:2c:7c:1c:e8:ff:74:f3:54:55:a8:7e:0b:dc:c1:0e:a9:45:
06:e1:71:49:f7:9b:7b:bf:c1:71:7c:e1:ac:23:95:57:e0:33:
c7:70:44:f4:47:64:c6:ce:f1:64:75:79:05:6e:26:4f:6d:24:
f8:35:67:c0:b9:fc:e4:9b:df:75:84:ac:ed:9a:7d:da:e7:50:
b2:02:b3:7c:ee:93:4c:d3:4c:7f:85:41:4b:e6:3b:32:1f:3e:
82:96:de:a2:74:5a:46:49:0f:0b:34:52:16:dc:55:29:c2:cd:
5f:5f:2b:fb:63:17:06:1c:5a:36:59:74:84:cd:0d:e8:38:01:
74:1e:bb:3a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXpQpeGCvXs+dPOGgdc0/W6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNTcwMzg0NmQ3YTgzNjRiZWMzMDMwMzRkYjkxYWNiZmY0
MmRhMGMwHhcNMjMwMTI1MTQwODUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjI1NmMwYmM2YWJkNjJjMGZlNGZhYmU0NTAzODg3MTQ5MWE4NzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFL8fFaerahneBL6xNjaDM0f4i6D
7/PTVrkX/dFyNUS5Rc93PgNYgzKirypGyf7Dygq8k0siGvKktlJYPrbCZb1pnv6Q
vxkI++EQcMVDsJflvaYt0dePBxUE6xIoVGPb9bnw3YiI1DaPwVzGORidyhtdcRej
sh0827D8XY/+oMP4wM19lv7v1QZhZfJ+PPSKqonoSvYVDycnhqkfcRbNnsnk2WZ2
A/vvXuq5c8EbtjHs+qjJ6fKXz1/8W442xS2BRkI5WfdKnGnSkk8gSZFKlOQhSged
YzMBs0RAAWJtnMXJoB3XKGDKRmvRzTBWIiJREU7Od3ubxIkqoLcBZVa9+wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDIlbAvGq9YsD+T6vkUDiHFJGocdMB8GA1UdIwQY
MBaAFB5XA4RteoNkvsMDA025Gsv/QtoMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxjRGhHMTZnMlMtd3dNRFRia2F5XzlDMmd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iYzY1OGYtYTUyOC00MzYwLWI1OGMt
MDdiMDllNDY1MTE5LzEvTWlWc0M4YXIxaXdQNVBxLVJRT0ljVWthaHgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iYzY1OGYtYTUyOC00MzYwLWI1OGMtMDdiMDllNDY1MTE5
LzEvSGxjRGhHMTZnMlMtd3dNRFRia2F5XzlDMmd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBSw
MA0GCSqGSIb3DQEBCwUAA4IBAQATDL3qzeGfl7dmIbJzbeUCicnWflahOcsLlO1e
p511fD9oanUwfGhstN7LPiAbRSrX7I1bHV9llFW8YzquWeEyb3IQoSGAtQuqLPw6
y3SVUbbF6sHG98aerN9DtcZW9X5gR5t0mxZfRIo6EKtMFss0TCKjZ28JYJITtnET
raNBLHwc6P9081RVqH4L3MEOqUUG4XFJ95t7v8FxfOGsI5VX4DPHcET0R2TGzvFk
dXkFbiZPbST4NWfAufzkm991hKztmn3a51CyArN87pNM00x/hUFL5jsyHz6Clt6i
dFpGSQ8LNFIW3FUpws1fXyv7YxcGHFo2WXSEzQ3oOAF0Hrs6
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:40:24 2024 by rpki-client on console-ams.rpki-client.org