Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1-B7kewWuvK4-MRBvtl3IQXI_L5I.roa
File: 1-B7kewWuvK4-MRBvtl3IQXI_L5I.roa (raw, json)
Hash identifier: ryE+hlu1tsVfP7gOFZj0qFul2RxSNtLTVvEFCS4Vu0I=
Subject key identifier: F8:1E:E4:7B:05:AE:BC:AE:3E:31:10:6F:B6:5D:C8:41:72:3F:2F:92
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01856F42EDE4E03FCF02A6903A8D59C34AAC
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1-B7kewWuvK4-MRBvtl3IQXI_L5I.roa
Signing time: Sun 01 Jan 2023 21:35:35 +0000
ROA not before: Sun 01 Jan 2023 21:35:35 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212577
IP address blocks: 2a0e:8f02:f02a::/48 maxlen: 48
2a0e:8f02:2070::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:ed:e4:e0:3f:cf:02:a6:90:3a:8d:59:c3:4a:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 21:35:35 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f81ee47b05aebcae3e31106fb65dc841723f2f92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:81:e1:4c:76:31:6c:37:a9:70:c4:bb:c1:0d:
6f:90:47:fa:c1:d3:2d:86:06:8d:b5:aa:35:9d:d0:
99:9a:f2:af:9b:31:45:13:3c:bc:17:4b:39:2d:15:
e6:7e:b5:c9:c4:18:8f:72:2f:5c:84:d3:9a:5d:57:
76:17:d8:12:b2:8b:db:88:fc:9b:d5:b8:c6:90:65:
2b:fc:69:36:d6:23:46:7b:05:c9:d8:1a:6c:3e:a4:
40:b6:4f:92:0d:60:b9:07:0a:3f:80:95:4a:95:25:
c6:91:1d:f4:d9:06:be:68:08:a5:2a:70:4e:e6:1b:
0e:ef:7b:0a:13:21:7a:e8:25:1a:57:0b:63:95:dd:
28:86:61:49:a6:0d:0a:77:ea:bb:4f:04:2e:23:3c:
05:5c:48:3d:b3:ea:24:17:bc:72:45:4a:54:66:c5:
cb:f3:7b:81:71:2b:55:ce:a0:74:75:d9:bd:0a:a6:
c3:32:ee:a6:9d:7a:59:23:61:56:cf:6a:32:7e:50:
fd:2b:1d:62:e8:40:32:50:1b:07:5f:aa:55:1c:b3:
16:b3:17:2f:85:5f:b0:4a:6d:dd:b5:96:3f:ef:37:
06:c4:b1:fd:88:51:19:b7:bf:f1:00:b1:b3:48:a0:
a8:f1:68:23:c0:0b:47:90:88:e6:ed:30:5e:76:f7:
d0:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:1E:E4:7B:05:AE:BC:AE:3E:31:10:6F:B6:5D:C8:41:72:3F:2F:92
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1-B7kewWuvK4-MRBvtl3IQXI_L5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:2070::/44
2a0e:8f02:f02a::/48
Signature Algorithm: sha256WithRSAEncryption
5d:c1:d0:f1:07:70:44:97:22:26:d0:77:93:1e:b3:56:48:18:
bd:87:46:cd:86:a6:d5:63:f1:11:e1:5a:72:35:6b:28:a3:aa:
48:6f:2f:72:ac:b5:34:48:5e:b5:49:5a:80:8a:f0:6e:99:21:
91:f9:e6:8e:d7:19:b1:36:e5:4e:1d:f2:cf:bd:0d:9a:94:21:
85:52:1f:f7:05:d0:e1:83:67:9b:b6:20:1e:19:b7:4e:b3:86:
c8:ec:c5:9a:eb:6f:03:92:44:b0:8c:30:17:f1:70:ba:04:79:
69:cc:d0:e3:48:a6:65:43:e5:c9:e8:84:b6:3f:5a:5f:e2:1b:
e6:63:1b:6e:bb:c1:06:60:22:2b:59:46:f2:9c:5b:e2:93:b6:
df:c5:0d:4c:b7:13:34:60:9c:23:a2:a1:cd:79:3c:e8:c1:fd:
57:da:7c:27:d7:55:a8:bc:e7:88:95:7a:84:81:2c:5c:8b:57:
7e:88:3d:18:c7:68:72:d4:f7:1f:cf:b1:72:f3:eb:cc:46:5c:
08:83:42:93:bf:44:cc:e7:f8:db:73:2b:ea:3c:2e:cf:1f:b4:
3e:26:e6:13:9f:ef:40:fa:18:2a:63:65:a0:81:c5:d0:67:90:
96:07:67:e7:35:5a:aa:b3:bf:c1:89:18:5c:5b:87:4c:2f:4d:
7f:ec:ee:6a
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYVvQu3k4D/PAqaQOo1Zw0qsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODFlZTQ3YjA1YWViY2FlM2UzMTEwNmZiNjVkYzg0MTcyM2YyZjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4HhTHYxbDepcMS7wQ1vkEf6wdMt
hgaNtao1ndCZmvKvmzFFEzy8F0s5LRXmfrXJxBiPci9chNOaXVd2F9gSsovbiPyb
1bjGkGUr/Gk21iNGewXJ2BpsPqRAtk+SDWC5Bwo/gJVKlSXGkR302Qa+aAilKnBO
5hsO73sKEyF66CUaVwtjld0ohmFJpg0Kd+q7TwQuIzwFXEg9s+okF7xyRUpUZsXL
83uBcStVzqB0ddm9CqbDMu6mnXpZI2FWz2oyflD9Kx1i6EAyUBsHX6pVHLMWsxcv
hV+wSm3dtZY/7zcGxLH9iFEZt7/xALGzSKCo8WgjwAtHkIjm7TBedvfQBwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPge5HsFrryuPjEQb7ZdyEFyPy+SMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvMS1CN2tld1d1dks0LU1SQnZ0bDNJUVhJX0w1SS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjUvNThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRk
Zi8xLzFXNzBqdFlWWGRlRVB1MDJNa2FhdXFNUUNfTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHBCoOjwIg
cAMHACoOjwLwKjANBgkqhkiG9w0BAQsFAAOCAQEAXcHQ8QdwRJciJtB3kx6zVkgY
vYdGzYam1WPxEeFacjVrKKOqSG8vcqy1NEhetUlagIrwbpkhkfnmjtcZsTblTh3y
z70NmpQhhVIf9wXQ4YNnm7YgHhm3TrOGyOzFmutvA5JEsIwwF/FwugR5aczQ40im
ZUPlyeiEtj9aX+Ib5mMbbrvBBmAiK1lG8pxb4pO238UNTLcTNGCcI6KhzXk86MH9
V9p8J9dVqLzniJV6hIEsXItXfog9GMdoctT3H8+xcvPrzEZcCINCk79EzOf423Mr
6jwuzx+0PibmE5/vQPoYKmNloIHF0GeQlgdn5zVaqrO/wYkYXFuHTC9Nf+zuag==
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:52 2024 by rpki-client on console-fra.rpki-client.org