Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/34P2ehB63Jnf_nrhdx45jwpYKhk.roa
File: 34P2ehB63Jnf_nrhdx45jwpYKhk.roa (raw, json)
Hash identifier: LpaVL3AiYc8nTQfp/hIOkcz89K5SX0KE1OwPnwdZV18=
Subject key identifier: DF:83:F6:7A:10:7A:DC:99:DF:FE:7A:E1:77:1E:39:8F:0A:58:2A:19
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01856F42F4E80F6D87889B23548D6F402CF0
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/34P2ehB63Jnf_nrhdx45jwpYKhk.roa
Signing time: Sun 01 Jan 2023 21:35:36 +0000
ROA not before: Sun 01 Jan 2023 21:35:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213127
IP address blocks: 2a0e:8f02:f000::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:f4:e8:0f:6d:87:88:9b:23:54:8d:6f:40:2c:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 21:35:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df83f67a107adc99dffe7ae1771e398f0a582a19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:5e:d6:5b:e7:b2:86:b7:03:c0:1a:cf:a9:e1:
8d:6b:65:ef:93:08:2a:a8:55:c9:cb:65:d4:f1:c5:
a0:8f:99:62:fe:73:a2:58:3b:ac:50:95:b4:60:a3:
a7:5f:64:2c:d3:8b:80:ff:ee:dd:d8:c5:64:43:b2:
17:fc:a3:ef:5f:b8:cd:25:49:c8:8b:70:50:1e:a0:
54:ce:7f:21:8d:ff:1f:cc:a3:40:1e:b8:a9:05:9d:
07:ff:1d:7e:c5:5b:97:83:bf:3a:53:77:8f:ea:1a:
d3:49:d6:0f:b1:59:cf:2f:87:5c:cf:29:1d:d9:76:
f4:30:59:ea:1d:27:de:d3:82:ec:4e:81:48:ab:b0:
91:0b:c2:d1:07:41:67:a4:93:12:70:60:a8:21:3c:
e4:80:5a:a2:43:e1:9c:3d:44:b1:e4:21:c9:32:f3:
fa:16:7c:3b:fe:16:be:0b:4e:6f:76:cc:6c:c7:90:
74:c0:3c:5e:60:e4:0d:fd:08:67:aa:e7:27:0a:52:
44:c8:36:c6:57:6d:93:6e:7e:d3:70:84:4d:11:f0:
36:73:89:dc:6b:e3:38:1e:1d:b9:36:1c:e4:59:12:
c2:f5:0d:72:58:1a:99:d0:6b:c5:a0:ba:71:a8:4a:
90:ae:c0:24:91:39:f0:ec:21:a0:0f:ce:bd:7c:2c:
55:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:83:F6:7A:10:7A:DC:99:DF:FE:7A:E1:77:1E:39:8F:0A:58:2A:19
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/34P2ehB63Jnf_nrhdx45jwpYKhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f000::/48
Signature Algorithm: sha256WithRSAEncryption
87:b4:e2:6e:c9:20:e7:81:58:65:34:4a:6a:51:79:3e:a4:f6:
54:7e:60:e8:2b:74:12:91:b5:3d:9c:f6:fe:5c:66:cd:17:79:
b5:dd:4f:b3:44:1b:b6:f9:c8:b2:d9:0f:96:a8:f3:b6:67:00:
f3:29:d3:58:a7:53:a0:a0:92:4d:26:98:67:23:b6:48:43:ed:
3b:81:da:7e:1e:69:7f:04:b0:14:2d:6c:90:b4:79:89:7e:6b:
8f:9e:92:06:eb:b1:7d:4f:26:0b:e9:42:d0:38:4d:44:2a:11:
45:e5:76:e2:a7:0f:cd:8a:8f:cf:fe:f3:32:ea:36:af:0c:b5:
90:42:67:c4:f3:95:59:b1:8a:1c:29:8d:12:70:a4:02:ee:f8:
97:5c:02:ee:8d:ea:23:21:37:fd:b6:e0:0b:58:28:73:11:98:
e8:f8:d3:b0:2e:c1:e0:22:6e:d1:8d:e0:26:39:ef:e5:67:5d:
e0:0f:6e:08:a2:a8:70:3e:39:c0:cb:fd:09:8a:89:59:bc:93:
04:51:26:57:41:cd:00:ea:1a:6d:8d:cc:bf:21:86:4a:37:0e:
7f:7f:3b:c9:b2:1b:a8:2e:8e:a1:9c:39:40:93:25:63:13:0e:
b0:10:7a:43:27:d8:03:0c:e4:6d:96:20:8a:b3:16:34:bf:bb:
e5:ee:fb:ce
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQvToD22HiJsjVI1vQCzwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjgzZjY3YTEwN2FkYzk5ZGZmZTdhZTE3NzFlMzk4ZjBhNTgyYTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAul7WW+eyhrcDwBrPqeGNa2Xvkwgq
qFXJy2XU8cWgj5li/nOiWDusUJW0YKOnX2Qs04uA/+7d2MVkQ7IX/KPvX7jNJUnI
i3BQHqBUzn8hjf8fzKNAHripBZ0H/x1+xVuXg786U3eP6hrTSdYPsVnPL4dczykd
2Xb0MFnqHSfe04LsToFIq7CRC8LRB0FnpJMScGCoITzkgFqiQ+GcPUSx5CHJMvP6
Fnw7/ha+C05vdsxsx5B0wDxeYOQN/QhnqucnClJEyDbGV22Tbn7TcIRNEfA2c4nc
a+M4Hh25NhzkWRLC9Q1yWBqZ0GvFoLpxqEqQrsAkkTnw7CGgD869fCxVfQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN+D9noQetyZ3/564XceOY8KWCoZMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvMzRQMmVoQjYzSm5mX25yaGR4NDVqd3BZS2hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCHtOJuySDngVhlNEpqUXk+pPZUfmDoK3QSkbU9
nPb+XGbNF3m13U+zRBu2+ciy2Q+WqPO2ZwDzKdNYp1OgoJJNJphnI7ZIQ+07gdp+
Hml/BLAULWyQtHmJfmuPnpIG67F9TyYL6ULQOE1EKhFF5Xbipw/Nio/P/vMy6jav
DLWQQmfE85VZsYocKY0ScKQC7viXXALujeojITf9tuALWChzEZjo+NOwLsHgIm7R
jeAmOe/lZ13gD24IoqhwPjnAy/0JiolZvJMEUSZXQc0A6hptjcy/IYZKNw5/fzvJ
shuoLo6hnDlAkyVjEw6wEHpDJ9gDDORtliCKsxY0v7vl7vvO
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:52 2024 by rpki-client on console-fra.rpki-client.org