Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/60l_kXdYXYw9xBlZsJndsSsiTgA.roa
File: 60l_kXdYXYw9xBlZsJndsSsiTgA.roa (raw, json)
Hash identifier: 5C2tpENV18IGOU/7lgsmX49N3FhASffv/2mDXfjBxUM=
Subject key identifier: EB:49:7F:91:77:58:5D:8C:3D:C4:19:59:B0:99:DD:B1:2B:22:4E:00
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01856F42E5F0A3695E142AB10A0B90F740A2
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/60l_kXdYXYw9xBlZsJndsSsiTgA.roa
Signing time: Sun 01 Jan 2023 21:35:33 +0000
ROA not before: Sun 01 Jan 2023 21:35:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212112
IP address blocks: 2a0e:8f02:f017::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:e5:f0:a3:69:5e:14:2a:b1:0a:0b:90:f7:40:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 21:35:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb497f9177585d8c3dc41959b099ddb12b224e00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:94:65:3d:d7:28:c3:05:07:8d:88:2b:79:44:
3c:6b:c3:a8:5c:a2:b5:c1:62:ec:f2:9d:13:0f:18:
9f:f3:e2:9e:d3:7f:87:e8:be:d8:20:8e:0e:c3:68:
06:72:0b:79:0b:11:23:5d:e0:ab:52:e8:a2:aa:cd:
3f:f6:fa:75:2b:88:0b:88:2b:83:b2:63:0d:c1:ab:
98:c8:bf:8c:ae:86:52:97:43:5b:72:fc:d7:ca:49:
12:8c:05:50:f7:98:40:07:27:74:b2:da:24:86:83:
ec:78:b8:1b:46:09:17:35:6f:74:07:0d:0a:d5:61:
d6:29:b9:a9:d3:c8:f3:52:1c:87:13:59:aa:66:52:
5d:51:6b:c3:d1:63:41:d3:6e:9b:df:3a:8d:d7:9f:
bd:30:66:d1:bd:c3:e7:77:b0:fc:80:65:52:55:46:
51:47:58:97:60:e0:91:e6:96:fe:21:c4:cd:fe:32:
b4:b1:5b:06:96:6e:6f:ca:35:29:10:50:51:bd:41:
99:48:b9:9c:81:a1:a0:e1:7e:9e:12:ae:22:99:3e:
26:43:b3:ba:f1:ca:fd:87:45:4e:9e:79:e8:ba:b5:
18:9d:50:3d:06:a5:46:ee:72:dc:92:cf:17:9c:da:
42:bd:8d:c2:8c:84:19:29:77:f7:f7:4a:ea:49:55:
e5:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:49:7F:91:77:58:5D:8C:3D:C4:19:59:B0:99:DD:B1:2B:22:4E:00
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/60l_kXdYXYw9xBlZsJndsSsiTgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f017::/48
Signature Algorithm: sha256WithRSAEncryption
8e:fd:a9:4e:9f:c6:2c:3a:b5:3c:ac:80:98:5d:6e:33:a4:c8:
85:03:af:04:f3:aa:bb:1b:f6:4d:ac:89:66:6a:f2:dd:3f:20:
37:d1:f5:df:72:8e:86:c2:57:a5:fc:96:96:13:7b:a6:ee:51:
1d:5d:8d:68:8c:9a:59:0d:db:65:a6:ee:5b:60:25:b3:fe:d5:
d8:df:c6:87:11:06:9e:38:55:45:ae:72:94:68:72:ae:70:e8:
3f:10:97:f4:0b:8b:82:79:47:de:04:1d:61:a0:7b:f8:be:82:
16:27:f3:36:29:22:bc:c2:6e:85:2b:7d:d4:98:6a:a5:f0:c9:
53:72:e2:0b:f8:ff:cc:34:e7:a2:d4:23:05:36:95:d9:36:f5:
85:56:3a:da:bd:7a:0a:8f:1f:84:06:a7:5c:01:de:3f:a3:c6:
2b:0e:54:e3:20:a5:f8:17:74:3c:a5:40:a4:e9:8a:93:3e:01:
95:2e:0f:db:f8:c7:b8:4c:fb:5a:d0:63:f1:e8:75:a5:33:b8:
2c:1d:1e:a3:b5:1d:ba:b8:ab:37:2c:74:70:d4:d8:d7:0d:6a:
8f:45:76:4f:a3:86:03:a6:d5:77:b3:8f:3a:19:30:31:fa:63:
d0:2f:64:2b:af:c8:7c:3b:86:79:57:f6:6d:ae:4d:f5:0e:26:
a9:d5:d4:7e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQuXwo2leFCqxCguQ90CiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjQ5N2Y5MTc3NTg1ZDhjM2RjNDE5NTliMDk5ZGRiMTJiMjI0ZTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5RlPdcowwUHjYgreUQ8a8OoXKK1
wWLs8p0TDxif8+Ke03+H6L7YII4Ow2gGcgt5CxEjXeCrUuiiqs0/9vp1K4gLiCuD
smMNwauYyL+MroZSl0NbcvzXykkSjAVQ95hAByd0stokhoPseLgbRgkXNW90Bw0K
1WHWKbmp08jzUhyHE1mqZlJdUWvD0WNB026b3zqN15+9MGbRvcPnd7D8gGVSVUZR
R1iXYOCR5pb+IcTN/jK0sVsGlm5vyjUpEFBRvUGZSLmcgaGg4X6eEq4imT4mQ7O6
8cr9h0VOnnnourUYnVA9BqVG7nLcks8XnNpCvY3CjIQZKXf390rqSVXlaQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOtJf5F3WF2MPcQZWbCZ3bErIk4AMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvNjBsX2tYZFlYWXc5eEJsWnNKbmRzU3NpVGdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvAX
MA0GCSqGSIb3DQEBCwUAA4IBAQCO/alOn8YsOrU8rICYXW4zpMiFA68E86q7G/ZN
rIlmavLdPyA30fXfco6Gwlel/JaWE3um7lEdXY1ojJpZDdtlpu5bYCWz/tXY38aH
EQaeOFVFrnKUaHKucOg/EJf0C4uCeUfeBB1hoHv4voIWJ/M2KSK8wm6FK33UmGql
8MlTcuIL+P/MNOei1CMFNpXZNvWFVjravXoKjx+EBqdcAd4/o8YrDlTjIKX4F3Q8
pUCk6YqTPgGVLg/b+Me4TPta0GPx6HWlM7gsHR6jtR26uKs3LHRw1NjXDWqPRXZP
o4YDptV3s486GTAx+mPQL2Qrr8h8O4Z5V/Ztrk31Diap1dR+
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:52 2024 by rpki-client on console-fra.rpki-client.org