Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/859W2kSvIp93g_TC4CXBUhfFlww.roa
File: 859W2kSvIp93g_TC4CXBUhfFlww.roa (raw, json)
Hash identifier: 0awnaIfVNnzbHsrqCADhdY8JKzMmZF8r5X6sMaODca0=
Subject key identifier: F3:9F:56:DA:44:AF:22:9F:77:83:F4:C2:E0:25:C1:52:17:C5:97:0C
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01856F42D0C864ADCBFE21DF36950ECAEA2C
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/859W2kSvIp93g_TC4CXBUhfFlww.roa
Signing time: Sun 01 Jan 2023 21:35:27 +0000
ROA not before: Sun 01 Jan 2023 21:35:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204446
IP address blocks: 2a0e:8f02:1000::/40 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:d0:c8:64:ad:cb:fe:21:df:36:95:0e:ca:ea:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 21:35:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f39f56da44af229f7783f4c2e025c15217c5970c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:12:b1:07:33:59:cd:fb:5d:53:c1:e5:f4:66:
3d:c3:5b:e2:a8:70:ed:37:a3:80:47:51:19:f4:1d:
c4:60:ef:b9:e3:84:af:3c:22:6a:7b:33:46:61:aa:
71:6f:3d:8d:53:36:c4:bf:bf:df:c6:9a:47:77:68:
44:25:e7:d1:67:45:61:8f:11:d6:e9:6b:7d:84:7b:
06:a3:35:0c:c3:00:53:df:07:d5:cb:d9:45:2c:e4:
bb:71:71:07:ea:3e:5d:a0:d9:ee:66:9a:1e:c0:40:
b5:ff:75:cb:8a:93:96:ca:5f:81:ec:80:0d:3e:3a:
5a:5c:cd:1c:a6:2d:04:72:9c:d7:af:11:57:5d:99:
fb:ba:00:97:b6:14:39:b2:9d:63:69:55:1b:5a:18:
9f:45:cf:6c:0e:f9:a0:1e:77:bf:c3:c7:7d:31:a2:
11:5e:f3:89:0c:3f:7c:3d:2a:4f:33:c4:6d:7b:bb:
2b:a2:af:e7:56:8c:d4:8f:43:47:41:58:1a:4b:f2:
12:54:8a:50:1b:af:c1:b7:15:08:d1:76:27:26:24:
1a:d5:91:76:48:7f:a0:79:9e:1a:55:2a:1d:e2:d3:
53:2e:0d:90:7c:6a:c4:a9:2a:be:13:ca:ac:63:b4:
80:81:db:75:d6:be:ce:0a:32:54:e7:7e:90:a2:53:
cc:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:9F:56:DA:44:AF:22:9F:77:83:F4:C2:E0:25:C1:52:17:C5:97:0C
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/859W2kSvIp93g_TC4CXBUhfFlww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:1000::/40
Signature Algorithm: sha256WithRSAEncryption
48:7b:1f:00:8e:5e:6b:79:0c:07:d4:f6:2f:3c:14:c8:0f:af:
36:59:a3:10:da:a2:e6:ff:93:ca:4f:1e:e7:b0:81:92:5a:35:
b7:9c:e5:80:a1:ad:2e:00:ae:1b:0e:6f:9c:5f:ad:c8:93:bc:
6c:3b:50:27:6a:b4:d9:7b:8a:c7:a3:9e:42:a9:e0:68:09:2f:
93:43:b1:ab:a7:4b:13:f5:1b:ae:00:ec:d0:66:90:e3:f5:60:
72:8a:f5:87:65:4d:df:8a:ed:b5:97:a8:08:d7:8a:c4:fb:0c:
a8:35:1d:8c:80:05:99:32:22:20:b2:55:dc:af:d0:59:d1:ff:
68:f5:c9:2a:19:02:ad:18:7c:de:d8:8f:66:58:89:5e:4d:f0:
ee:57:02:be:14:68:72:6a:af:4b:47:06:e4:08:2d:d8:bc:05:
62:f7:a1:05:ae:77:75:a5:2e:b4:7f:b0:a6:90:ac:9f:93:2e:
43:50:24:85:07:de:91:26:7e:71:6d:49:56:8b:c4:54:05:e5:
7a:2f:76:38:89:02:ca:b7:80:49:8e:ca:cb:a1:d1:cb:a6:92:
7b:cc:0e:1a:57:c5:0b:8b:73:40:4a:9c:e3:07:92:4e:f2:24:
11:96:32:a3:ec:b8:85:ba:8e:26:eb:cd:d1:68:37:85:9d:99:
c7:48:9f:30
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVvQtDIZK3L/iHfNpUOyuosMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzlmNTZkYTQ0YWYyMjlmNzc4M2Y0YzJlMDI1YzE1MjE3YzU5NzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBKxBzNZzftdU8Hl9GY9w1viqHDt
N6OAR1EZ9B3EYO+544SvPCJqezNGYapxbz2NUzbEv7/fxppHd2hEJefRZ0VhjxHW
6Wt9hHsGozUMwwBT3wfVy9lFLOS7cXEH6j5doNnuZpoewEC1/3XLipOWyl+B7IAN
PjpaXM0cpi0EcpzXrxFXXZn7ugCXthQ5sp1jaVUbWhifRc9sDvmgHne/w8d9MaIR
XvOJDD98PSpPM8Rte7sroq/nVozUj0NHQVgaS/ISVIpQG6/BtxUI0XYnJiQa1ZF2
SH+geZ4aVSod4tNTLg2QfGrEqSq+E8qsY7SAgdt11r7OCjJU536QolPM/QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPOfVtpEryKfd4P0wuAlwVIXxZcMMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvODU5VzJrU3ZJcDkzZ19UQzRDWEJVaGZGbHd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg6PAhAw
DQYJKoZIhvcNAQELBQADggEBAEh7HwCOXmt5DAfU9i88FMgPrzZZoxDaoub/k8pP
HuewgZJaNbec5YChrS4ArhsOb5xfrciTvGw7UCdqtNl7isejnkKp4GgJL5NDsaun
SxP1G64A7NBmkOP1YHKK9YdlTd+K7bWXqAjXisT7DKg1HYyABZkyIiCyVdyv0FnR
/2j1ySoZAq0YfN7Yj2ZYiV5N8O5XAr4UaHJqr0tHBuQILdi8BWL3oQWud3WlLrR/
sKaQrJ+TLkNQJIUH3pEmfnFtSVaLxFQF5XovdjiJAsq3gEmOysuh0cumknvMDhpX
xQuLc0BKnOMHkk7yJBGWMqPsuIW6jibrzdFoN4WdmcdInzA=
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:00 2024 by rpki-client on console-ams.rpki-client.org