Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/9G_wxYTufq6jJO0f9-IBulpJK-U.roa
File: 9G_wxYTufq6jJO0f9-IBulpJK-U.roa (raw, json)
Hash identifier: giCsaH1EV0fEpBpsE9vQV68V2bbNjC/EKAE+JVisMqw=
Subject key identifier: F4:6F:F0:C5:84:EE:7E:AE:A3:24:ED:1F:F7:E2:01:BA:5A:49:2B:E5
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01856F42D8D8FDB0D2A464A37E619F474955
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/9G_wxYTufq6jJO0f9-IBulpJK-U.roa
Signing time: Sun 01 Jan 2023 21:35:29 +0000
ROA not before: Sun 01 Jan 2023 21:35:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210915
IP address blocks: 2a0e:8f02:f036::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:d8:d8:fd:b0:d2:a4:64:a3:7e:61:9f:47:49:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 21:35:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f46ff0c584ee7eaea324ed1ff7e201ba5a492be5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f1:08:10:6a:ce:5b:45:e3:13:e2:0e:13:72:
28:11:fb:e1:bc:73:eb:dd:31:49:09:9a:62:74:d2:
2d:ec:9d:82:65:d5:25:dd:5c:34:bf:d4:6d:e5:0a:
fc:a3:dc:8c:e5:e0:3a:32:0c:14:af:ef:78:e6:e3:
87:cc:5c:6e:07:c8:ba:7c:7d:b3:d5:6a:ac:43:ed:
d5:34:84:d6:d2:a7:4b:fb:99:6a:d6:05:63:a1:c5:
cc:1d:1f:09:d3:42:06:ae:6c:18:d7:a5:cc:a0:0f:
6e:c3:f7:be:bd:da:fb:68:52:c8:c9:d4:6c:c7:65:
f0:84:20:10:1c:02:03:16:d6:aa:7e:94:0f:50:40:
fe:c4:17:f8:17:a7:01:4f:3e:11:37:bf:8e:f2:95:
ad:bc:75:cf:ce:5a:be:3c:d1:ce:72:23:26:51:59:
b7:c0:e9:84:95:87:75:9b:2e:e5:e3:4f:fe:4d:d0:
b4:87:c4:12:1f:ba:ef:6c:5e:3a:4b:29:5e:7a:24:
6a:ba:b8:a3:c0:c3:69:5d:65:fd:15:ea:d8:0f:6d:
7e:9d:6a:a0:9c:f7:b5:e0:77:89:cd:bb:04:b6:1c:
d4:94:d9:34:77:f5:81:d6:e1:56:cf:1e:52:f3:22:
68:1c:40:7d:2b:e9:19:8d:0d:cb:9b:f2:9b:8f:42:
cc:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:6F:F0:C5:84:EE:7E:AE:A3:24:ED:1F:F7:E2:01:BA:5A:49:2B:E5
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/9G_wxYTufq6jJO0f9-IBulpJK-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f036::/48
Signature Algorithm: sha256WithRSAEncryption
1e:ce:53:6d:08:09:fe:89:1d:48:22:fc:74:88:1d:5f:05:09:
cc:e6:7f:a7:31:3b:c6:9e:d4:9e:a7:b3:cc:66:7c:00:3b:6c:
1a:24:55:d1:d1:da:7b:7b:57:3c:45:c2:5d:ba:19:54:0e:2c:
a7:d4:1b:70:95:bf:ea:7d:09:9d:6e:fc:63:8c:74:c3:ed:28:
b8:0e:16:85:29:cc:ab:e7:f8:7a:89:0a:eb:f4:ca:94:13:33:
44:7a:7c:22:a0:a4:86:34:74:f4:05:ef:36:6c:13:78:c9:cf:
f7:de:ad:f8:9c:a0:68:0e:4f:65:f8:02:39:92:99:51:40:83:
76:29:bf:1f:6e:0d:3e:f1:1b:74:6b:74:71:0c:1a:12:db:7b:
6a:87:ce:62:7e:53:93:9f:72:b5:1d:b9:05:60:be:d8:d6:e9:
0f:32:19:0d:f8:cc:5d:29:8e:fe:65:22:8f:89:0b:25:b4:5c:
c2:08:67:a8:f7:89:11:ff:b4:51:1f:72:45:79:c5:21:ab:66:
5b:cf:44:bb:19:d4:96:e9:1f:28:9d:66:ea:e1:29:08:5b:e9:
fe:a2:f6:90:b0:8b:a0:04:6d:0b:e5:77:2c:7c:c0:80:99:20:
7c:fb:ab:72:4d:ac:6f:92:3a:32:97:f3:d1:ed:e8:27:4e:23:
4d:f3:f4:67
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQtjY/bDSpGSjfmGfR0lVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDZmZjBjNTg0ZWU3ZWFlYTMyNGVkMWZmN2UyMDFiYTVhNDkyYmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvEIEGrOW0XjE+IOE3IoEfvhvHPr
3TFJCZpidNIt7J2CZdUl3Vw0v9Rt5Qr8o9yM5eA6MgwUr+945uOHzFxuB8i6fH2z
1WqsQ+3VNITW0qdL+5lq1gVjocXMHR8J00IGrmwY16XMoA9uw/e+vdr7aFLIydRs
x2XwhCAQHAIDFtaqfpQPUED+xBf4F6cBTz4RN7+O8pWtvHXPzlq+PNHOciMmUVm3
wOmElYd1my7l40/+TdC0h8QSH7rvbF46SyleeiRqurijwMNpXWX9FerYD21+nWqg
nPe14HeJzbsEthzUlNk0d/WB1uFWzx5S8yJoHEB9K+kZjQ3Lm/Kbj0LMuwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPRv8MWE7n6uoyTtH/fiAbpaSSvlMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvOUdfd3hZVHVmcTZqSk8wZjktSUJ1bHBKSy1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvA2
MA0GCSqGSIb3DQEBCwUAA4IBAQAezlNtCAn+iR1IIvx0iB1fBQnM5n+nMTvGntSe
p7PMZnwAO2waJFXR0dp7e1c8RcJduhlUDiyn1Btwlb/qfQmdbvxjjHTD7Si4DhaF
Kcyr5/h6iQrr9MqUEzNEenwioKSGNHT0Be82bBN4yc/33q34nKBoDk9l+AI5kplR
QIN2Kb8fbg0+8Rt0a3RxDBoS23tqh85iflOTn3K1HbkFYL7Y1ukPMhkN+MxdKY7+
ZSKPiQsltFzCCGeo94kR/7RRH3JFecUhq2Zbz0S7GdSW6R8onWbq4SkIW+n+ovaQ
sIugBG0L5XcsfMCAmSB8+6tyTaxvkjoyl/PR7egnTiNN8/Rn
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:00 2024 by rpki-client on console-ams.rpki-client.org