Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/IKvAWXEs6GVacaluWGSpZllBQHw.roa
File: IKvAWXEs6GVacaluWGSpZllBQHw.roa (raw, json)
Hash identifier: 2CMbie6f5WlvnM5HPOsiVOIofb+GldEWdzpbDEFKnoU=
Subject key identifier: 20:AB:C0:59:71:2C:E8:65:5A:71:A9:6E:58:64:A9:66:59:41:40:7C
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01856F42E423F75834B43A073CEFB43572D9
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/IKvAWXEs6GVacaluWGSpZllBQHw.roa
Signing time: Sun 01 Jan 2023 21:35:32 +0000
ROA not before: Sun 01 Jan 2023 21:35:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211870
IP address blocks: 2a0e:8f02:2100::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:e4:23:f7:58:34:b4:3a:07:3c:ef:b4:35:72:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 21:35:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20abc059712ce8655a71a96e5864a9665941407c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:fa:75:0a:22:d4:4d:7d:ea:61:2e:19:4b:78:
69:56:70:3d:92:bc:6e:fa:09:86:79:46:c1:3f:45:
6b:60:47:86:f1:b6:5c:b0:03:ba:e4:89:10:47:c0:
9e:d7:51:0c:66:f2:7a:1c:e1:fc:f6:3d:41:e9:e6:
87:31:a1:68:96:23:e4:dd:8a:72:87:d6:f8:d8:fb:
7b:5a:9f:61:46:55:ef:b2:1a:72:b9:f8:81:95:c8:
65:95:ea:cb:8c:44:ff:50:8b:c3:cc:3b:be:aa:b3:
77:39:fb:1b:49:a8:54:cf:bb:70:19:84:58:8f:69:
31:43:57:e2:fe:f4:f9:11:f3:e8:a8:cf:47:3d:56:
7a:0b:08:e0:c5:3e:8a:00:f0:ae:58:1a:a3:20:1c:
53:dd:9f:98:95:9a:7c:6b:b8:78:4f:c8:4e:2f:88:
57:eb:e7:3a:88:bf:fa:76:01:88:c7:6c:49:45:f7:
c8:3b:89:e7:65:2e:69:b9:0e:83:9c:6a:26:3c:02:
8c:5e:95:df:b8:62:81:ec:c9:65:a5:4d:11:62:e2:
4e:44:13:ba:b0:a2:c2:84:bc:88:41:3d:91:7b:3b:
21:a7:f2:dc:1c:13:77:3c:e6:c9:f0:23:b1:88:98:
6c:e1:44:00:42:d5:f0:1a:ce:9c:2d:ad:79:d4:58:
8d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:AB:C0:59:71:2C:E8:65:5A:71:A9:6E:58:64:A9:66:59:41:40:7C
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/IKvAWXEs6GVacaluWGSpZllBQHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:2100::/44
Signature Algorithm: sha256WithRSAEncryption
78:ae:01:7d:cc:4f:65:37:44:3a:48:eb:2e:68:d4:c4:5e:e3:
54:fe:bb:4c:44:64:9f:de:e7:98:da:d6:f0:ce:a0:1d:fb:79:
71:3d:80:47:89:bd:2e:8f:82:d9:75:d4:b8:14:78:3e:fa:15:
4d:e7:c4:af:b8:53:a2:f7:14:2c:a4:5c:0a:49:91:3d:f6:5c:
ef:0c:86:0d:c1:86:35:7d:ab:e0:69:94:1f:28:eb:ef:d9:81:
55:c2:fc:cb:03:dc:e4:23:ba:1f:3e:dc:ca:30:cf:4c:26:88:
f9:69:e7:58:81:d6:96:28:ae:9b:d4:ed:2a:54:03:1b:53:03:
14:2b:ec:30:f9:fe:1c:86:93:92:56:93:e2:c2:f5:d3:20:62:
28:6f:a2:c2:5b:36:f0:3d:ee:aa:65:1a:ee:21:36:3d:5f:4e:
29:8a:a4:36:ba:22:53:41:91:c4:f8:64:de:dd:1d:83:ea:3d:
65:2e:a7:54:3d:4d:bb:fe:8f:a7:45:e4:00:47:65:3d:bb:c2:
1f:e3:c0:3d:8e:24:b2:05:54:78:b0:80:d2:f3:96:f2:e4:6d:
e2:73:d7:bd:7b:ef:b8:8a:14:fb:fe:99:28:2e:76:95:9f:d8:
49:44:a8:91:43:ab:6e:23:aa:df:05:45:74:60:d2:1d:b0:0d:
a1:03:04:90
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQuQj91g0tDoHPO+0NXLZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGFiYzA1OTcxMmNlODY1NWE3MWE5NmU1ODY0YTk2NjU5NDE0MDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvp1CiLUTX3qYS4ZS3hpVnA9krxu
+gmGeUbBP0VrYEeG8bZcsAO65IkQR8Ce11EMZvJ6HOH89j1B6eaHMaFoliPk3Ypy
h9b42Pt7Wp9hRlXvshpyufiBlchllerLjET/UIvDzDu+qrN3OfsbSahUz7twGYRY
j2kxQ1fi/vT5EfPoqM9HPVZ6CwjgxT6KAPCuWBqjIBxT3Z+YlZp8a7h4T8hOL4hX
6+c6iL/6dgGIx2xJRffIO4nnZS5puQ6DnGomPAKMXpXfuGKB7MllpU0RYuJORBO6
sKLChLyIQT2Rezshp/LcHBN3PObJ8COxiJhs4UQAQtXwGs6cLa151FiNBQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCCrwFlxLOhlWnGpblhkqWZZQUB8MB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvSUt2QVdYRXM2R1ZhY2FsdVdHU3BabGxCUUh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6PAiEA
MA0GCSqGSIb3DQEBCwUAA4IBAQB4rgF9zE9lN0Q6SOsuaNTEXuNU/rtMRGSf3ueY
2tbwzqAd+3lxPYBHib0uj4LZddS4FHg++hVN58SvuFOi9xQspFwKSZE99lzvDIYN
wYY1favgaZQfKOvv2YFVwvzLA9zkI7ofPtzKMM9MJoj5aedYgdaWKK6b1O0qVAMb
UwMUK+ww+f4chpOSVpPiwvXTIGIob6LCWzbwPe6qZRruITY9X04piqQ2uiJTQZHE
+GTe3R2D6j1lLqdUPU27/o+nReQAR2U9u8If48A9jiSyBVR4sIDS85by5G3ic9e9
e++4ihT7/pkoLnaVn9hJRKiRQ6tuI6rfBUV0YNIdsA2hAwSQ
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:52 2024 by rpki-client on console-fra.rpki-client.org