Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/VffCZlZgrhELJ5-hYYu78f5jakY.roa
File: VffCZlZgrhELJ5-hYYu78f5jakY.roa (raw, json)
Hash identifier: MsZ7Hxw4+XZkD0B6Jp3VbT44LZ4NVDuKb/rC1qEjTGk=
Subject key identifier: 55:F7:C2:66:56:60:AE:11:0B:27:9F:A1:61:8B:BB:F1:FE:63:6A:46
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01856F42CAE1BF3085D9A6DAC45FE502CF3E
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/VffCZlZgrhELJ5-hYYu78f5jakY.roa
Signing time: Sun 01 Jan 2023 21:35:26 +0000
ROA not before: Sun 01 Jan 2023 21:35:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38230
IP address blocks: 2a0e:8f01::/35 maxlen: 48
2a0e:8f01::/48 maxlen: 48
2a0e:8f01:10b::/48 maxlen: 48
2a0e:8f01:104::/48 maxlen: 48
2a0e:8f01:10c::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:ca:e1:bf:30:85:d9:a6:da:c4:5f:e5:02:cf:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 21:35:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=55f7c2665660ae110b279fa1618bbbf1fe636a46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2c:f3:96:3c:fb:67:75:2c:39:10:cc:fe:cc:
ca:ae:d0:b8:c6:a4:e6:0a:db:ae:88:6c:8f:59:a6:
d6:23:5d:4f:08:71:74:db:4e:aa:6d:33:d4:28:a4:
c1:31:39:b3:66:d9:3e:b4:f3:90:5a:01:26:4e:11:
02:03:02:bd:cd:0e:9b:98:ad:ff:c7:1f:bf:b0:e6:
b5:95:fb:69:0e:80:b0:c1:fe:b1:bd:99:aa:1a:89:
0d:d5:1d:4c:05:63:67:96:a7:cb:c5:96:3d:e9:b3:
0f:01:11:61:66:e5:a6:4e:f5:85:d0:f4:d7:24:a2:
91:ff:ea:c2:60:58:43:bd:d6:a5:f3:da:a2:86:0a:
bf:53:ea:12:4e:35:b6:84:3d:76:cb:b6:a7:b0:b1:
03:e0:a4:4f:d0:62:90:bf:65:0e:34:2a:ed:05:1e:
e2:a2:b9:1a:46:35:94:f0:6c:8d:57:b6:84:ba:8a:
b7:61:01:31:0d:ba:ca:1c:6a:e3:0e:3d:32:16:e2:
ee:28:88:16:ac:c9:74:0b:ad:83:fe:ec:7f:3f:cd:
1e:e2:84:89:18:b4:03:64:43:f6:50:33:68:f1:6b:
03:de:7f:90:42:d5:19:ae:24:6e:80:29:42:dc:37:
ca:bf:07:06:6c:d3:d8:c1:c6:67:d0:e8:58:d4:70:
e8:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:F7:C2:66:56:60:AE:11:0B:27:9F:A1:61:8B:BB:F1:FE:63:6A:46
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/VffCZlZgrhELJ5-hYYu78f5jakY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f01::/35
Signature Algorithm: sha256WithRSAEncryption
5d:c4:d2:91:3f:4f:84:68:5c:07:92:7a:2a:5d:ca:6d:65:51:
a0:84:20:7e:60:ce:87:13:87:61:69:09:52:4b:e4:eb:d7:d6:
b3:9f:20:b6:12:4d:13:8a:ac:6f:cc:be:92:7d:e3:6b:e1:7d:
d2:ef:42:22:e5:e9:1c:5b:ca:bb:60:87:11:7f:8f:23:1e:cf:
02:78:08:95:51:5d:0d:1b:43:2a:ad:d7:2a:de:04:9d:72:2a:
98:ae:bb:57:2b:a6:f5:6f:ce:1d:04:6c:ce:ab:99:da:2a:4b:
0d:9e:4f:6b:7a:75:b8:2d:9b:f2:f9:91:26:d0:81:6b:3c:d1:
a6:a4:4b:ef:9e:ab:96:b2:77:c4:e8:17:93:ab:d3:81:94:66:
44:f5:b9:b2:0e:a1:28:1e:44:1a:23:c3:69:23:34:7b:a9:ff:
d4:6c:74:03:b5:ef:ca:aa:c0:bb:99:17:fe:4b:80:66:54:47:
14:19:c2:81:e6:22:8d:f5:16:fd:ba:f4:26:f5:2c:30:70:ff:
41:d9:b2:d2:b5:b2:db:af:0a:fb:f7:5c:e4:a0:01:fd:50:b3:
f0:16:6f:82:4b:ae:09:4d:11:89:0b:d7:bf:f1:df:31:55:f4:
a2:9f:0a:4c:7b:a2:4e:a6:49:77:29:30:7f:c5:65:f2:65:60:
c8:fa:f1:a6
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVvQsrhvzCF2abaxF/lAs8+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWY3YzI2NjU2NjBhZTExMGIyNzlmYTE2MThiYmJmMWZlNjM2YTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryzzljz7Z3UsORDM/szKrtC4xqTm
CtuuiGyPWabWI11PCHF0206qbTPUKKTBMTmzZtk+tPOQWgEmThECAwK9zQ6bmK3/
xx+/sOa1lftpDoCwwf6xvZmqGokN1R1MBWNnlqfLxZY96bMPARFhZuWmTvWF0PTX
JKKR/+rCYFhDvdal89qihgq/U+oSTjW2hD12y7ansLED4KRP0GKQv2UONCrtBR7i
orkaRjWU8GyNV7aEuoq3YQExDbrKHGrjDj0yFuLuKIgWrMl0C62D/ux/P80e4oSJ
GLQDZEP2UDNo8WsD3n+QQtUZriRugClC3DfKvwcGbNPYwcZn0OhY1HDouQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFX3wmZWYK4RCyefoWGLu/H+Y2pGMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvVmZmQ1psWmdyaEVMSjUtaFlZdTc4ZjVqYWtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYFKg6PAQAw
DQYJKoZIhvcNAQELBQADggEBAF3E0pE/T4RoXAeSeipdym1lUaCEIH5gzocTh2Fp
CVJL5OvX1rOfILYSTROKrG/MvpJ942vhfdLvQiLl6RxbyrtghxF/jyMezwJ4CJVR
XQ0bQyqt1yreBJ1yKpiuu1crpvVvzh0EbM6rmdoqSw2eT2t6dbgtm/L5kSbQgWs8
0aakS++eq5ayd8ToF5Or04GUZkT1ubIOoSgeRBojw2kjNHup/9RsdAO178qqwLuZ
F/5LgGZURxQZwoHmIo31Fv269Cb1LDBw/0HZstK1stuvCvv3XOSgAf1Qs/AWb4JL
rglNEYkL17/x3zFV9KKfCkx7ok6mSXcpMH/FZfJlYMj68aY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:24 2023 by rpki-client on console-fra.rpki-client.org