Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/Wc0QM5_BJcf1e9GRkPQy1w_YjcU.roa
File: Wc0QM5_BJcf1e9GRkPQy1w_YjcU.roa (raw, json)
Hash identifier: mCBSKlBs5NIbfqCMrs+HC3e9XPR0/7BGVwgC+VJ9vaw=
Subject key identifier: 59:CD:10:33:9F:C1:25:C7:F5:7B:D1:91:90:F4:32:D7:0F:D8:8D:C5
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01856F42EADF739A5A9C350205F529A6A7EE
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/Wc0QM5_BJcf1e9GRkPQy1w_YjcU.roa
Signing time: Sun 01 Jan 2023 21:35:34 +0000
ROA not before: Sun 01 Jan 2023 21:35:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212358
IP address blocks: 2a0e:8f02:f00f::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:ea:df:73:9a:5a:9c:35:02:05:f5:29:a6:a7:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 21:35:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=59cd10339fc125c7f57bd19190f432d70fd88dc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:7a:7b:47:c1:bf:ce:fd:52:e7:48:bc:61:c7:
53:f6:b6:be:87:1b:69:12:1f:59:a2:54:c2:f4:13:
9b:36:db:1a:0d:9c:0b:c1:af:1c:06:85:3a:56:cc:
a6:36:95:59:e9:4d:12:2c:67:ba:1a:2e:81:5c:65:
5c:91:4f:9d:67:f5:26:ec:5c:86:97:b5:36:ea:c3:
11:e2:fd:66:b7:1a:dd:4a:b8:1f:26:bb:7c:b8:56:
9e:3e:aa:8c:e3:97:7d:18:b0:4f:54:69:8f:7e:94:
41:a6:00:a0:63:62:59:90:e9:f0:16:43:56:d6:3b:
7e:b9:35:a9:bc:9f:15:7f:8a:91:34:29:22:37:71:
3d:40:ec:56:56:51:13:93:45:8c:c6:fd:1b:0d:86:
b6:b1:07:bc:a7:7a:c1:41:94:d4:96:8a:c1:43:e1:
e8:0d:71:43:27:05:39:43:9c:c5:e2:37:76:96:c0:
af:d2:5a:ef:09:c1:4b:f4:13:f3:ad:ba:ce:4a:da:
81:6c:78:62:7b:62:3d:0f:ad:08:fc:9d:c3:fd:a6:
63:e0:7b:22:a6:48:5c:4a:e0:55:8a:f4:7c:5e:0c:
bb:d8:1c:c1:a2:52:5c:44:7b:98:38:ee:b3:9f:8a:
2a:6d:ac:46:2f:a9:aa:aa:07:44:90:1e:2c:48:40:
60:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:CD:10:33:9F:C1:25:C7:F5:7B:D1:91:90:F4:32:D7:0F:D8:8D:C5
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/Wc0QM5_BJcf1e9GRkPQy1w_YjcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f00f::/48
Signature Algorithm: sha256WithRSAEncryption
95:82:dc:76:1f:78:d1:f6:91:7c:c9:3d:2c:a7:b2:1e:be:dd:
9d:60:71:d1:27:21:35:ea:ba:4f:a6:55:53:c4:80:b8:a6:80:
9d:7d:ad:81:62:4f:0e:f7:30:85:c6:c8:38:75:a3:29:39:bc:
00:0b:3e:ad:5b:ed:91:97:50:ef:86:31:29:99:2c:3f:3a:8d:
f0:d4:33:98:0f:61:ba:e2:43:00:05:39:bc:f1:4d:06:f2:fd:
9b:c7:59:d1:ca:69:47:fd:6b:16:90:e2:be:be:72:07:c2:d0:
bc:5e:53:1b:80:11:bb:58:94:39:64:58:12:91:06:ef:e1:85:
e7:fd:f2:75:70:77:20:50:7f:6d:c4:40:79:5e:8c:54:db:53:
41:b9:c4:a2:4b:e6:1b:35:ce:0a:ca:db:ac:97:a4:1a:77:81:
9c:7b:cb:87:ea:77:f1:6e:bb:44:43:41:0d:ee:72:4d:95:44:
23:0e:3b:05:db:d3:bc:e7:45:7a:ad:cc:25:67:46:00:19:c7:
51:9d:4f:4c:54:c0:fe:32:f3:65:d2:99:ad:eb:d6:31:90:0b:
d7:1a:6c:95:66:16:25:0a:18:ef:34:d0:cd:3e:35:f4:cc:22:
c7:f3:49:7d:38:3a:55:41:8e:f4:f2:f8:b9:1c:25:f4:9c:57:
08:21:10:dc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQurfc5panDUCBfUppqfuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWNkMTAzMzlmYzEyNWM3ZjU3YmQxOTE5MGY0MzJkNzBmZDg4ZGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHp7R8G/zv1S50i8YcdT9ra+hxtp
Eh9ZolTC9BObNtsaDZwLwa8cBoU6VsymNpVZ6U0SLGe6Gi6BXGVckU+dZ/Um7FyG
l7U26sMR4v1mtxrdSrgfJrt8uFaePqqM45d9GLBPVGmPfpRBpgCgY2JZkOnwFkNW
1jt+uTWpvJ8Vf4qRNCkiN3E9QOxWVlETk0WMxv0bDYa2sQe8p3rBQZTUlorBQ+Ho
DXFDJwU5Q5zF4jd2lsCv0lrvCcFL9BPzrbrOStqBbHhie2I9D60I/J3D/aZj4Hsi
pkhcSuBVivR8Xgy72BzBolJcRHuYOO6zn4oqbaxGL6mqqgdEkB4sSEBgGQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFnNEDOfwSXH9XvRkZD0MtcP2I3FMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvV2MwUU01X0JKY2YxZTlHUmtQUXkxd19ZamNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvAP
MA0GCSqGSIb3DQEBCwUAA4IBAQCVgtx2H3jR9pF8yT0sp7Ievt2dYHHRJyE16rpP
plVTxIC4poCdfa2BYk8O9zCFxsg4daMpObwACz6tW+2Rl1DvhjEpmSw/Oo3w1DOY
D2G64kMABTm88U0G8v2bx1nRymlH/WsWkOK+vnIHwtC8XlMbgBG7WJQ5ZFgSkQbv
4YXn/fJ1cHcgUH9txEB5XoxU21NBucSiS+YbNc4Kytusl6Qad4Gce8uH6nfxbrtE
Q0EN7nJNlUQjDjsF29O850V6rcwlZ0YAGcdRnU9MVMD+MvNl0pmt69YxkAvXGmyV
ZhYlChjvNNDNPjX0zCLH80l9ODpVQY708vi5HCX0nFcIIRDc
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:52 2024 by rpki-client on console-fra.rpki-client.org