Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/alPWKX1Ol0-isKoiR510XLphy6M.roa
File: alPWKX1Ol0-isKoiR510XLphy6M.roa (raw, json)
Hash identifier: AOd+ykdAw/WmNaUyquEJqvTqpiECEK5I34hZk3F8LCs=
Subject key identifier: 6A:53:D6:29:7D:4E:97:4F:A2:B0:AA:22:47:9D:74:5C:BA:61:CB:A3
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01856F42CB7C32CD1FFD9B2F34EB91A4DC58
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/alPWKX1Ol0-isKoiR510XLphy6M.roa
Signing time: Sun 01 Jan 2023 21:35:26 +0000
ROA not before: Sun 01 Jan 2023 21:35:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49933
IP address blocks: 2a0e:8f00:f100::/40 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:cb:7c:32:cd:1f:fd:9b:2f:34:eb:91:a4:dc:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 21:35:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a53d6297d4e974fa2b0aa22479d745cba61cba3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e0:cf:ea:24:f2:e1:56:03:cf:24:15:3f:4a:
18:92:d9:6d:3b:f9:b6:20:72:86:02:f9:21:a8:3b:
d5:f9:8f:6b:e9:de:49:5a:53:55:67:07:88:01:de:
d6:c4:14:44:15:8d:79:03:1d:ae:52:68:4d:03:80:
4b:1e:16:cb:7e:69:78:32:d6:00:51:fb:cf:61:97:
f6:90:d2:b8:9d:c8:1e:3c:e6:50:ee:e9:cb:a9:3a:
f8:9d:18:f1:46:89:b3:c4:69:b3:1a:86:35:95:7c:
c1:56:53:11:33:9f:3e:91:8c:ff:cd:64:5e:f0:56:
d4:d0:84:e4:14:86:a7:00:1b:8d:d2:d5:5c:c7:60:
41:d7:b5:ba:6e:73:1c:35:d0:eb:f3:dc:5e:71:25:
e3:69:dd:42:d4:fc:ed:dd:5c:29:0c:38:7a:fa:a1:
45:3d:59:fc:f8:1e:00:24:e1:8b:a6:64:49:e3:f9:
1c:2c:c8:08:e9:dd:96:f4:db:6f:40:98:fd:00:62:
4f:53:64:48:08:74:81:9c:17:d7:68:97:87:e0:20:
6b:b4:bb:56:bb:e0:1a:38:7b:7b:5a:bd:50:64:78:
6a:8f:0a:a3:01:79:bc:74:97:76:77:ad:93:1e:25:
60:d6:13:b4:6e:8b:a6:40:26:3e:97:de:70:e1:26:
fd:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:53:D6:29:7D:4E:97:4F:A2:B0:AA:22:47:9D:74:5C:BA:61:CB:A3
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/alPWKX1Ol0-isKoiR510XLphy6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f00:f100::/40
Signature Algorithm: sha256WithRSAEncryption
81:a5:a2:f1:d0:33:7e:c5:98:70:c2:0d:bc:6c:79:a0:15:f9:
74:fe:4a:27:57:0f:ca:30:df:42:8e:4e:8d:fb:10:57:26:19:
02:52:73:12:33:e7:a9:61:92:97:20:45:5f:27:46:5f:b6:59:
45:df:09:ba:90:0c:9f:05:80:e3:c9:95:0d:93:30:06:04:fb:
3e:ce:ea:73:05:c0:4e:fc:3f:e4:11:53:ec:fc:e2:f6:37:68:
c8:bf:79:0a:53:03:5f:95:91:0c:58:f0:05:a9:d3:57:d9:1a:
ba:6b:4b:8a:3c:e3:62:9d:17:b1:0e:8e:e7:d9:ec:1f:28:a5:
57:8a:e3:f8:09:58:61:6c:ce:c5:62:f8:ef:81:8d:7f:ba:cb:
05:68:0d:04:21:dc:95:40:69:cb:81:73:8a:48:b6:18:07:b7:
7d:e6:18:d6:83:bd:b7:ca:75:75:8f:8a:27:5d:21:72:d7:36:
33:3e:d6:5d:dc:57:e2:d2:17:9d:e7:b8:1c:0b:27:e2:1e:cd:
cb:e2:d9:86:a4:47:2a:d3:db:56:a9:82:c0:8a:46:8b:7d:42:
9c:f1:ba:5f:29:01:7a:77:49:c0:45:96:af:a2:c1:0e:d1:d9:
d3:1b:cb:af:51:f3:8c:12:97:bd:2c:a3:f8:71:a8:2e:e8:e9:
de:c0:79:c9
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVvQst8Ms0f/ZsvNOuRpNxYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTUzZDYyOTdkNGU5NzRmYTJiMGFhMjI0NzlkNzQ1Y2JhNjFjYmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseDP6iTy4VYDzyQVP0oYktltO/m2
IHKGAvkhqDvV+Y9r6d5JWlNVZweIAd7WxBREFY15Ax2uUmhNA4BLHhbLfml4MtYA
UfvPYZf2kNK4ncgePOZQ7unLqTr4nRjxRomzxGmzGoY1lXzBVlMRM58+kYz/zWRe
8FbU0ITkFIanABuN0tVcx2BB17W6bnMcNdDr89xecSXjad1C1Pzt3VwpDDh6+qFF
PVn8+B4AJOGLpmRJ4/kcLMgI6d2W9NtvQJj9AGJPU2RICHSBnBfXaJeH4CBrtLtW
u+AaOHt7Wr1QZHhqjwqjAXm8dJd2d62THiVg1hO0boumQCY+l95w4Sb9MwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGpT1il9TpdPorCqIkeddFy6YcujMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvYWxQV0tYMU9sMC1pc0tvaVI1MTBYTHBoeTZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg6PAPEw
DQYJKoZIhvcNAQELBQADggEBAIGlovHQM37FmHDCDbxseaAV+XT+SidXD8ow30KO
To37EFcmGQJScxIz56lhkpcgRV8nRl+2WUXfCbqQDJ8FgOPJlQ2TMAYE+z7O6nMF
wE78P+QRU+z84vY3aMi/eQpTA1+VkQxY8AWp01fZGrprS4o842KdF7EOjufZ7B8o
pVeK4/gJWGFszsVi+O+BjX+6ywVoDQQh3JVAacuBc4pIthgHt33mGNaDvbfKdXWP
iiddIXLXNjM+1l3cV+LSF53nuBwLJ+Iezcvi2YakRyrT21apgsCKRot9Qpzxul8p
AXp3ScBFlq+iwQ7R2dMby69R84wSl70so/hxqC7o6d7Aeck=
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:00 2024 by rpki-client on console-ams.rpki-client.org