Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/askeYKFeBnggoRCSl-jWF0AixXc.roa
File: askeYKFeBnggoRCSl-jWF0AixXc.roa (raw, json)
Hash identifier: AOpvPa6XEX14y9+7W5oc+F5FY2qPnV3y1LIKj/E6arY=
Subject key identifier: 6A:C9:1E:60:A1:5E:06:78:20:A1:10:92:97:E8:D6:17:40:22:C5:77
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01856F42EB6CD97697F4C63DEE81E073D4BF
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/askeYKFeBnggoRCSl-jWF0AixXc.roa
Signing time: Sun 01 Jan 2023 21:35:34 +0000
ROA not before: Sun 01 Jan 2023 21:35:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212359
IP address blocks: 2a0e:8f02:f00e::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:eb:6c:d9:76:97:f4:c6:3d:ee:81:e0:73:d4:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 21:35:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ac91e60a15e067820a1109297e8d6174022c577
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:2a:a9:60:cb:e4:b8:49:8f:11:7b:d6:d3:e4:
6e:3f:a5:51:b3:57:54:85:cf:92:93:9c:3f:37:eb:
a0:db:aa:62:a6:09:68:f7:3d:00:73:65:5d:00:6f:
da:89:bb:65:33:30:30:58:5e:8f:14:0e:b9:43:5c:
c4:fa:10:b8:ba:08:fb:5d:73:8a:61:e7:4f:91:27:
59:d5:9a:1c:c8:d7:20:7d:44:d4:a7:0b:2a:13:1e:
b1:7e:ec:34:e5:7f:c0:7c:ed:77:e0:d9:b8:23:fa:
f9:0c:62:df:fa:cc:bc:fb:77:67:67:ba:0d:2c:a1:
1e:f5:1a:3b:8c:3d:85:ee:65:82:6a:42:3b:14:0a:
37:d1:32:6b:0a:71:81:52:f4:7b:1c:b0:30:ed:6e:
e8:0a:e9:80:c4:06:2b:ac:92:0e:23:a9:30:24:75:
89:a8:ad:34:96:1b:02:6c:c4:c2:ba:73:35:6b:0a:
59:dd:61:a9:d2:12:db:92:16:28:83:9e:ee:1f:56:
8b:fa:a4:50:07:f3:0d:c6:99:23:8c:30:c1:93:37:
bd:3b:d5:04:27:92:ef:6d:e4:18:2b:d7:0c:a2:47:
4e:e1:df:dc:3a:45:60:4c:ed:3a:f1:db:82:3f:bd:
56:da:2d:7f:fc:b0:ce:2c:35:de:38:16:b2:a6:c0:
f1:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:C9:1E:60:A1:5E:06:78:20:A1:10:92:97:E8:D6:17:40:22:C5:77
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/askeYKFeBnggoRCSl-jWF0AixXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f00e::/48
Signature Algorithm: sha256WithRSAEncryption
8d:37:4c:5d:6e:50:ee:eb:68:55:b4:0b:b5:9c:5f:16:b3:ff:
b7:ac:2a:d9:a6:83:a3:6f:d3:75:38:17:fc:6a:81:83:14:e2:
32:f4:a4:9a:b0:76:d5:34:4f:29:ff:86:34:a3:fe:e5:64:93:
93:d7:17:ce:1d:52:78:4d:f2:ac:9a:fe:57:81:1f:15:18:08:
7a:ed:b0:1b:68:18:d2:df:57:2d:6b:43:bd:bd:c7:b8:2c:9d:
97:b5:00:56:ec:81:84:fa:1d:a2:b5:2c:18:5c:1b:fc:6a:74:
fe:e1:13:0d:0e:86:a5:43:61:5e:2e:63:88:5f:73:fc:29:45:
d2:97:ba:ec:a7:be:e2:12:f8:57:76:ab:ed:bc:d9:27:1c:76:
fa:91:c9:4f:9b:5d:94:35:dd:e7:4e:c6:94:de:88:28:56:12:
e3:79:0f:9a:6f:53:53:82:88:8c:4a:a3:c6:53:75:00:e1:3c:
bc:f9:85:97:d6:d0:a6:d6:22:64:47:12:22:7e:14:35:ab:f7:
3f:58:1d:a8:1b:7c:a9:e3:41:61:45:0e:df:a1:5f:11:a9:0d:
bf:49:fc:eb:12:28:93:71:bd:0d:a7:ac:2c:e0:81:83:0b:9f:
00:75:ea:8e:d4:d0:8d:20:e0:03:3a:47:44:88:3c:f4:dc:37:
c6:a2:51:cb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQuts2XaX9MY97oHgc9S/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWM5MWU2MGExNWUwNjc4MjBhMTEwOTI5N2U4ZDYxNzQwMjJjNTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2CqpYMvkuEmPEXvW0+RuP6VRs1dU
hc+Sk5w/N+ug26pipglo9z0Ac2VdAG/aibtlMzAwWF6PFA65Q1zE+hC4ugj7XXOK
YedPkSdZ1ZocyNcgfUTUpwsqEx6xfuw05X/AfO134Nm4I/r5DGLf+sy8+3dnZ7oN
LKEe9Ro7jD2F7mWCakI7FAo30TJrCnGBUvR7HLAw7W7oCumAxAYrrJIOI6kwJHWJ
qK00lhsCbMTCunM1awpZ3WGp0hLbkhYog57uH1aL+qRQB/MNxpkjjDDBkze9O9UE
J5LvbeQYK9cMokdO4d/cOkVgTO068duCP71W2i1//LDOLDXeOBaypsDxvwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGrJHmChXgZ4IKEQkpfo1hdAIsV3MB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvYXNrZVlLRmVCbmdnb1JDU2wtaldGMEFpeFhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvAO
MA0GCSqGSIb3DQEBCwUAA4IBAQCNN0xdblDu62hVtAu1nF8Ws/+3rCrZpoOjb9N1
OBf8aoGDFOIy9KSasHbVNE8p/4Y0o/7lZJOT1xfOHVJ4TfKsmv5XgR8VGAh67bAb
aBjS31cta0O9vce4LJ2XtQBW7IGE+h2itSwYXBv8anT+4RMNDoalQ2FeLmOIX3P8
KUXSl7rsp77iEvhXdqvtvNknHHb6kclPm12UNd3nTsaU3ogoVhLjeQ+ab1NTgoiM
SqPGU3UA4Ty8+YWX1tCm1iJkRxIifhQ1q/c/WB2oG3yp40FhRQ7foV8RqQ2/Sfzr
EiiTcb0Np6ws4IGDC58AdeqO1NCNIOADOkdEiDz03DfGolHL
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:52 2024 by rpki-client on console-fra.rpki-client.org