Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/cdCqbER_IyE8viUZEY4t9laf254.roa
File: cdCqbER_IyE8viUZEY4t9laf254.roa (raw, json)
Hash identifier: p6O5MEWIFmMkVdXzMgcWgAg6d0atBj4cdfuYYjEgelY=
Subject key identifier: 71:D0:AA:6C:44:7F:23:21:3C:BE:25:19:11:8E:2D:F6:56:9F:DB:9E
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01856F42E86ACFD4FBDEF91DFB1B1B7BDE70
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/cdCqbER_IyE8viUZEY4t9laf254.roa
Signing time: Sun 01 Jan 2023 21:35:33 +0000
ROA not before: Sun 01 Jan 2023 21:35:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212268
IP address blocks: 2a0e:8f02:f014::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:e8:6a:cf:d4:fb:de:f9:1d:fb:1b:1b:7b:de:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 21:35:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71d0aa6c447f23213cbe2519118e2df6569fdb9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:67:62:16:c2:10:c3:f0:05:c5:4f:0c:ea:3a:
79:c3:98:93:73:eb:8d:eb:75:3d:19:7f:27:75:9b:
32:c1:16:9e:ca:d7:37:77:23:04:ed:95:61:bb:a3:
23:fb:bb:18:ec:63:b4:71:0d:48:5f:d6:2a:f1:53:
08:d0:9c:41:e8:3f:46:cb:9e:f7:78:94:81:ca:f7:
46:96:ef:1b:57:44:05:51:ce:b1:e9:14:da:33:14:
fd:11:ab:53:bf:68:74:ea:2b:a3:24:73:23:11:56:
e7:46:3e:56:87:97:b7:db:e4:cf:7a:41:05:c7:65:
ad:6f:bd:d6:c0:f4:65:57:68:59:f6:1d:56:32:8e:
e4:bc:79:fb:cb:63:fd:a8:1c:98:3e:ef:27:5e:c6:
65:0d:3b:41:d1:7b:1f:be:62:90:59:99:6b:e5:9e:
e8:93:32:77:b7:0d:05:50:3c:b9:3f:b9:05:0b:6d:
81:a7:4b:6b:47:ba:46:15:38:52:fa:19:fc:26:0d:
7d:0c:b8:15:01:13:a4:81:39:f5:47:24:07:23:cb:
06:8e:5a:63:b6:7f:86:5e:91:40:ce:57:84:03:14:
b7:43:f4:df:c6:07:3a:45:10:06:7e:28:86:88:88:
1e:04:be:e7:22:1a:01:45:a3:0a:7c:48:1f:0b:3f:
88:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:D0:AA:6C:44:7F:23:21:3C:BE:25:19:11:8E:2D:F6:56:9F:DB:9E
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/cdCqbER_IyE8viUZEY4t9laf254.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f014::/48
Signature Algorithm: sha256WithRSAEncryption
2c:a8:7b:fd:1a:f9:92:84:b3:c1:e2:31:4c:80:b2:02:af:93:
d3:e4:b3:60:7f:0e:d8:b4:cf:e0:93:0d:08:5f:55:8f:e4:8b:
6c:74:a9:89:7f:04:87:4e:37:9d:30:61:da:fe:2f:69:15:5d:
5c:d7:c5:ad:fe:9a:a8:0d:37:c1:cb:c1:ed:7c:35:49:a9:64:
67:4f:65:8c:1c:c5:95:d2:6d:05:cc:9f:4d:48:b1:b8:03:53:
f5:c3:b8:71:7a:16:c7:d4:77:ee:d6:45:cb:8f:bd:c4:aa:16:
31:f3:1d:93:4a:19:99:5e:bd:2f:d4:14:14:fe:0b:da:56:03:
45:9a:67:e8:cd:5b:52:10:b1:3f:b6:c4:d0:7b:0b:aa:ab:87:
31:c5:6a:e8:b2:28:42:8f:9b:37:1f:9c:f1:f5:d1:10:21:8b:
c3:56:7e:a6:f0:4c:e8:f0:f8:22:db:33:5c:4e:60:94:0d:68:
e1:25:ac:2b:3e:5d:22:88:d5:5f:02:12:ad:6b:7f:a7:c7:47:
a7:7d:7f:d3:67:03:0b:f0:ef:2e:00:72:df:d4:69:42:1e:29:
4f:b2:95:d8:86:f5:ef:af:48:c6:48:22:9b:b9:14:4d:e7:1c:
0f:e8:a2:84:a7:b5:ad:10:66:bb:ef:9d:7a:8f:7b:df:df:31:
87:e8:23:6a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQuhqz9T73vkd+xsbe95wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWQwYWE2YzQ0N2YyMzIxM2NiZTI1MTkxMThlMmRmNjU2OWZkYjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWdiFsIQw/AFxU8M6jp5w5iTc+uN
63U9GX8ndZsywRaeytc3dyME7ZVhu6Mj+7sY7GO0cQ1IX9Yq8VMI0JxB6D9Gy573
eJSByvdGlu8bV0QFUc6x6RTaMxT9EatTv2h06iujJHMjEVbnRj5Wh5e32+TPekEF
x2Wtb73WwPRlV2hZ9h1WMo7kvHn7y2P9qByYPu8nXsZlDTtB0XsfvmKQWZlr5Z7o
kzJ3tw0FUDy5P7kFC22Bp0trR7pGFThS+hn8Jg19DLgVAROkgTn1RyQHI8sGjlpj
tn+GXpFAzleEAxS3Q/Tfxgc6RRAGfiiGiIgeBL7nIhoBRaMKfEgfCz+IQwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHHQqmxEfyMhPL4lGRGOLfZWn9ueMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvY2RDcWJFUl9JeUU4dmlVWkVZNHQ5bGFmMjU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvAU
MA0GCSqGSIb3DQEBCwUAA4IBAQAsqHv9GvmShLPB4jFMgLICr5PT5LNgfw7YtM/g
kw0IX1WP5ItsdKmJfwSHTjedMGHa/i9pFV1c18Wt/pqoDTfBy8HtfDVJqWRnT2WM
HMWV0m0FzJ9NSLG4A1P1w7hxehbH1Hfu1kXLj73EqhYx8x2TShmZXr0v1BQU/gva
VgNFmmfozVtSELE/tsTQewuqq4cxxWrosihCj5s3H5zx9dEQIYvDVn6m8Ezo8Pgi
2zNcTmCUDWjhJawrPl0iiNVfAhKta3+nx0enfX/TZwML8O8uAHLf1GlCHilPspXY
hvXvr0jGSCKbuRRN5xwP6KKEp7WtEGa77516j3vf3zGH6CNq
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:00 2024 by rpki-client on console-ams.rpki-client.org