Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/cefHHmvwfFCRuebl1RoaF9PPe0I.roa
File: cefHHmvwfFCRuebl1RoaF9PPe0I.roa (raw, json)
Hash identifier: SHv4GGqob0Ilk7e0CUBfiQUbTULCBPXOFf+k0r/L45I=
Subject key identifier: 71:E7:C7:1E:6B:F0:7C:50:91:B9:E6:E5:D5:1A:1A:17:D3:CF:7B:42
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01856F42DA469C58E056E8B32920809B3AAD
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/cefHHmvwfFCRuebl1RoaF9PPe0I.roa
Signing time: Sun 01 Jan 2023 21:35:30 +0000
ROA not before: Sun 01 Jan 2023 21:35:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211242
IP address blocks: 2a0e:8f02:f032::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:da:46:9c:58:e0:56:e8:b3:29:20:80:9b:3a:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 21:35:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71e7c71e6bf07c5091b9e6e5d51a1a17d3cf7b42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:de:50:3c:a1:72:58:59:5d:e7:4e:9d:0b:ed:
d5:67:d5:f3:17:31:8a:d5:a0:23:48:38:37:d2:24:
4f:bf:6a:5f:c4:fb:8b:02:a9:0a:0e:41:7f:75:f5:
b9:d1:84:46:e9:f7:3c:be:ed:11:1a:d6:92:f1:3f:
95:d9:9e:bc:5f:a3:88:58:87:31:8a:1f:12:ec:52:
36:6b:f8:c2:a9:1e:0f:a3:6e:bd:dd:56:dd:7c:64:
17:1f:40:57:cc:11:f0:c9:c9:68:f8:a6:5b:bb:24:
68:38:46:92:58:6f:d4:28:48:fd:ce:99:c6:2d:98:
78:c9:d9:ca:01:87:d9:cc:72:05:9c:62:66:89:8d:
72:e8:bf:de:7a:8e:a7:01:27:ec:fd:eb:aa:fd:6e:
69:80:a1:4b:c8:93:9f:2c:d4:ba:a1:b2:43:b1:f2:
1c:6c:c2:43:fd:10:7a:16:eb:c9:8e:c6:a2:0b:9a:
03:93:bb:6f:82:00:1d:e3:4c:81:e5:53:fd:e9:f8:
a4:56:3f:2f:8d:d1:f3:e5:8d:23:23:d7:a9:59:1e:
35:ae:0f:c9:9e:6d:a9:15:36:92:d1:95:8a:89:12:
19:19:5d:e9:65:8d:6d:77:41:6d:d3:5e:b4:36:cc:
a0:5e:54:9b:14:d5:d8:c9:a2:fc:b8:f1:0a:a7:e3:
57:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:E7:C7:1E:6B:F0:7C:50:91:B9:E6:E5:D5:1A:1A:17:D3:CF:7B:42
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/cefHHmvwfFCRuebl1RoaF9PPe0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f032::/48
Signature Algorithm: sha256WithRSAEncryption
2d:f3:4f:eb:95:07:cf:3e:14:59:44:6d:28:e8:e2:d8:56:9c:
64:f6:98:33:75:1e:78:24:42:e8:fa:04:d0:42:16:86:c5:54:
b3:74:72:16:a8:9d:11:65:5e:52:49:0e:2b:ac:8e:15:bf:03:
dd:45:71:c8:b5:73:ed:8c:69:62:c5:c6:46:d1:3d:b2:c8:77:
c4:6d:76:2c:a4:8d:79:73:7a:45:af:f0:72:8e:bf:ac:b6:a7:
1e:51:72:2d:42:27:b6:3d:53:99:95:43:ea:7f:3f:3b:ad:7c:
e7:f0:51:14:99:ae:86:62:3c:81:f1:fd:9b:da:e8:3b:34:08:
9c:0d:da:ec:96:c8:bc:00:f6:bd:14:77:6b:9a:b1:19:2f:d3:
c6:06:1b:2f:5d:b1:a6:cd:dd:0a:04:f1:3f:39:2c:c9:f0:a5:
bb:50:89:49:45:f6:95:00:8f:f8:7f:fe:b0:80:cb:3c:8f:b5:
4f:ca:41:56:4c:d0:a1:9a:2b:5b:bd:eb:1c:7e:13:1a:08:d6:
a2:bf:3a:d2:40:86:31:47:49:da:fd:bd:79:7a:23:57:5e:9a:
d8:fb:a4:24:0d:12:d4:d8:84:7a:dd:7d:9e:20:0d:d1:1f:00:
72:a3:8a:fa:2b:e6:e1:b3:21:fc:0f:7b:47:79:46:ca:c4:75:
66:4d:ae:29
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQtpGnFjgVuizKSCAmzqtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWU3YzcxZTZiZjA3YzUwOTFiOWU2ZTVkNTFhMWExN2QzY2Y3YjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAst5QPKFyWFld506dC+3VZ9XzFzGK
1aAjSDg30iRPv2pfxPuLAqkKDkF/dfW50YRG6fc8vu0RGtaS8T+V2Z68X6OIWIcx
ih8S7FI2a/jCqR4Po2693VbdfGQXH0BXzBHwyclo+KZbuyRoOEaSWG/UKEj9zpnG
LZh4ydnKAYfZzHIFnGJmiY1y6L/eeo6nASfs/euq/W5pgKFLyJOfLNS6obJDsfIc
bMJD/RB6FuvJjsaiC5oDk7tvggAd40yB5VP96fikVj8vjdHz5Y0jI9epWR41rg/J
nm2pFTaS0ZWKiRIZGV3pZY1td0Ft0160NsygXlSbFNXYyaL8uPEKp+NX7wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHHnxx5r8HxQkbnm5dUaGhfTz3tCMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvY2VmSEhtdndmRkNSdWVibDFSb2FGOVBQZTBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvAy
MA0GCSqGSIb3DQEBCwUAA4IBAQAt80/rlQfPPhRZRG0o6OLYVpxk9pgzdR54JELo
+gTQQhaGxVSzdHIWqJ0RZV5SSQ4rrI4VvwPdRXHItXPtjGlixcZG0T2yyHfEbXYs
pI15c3pFr/Byjr+stqceUXItQie2PVOZlUPqfz87rXzn8FEUma6GYjyB8f2b2ug7
NAicDdrslsi8APa9FHdrmrEZL9PGBhsvXbGmzd0KBPE/OSzJ8KW7UIlJRfaVAI/4
f/6wgMs8j7VPykFWTNChmitbvescfhMaCNaivzrSQIYxR0na/b15eiNXXprY+6Qk
DRLU2IR63X2eIA3RHwByo4r6K+bhsyH8D3tHeUbKxHVmTa4p
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:00 2024 by rpki-client on console-ams.rpki-client.org