Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/fC5XIX7z1Mi2bDW502L2WPjHFCk.roa
File: fC5XIX7z1Mi2bDW502L2WPjHFCk.roa (raw, json)
Hash identifier: WLOhZkqnzStPL8uz6608TjsxHgecM5M8HdVOwBwfKSM=
Subject key identifier: 7C:2E:57:21:7E:F3:D4:C8:B6:6C:35:B9:D3:62:F6:58:F8:C7:14:29
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01856F42E64523A14B2B99006A8A3A42E8D0
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/fC5XIX7z1Mi2bDW502L2WPjHFCk.roa
Signing time: Sun 01 Jan 2023 21:35:33 +0000
ROA not before: Sun 01 Jan 2023 21:35:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212154
IP address blocks: 2a0e:8f02:f047::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:e6:45:23:a1:4b:2b:99:00:6a:8a:3a:42:e8:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 21:35:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c2e57217ef3d4c8b66c35b9d362f658f8c71429
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ab:e6:d5:29:ed:36:41:8b:56:fc:1b:3f:bd:
2a:51:1e:73:9f:4f:8c:48:cf:e1:f2:8a:1f:2b:32:
cd:9a:70:ad:68:34:4e:e1:b0:91:6b:d8:e7:b9:d7:
a8:5d:a4:08:bb:ad:1a:11:a8:37:5b:f2:41:7c:05:
7e:09:a8:b9:94:bb:8a:42:dc:27:82:3c:9b:f8:05:
12:af:ea:ed:0b:30:62:33:b3:ca:19:5f:2f:89:2b:
21:d5:b1:95:0b:ba:72:7f:89:ec:c4:b1:e8:26:a7:
e2:fa:8b:f7:34:6a:24:bb:bc:8e:51:c3:df:17:54:
8d:41:55:35:12:0b:a9:0f:8c:77:00:12:59:86:72:
14:9e:87:20:ca:48:e6:60:c5:0b:f7:96:64:fb:2c:
38:15:ca:ee:e9:83:6e:ce:5c:9c:cf:06:40:ff:23:
b2:de:1f:8c:ef:8d:54:89:4e:34:52:e9:94:46:53:
de:c6:bb:c0:1b:6e:6c:57:be:9c:a6:ac:78:78:7c:
10:b8:bd:7c:c3:75:2a:74:5f:91:2c:4f:a4:ee:f1:
0b:6c:ef:dc:92:b4:13:ce:cd:98:0d:8b:d2:9c:b3:
32:b1:4e:c3:53:14:1f:b3:a0:8c:09:5e:c9:bd:fe:
f8:ce:a3:a7:28:f0:79:8c:7d:75:65:47:3a:a7:8c:
87:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:2E:57:21:7E:F3:D4:C8:B6:6C:35:B9:D3:62:F6:58:F8:C7:14:29
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/fC5XIX7z1Mi2bDW502L2WPjHFCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f047::/48
Signature Algorithm: sha256WithRSAEncryption
22:1c:6f:1d:0e:37:66:f1:33:cb:42:18:60:d9:7a:f3:29:67:
c7:7d:11:6c:46:64:9c:e7:e7:e8:8f:f0:d9:5b:af:60:f7:d1:
11:21:09:20:f7:d6:79:13:0c:76:ed:04:bf:e6:35:61:28:9c:
c4:06:96:6c:ed:e3:6b:b1:6c:45:42:49:cd:ce:ef:fa:53:06:
43:e8:3d:c0:40:c4:4e:c9:d9:0d:27:40:33:c7:46:92:5e:a0:
5f:b8:12:53:6e:04:e8:a3:7b:da:e6:d0:2f:a6:26:36:78:3c:
5b:55:19:24:0b:00:6c:ef:ed:df:7a:14:20:f8:e2:0b:5a:e8:
b4:5b:35:2a:4f:1d:f3:ad:2b:af:21:ba:c5:61:e1:1f:3f:95:
10:b1:cf:74:bc:ae:e5:db:22:0c:f9:5d:80:8c:6c:55:13:8a:
cc:ab:a7:4c:4d:11:f3:55:84:a3:6e:86:96:49:bf:c9:82:a9:
fe:d1:5a:33:cc:de:ad:81:a8:c8:a4:05:aa:a4:b3:66:6c:21:
97:10:df:07:cd:48:8a:45:c4:a0:63:0e:01:47:55:49:00:c4:
6c:96:64:71:9f:0e:f1:01:51:6e:de:d5:85:90:42:56:0f:e6:
30:98:88:81:b0:6c:01:fd:53:dc:25:5c:f7:79:48:1f:4e:3e:
a5:bb:69:a1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQuZFI6FLK5kAaoo6QujQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzJlNTcyMTdlZjNkNGM4YjY2YzM1YjlkMzYyZjY1OGY4YzcxNDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKvm1SntNkGLVvwbP70qUR5zn0+M
SM/h8oofKzLNmnCtaDRO4bCRa9jnudeoXaQIu60aEag3W/JBfAV+Cai5lLuKQtwn
gjyb+AUSr+rtCzBiM7PKGV8viSsh1bGVC7pyf4nsxLHoJqfi+ov3NGoku7yOUcPf
F1SNQVU1EgupD4x3ABJZhnIUnocgykjmYMUL95Zk+yw4Fcru6YNuzlyczwZA/yOy
3h+M741UiU40UumURlPexrvAG25sV76cpqx4eHwQuL18w3UqdF+RLE+k7vELbO/c
krQTzs2YDYvSnLMysU7DUxQfs6CMCV7Jvf74zqOnKPB5jH11ZUc6p4yHDQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHwuVyF+89TItmw1udNi9lj4xxQpMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvZkM1WElYN3oxTWkyYkRXNTAyTDJXUGpIRkNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvBH
MA0GCSqGSIb3DQEBCwUAA4IBAQAiHG8dDjdm8TPLQhhg2XrzKWfHfRFsRmSc5+fo
j/DZW69g99ERIQkg99Z5Ewx27QS/5jVhKJzEBpZs7eNrsWxFQknNzu/6UwZD6D3A
QMROydkNJ0Azx0aSXqBfuBJTbgToo3va5tAvpiY2eDxbVRkkCwBs7+3fehQg+OIL
Wui0WzUqTx3zrSuvIbrFYeEfP5UQsc90vK7l2yIM+V2AjGxVE4rMq6dMTRHzVYSj
boaWSb/Jgqn+0VozzN6tgajIpAWqpLNmbCGXEN8HzUiKRcSgYw4BR1VJAMRslmRx
nw7xAVFu3tWFkEJWD+YwmIiBsGwB/VPcJVz3eUgfTj6lu2mh
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:00 2024 by rpki-client on console-ams.rpki-client.org