Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/gnfvsHhCofYZzHJ1Zf2ZSg6-5oU.roa
File: gnfvsHhCofYZzHJ1Zf2ZSg6-5oU.roa (raw, json)
Hash identifier: MXajzyIy84ZXzOyVi4mij3GjA0450wosWv04+RbEoBg=
Subject key identifier: 82:77:EF:B0:78:42:A1:F6:19:CC:72:75:65:FD:99:4A:0E:BE:E6:85
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01856F42EA70FF5B016E684911E48EB40ACC
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/gnfvsHhCofYZzHJ1Zf2ZSg6-5oU.roa
Signing time: Sun 01 Jan 2023 21:35:34 +0000
ROA not before: Sun 01 Jan 2023 21:35:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212357
IP address blocks: 2a0e:8f02:f011::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:ea:70:ff:5b:01:6e:68:49:11:e4:8e:b4:0a:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 21:35:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8277efb07842a1f619cc727565fd994a0ebee685
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:30:0a:4a:8b:bc:a8:0a:42:00:c5:a1:ec:46:
4b:66:d7:aa:37:20:c6:4b:0a:5c:4c:f5:20:29:19:
a9:45:6c:ff:93:05:ae:5c:ad:9d:cb:86:ce:00:7b:
25:e7:26:33:cc:80:e9:2f:2e:e6:ca:47:d0:ae:bd:
c5:ee:eb:c7:9e:39:27:e9:73:6f:15:1d:a5:01:eb:
77:5d:90:02:03:06:a7:66:e6:af:59:96:a6:5b:4f:
af:ad:14:0a:9a:03:d6:34:ab:69:a7:27:1c:c1:82:
b5:2b:85:be:3c:4e:80:5e:46:7a:c9:2d:eb:bf:54:
6f:31:21:2e:4b:9f:1f:af:e8:a7:46:1e:75:68:fd:
62:77:64:1a:cf:e6:07:4f:77:9d:d9:9e:c1:1f:90:
64:51:2f:03:f5:51:79:16:e5:2a:9b:63:f0:05:8b:
a2:9a:c7:5d:fa:a9:d2:57:b7:91:9e:47:18:1d:25:
2c:20:5f:02:8a:0c:40:65:67:97:ad:e2:9a:e6:30:
44:a0:a5:bb:a7:3f:5b:64:de:f7:10:79:ad:b7:0d:
2e:3b:06:ec:94:d4:7e:ef:5c:21:11:1e:bf:25:64:
0e:ca:73:01:94:71:1e:39:0a:d0:b3:15:f9:9e:2a:
ee:22:be:27:43:42:2a:7f:9e:89:1f:2f:61:08:44:
00:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:77:EF:B0:78:42:A1:F6:19:CC:72:75:65:FD:99:4A:0E:BE:E6:85
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/gnfvsHhCofYZzHJ1Zf2ZSg6-5oU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f011::/48
Signature Algorithm: sha256WithRSAEncryption
5e:d5:3b:69:7f:70:45:65:60:ce:b9:f9:71:cb:74:fd:f7:a3:
52:be:61:a1:69:b8:7f:b4:dd:6b:a5:52:3c:cb:32:80:2a:7b:
87:8e:02:3e:f1:8b:c9:47:38:30:16:5a:40:f8:0e:fc:e0:27:
08:a1:be:75:8b:b8:94:3f:ae:00:97:8d:05:70:5b:b8:77:bc:
e1:77:96:3e:d7:43:d1:67:84:22:63:ba:c8:b6:0d:de:49:92:
9f:f7:8e:96:e2:23:be:39:e7:54:5b:aa:f5:45:fe:b4:7e:9f:
04:be:af:2e:7c:6c:b4:fb:5a:4f:6c:63:89:47:f5:49:52:7b:
92:01:2a:32:3c:b6:71:86:ab:ec:ef:c1:29:67:5d:62:8b:00:
64:a3:9e:c4:35:c8:ee:03:1a:9a:8f:7b:f9:15:ee:84:48:69:
7e:6d:f0:28:0f:9a:e8:0c:e5:97:67:95:19:6d:35:75:75:cd:
57:85:46:43:6a:25:b0:ca:da:a5:34:64:25:21:a4:06:b8:ff:
be:82:71:8c:6d:f9:a9:60:17:c7:ea:f7:6c:3b:45:ef:a8:43:
9e:c1:fb:b3:f3:64:26:2f:38:47:5d:24:fb:2a:8e:2c:c1:50:
24:14:f0:b2:09:64:d8:0c:8b:0f:10:ae:f5:b1:fc:13:35:5c:
43:61:15:0e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQupw/1sBbmhJEeSOtArMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mjc3ZWZiMDc4NDJhMWY2MTljYzcyNzU2NWZkOTk0YTBlYmVlNjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTAKSou8qApCAMWh7EZLZteqNyDG
SwpcTPUgKRmpRWz/kwWuXK2dy4bOAHsl5yYzzIDpLy7mykfQrr3F7uvHnjkn6XNv
FR2lAet3XZACAwanZuavWZamW0+vrRQKmgPWNKtppyccwYK1K4W+PE6AXkZ6yS3r
v1RvMSEuS58fr+inRh51aP1id2Qaz+YHT3ed2Z7BH5BkUS8D9VF5FuUqm2PwBYui
msdd+qnSV7eRnkcYHSUsIF8CigxAZWeXreKa5jBEoKW7pz9bZN73EHmttw0uOwbs
lNR+71whER6/JWQOynMBlHEeOQrQsxX5niruIr4nQ0Iqf56JHy9hCEQAlwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIJ377B4QqH2GcxydWX9mUoOvuaFMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvZ25mdnNIaENvZllaekhKMVpmMlpTZzYtNW9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvAR
MA0GCSqGSIb3DQEBCwUAA4IBAQBe1Ttpf3BFZWDOuflxy3T996NSvmGhabh/tN1r
pVI8yzKAKnuHjgI+8YvJRzgwFlpA+A784CcIob51i7iUP64Al40FcFu4d7zhd5Y+
10PRZ4QiY7rItg3eSZKf946W4iO+OedUW6r1Rf60fp8Evq8ufGy0+1pPbGOJR/VJ
UnuSASoyPLZxhqvs78EpZ11iiwBko57ENcjuAxqaj3v5Fe6ESGl+bfAoD5roDOWX
Z5UZbTV1dc1XhUZDaiWwytqlNGQlIaQGuP++gnGMbfmpYBfH6vdsO0XvqEOewfuz
82QmLzhHXST7Ko4swVAkFPCyCWTYDIsPEK71sfwTNVxDYRUO
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:52 2024 by rpki-client on console-fra.rpki-client.org