Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/iq0xO409rVmvkPCYpua8bm79z6o.roa
File: iq0xO409rVmvkPCYpua8bm79z6o.roa (raw, json)
Hash identifier: GD678v3vTF1gcqLU4294JiEvdNth1GOEl2ngGPQEp04=
Subject key identifier: 8A:AD:31:3B:8D:3D:AD:59:AF:90:F0:98:A6:E6:BC:6E:6E:FD:CF:AA
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01856F42E0D62D833BD98C980CFFD9683656
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/iq0xO409rVmvkPCYpua8bm79z6o.roa
Signing time: Sun 01 Jan 2023 21:35:31 +0000
ROA not before: Sun 01 Jan 2023 21:35:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211635
IP address blocks: 2a0e:8f02:2120::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:e0:d6:2d:83:3b:d9:8c:98:0c:ff:d9:68:36:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 21:35:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8aad313b8d3dad59af90f098a6e6bc6e6efdcfaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:8e:9d:fb:cf:ee:49:4d:5b:5b:99:30:55:81:
40:9e:7d:db:7e:e4:04:97:72:4b:b1:f1:ec:34:e1:
bc:fe:65:79:f4:81:ba:f1:7f:cd:2c:d3:a5:13:d7:
b0:f9:37:f1:93:a1:e8:b2:8d:ad:99:75:c2:90:36:
e5:10:7d:a9:75:15:b6:38:7a:4b:11:c8:7a:47:f9:
f5:77:1b:fa:0c:29:65:43:03:05:f5:de:47:38:01:
39:f7:4b:a4:af:3c:25:cf:f6:23:91:ce:8b:fd:23:
e7:6e:eb:a0:42:8e:46:a0:60:c4:9b:c1:7f:9b:d7:
2c:28:fb:98:56:c5:ac:b1:dd:63:ef:a7:9a:52:18:
83:1b:db:57:04:ce:9a:a6:a1:be:da:c6:eb:c2:ea:
37:64:b5:6e:e9:c7:28:e2:6a:37:87:40:5e:bc:b4:
31:80:25:0a:80:fa:b1:98:e3:2d:f6:42:60:c2:4f:
12:84:48:2b:93:f4:22:79:c3:32:7a:19:cc:9e:3f:
6a:84:79:ea:0c:c9:9c:a7:88:6f:50:97:01:a6:34:
65:7e:63:4c:29:c7:88:64:28:ce:c8:76:6e:32:cf:
48:aa:17:8d:5e:68:4e:76:72:92:aa:5d:d8:ad:a9:
e7:c2:ca:8a:77:14:77:52:0d:bd:fe:39:8c:c3:22:
4d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:AD:31:3B:8D:3D:AD:59:AF:90:F0:98:A6:E6:BC:6E:6E:FD:CF:AA
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/iq0xO409rVmvkPCYpua8bm79z6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:2120::/44
Signature Algorithm: sha256WithRSAEncryption
75:93:67:f7:b1:46:b8:04:75:f7:6c:84:c1:63:29:0c:49:9a:
54:77:7b:18:a6:80:ec:ab:61:12:c0:83:54:e8:ce:26:57:f5:
43:b5:24:d8:14:70:9e:50:52:8a:42:2f:10:8a:3c:ae:a7:52:
c5:79:ff:14:49:be:46:09:03:82:9b:4c:fc:98:46:ad:65:bd:
86:63:49:1e:73:c4:db:7b:59:ee:e6:93:a2:de:a7:0d:64:e4:
3c:16:ee:72:b4:bb:1a:5a:d3:84:f8:0b:e3:cc:41:c3:f1:26:
0f:52:94:a8:03:f5:2d:ae:f5:30:79:8e:1e:0c:d9:28:a9:6d:
97:20:09:83:ae:00:d3:97:55:fd:d0:eb:f0:4b:b4:84:c0:97:
a1:b6:32:d1:a2:cb:f3:74:1e:34:86:4f:17:32:8b:a0:ab:81:
f9:ca:ac:aa:18:3e:6d:bf:b2:7d:73:1a:40:07:05:2f:12:9e:
bf:8b:5d:17:58:73:b7:b4:50:39:80:cd:67:9b:1d:20:e0:83:
ef:f3:d1:96:18:af:dc:9d:21:ac:e1:f4:b0:f8:0e:d4:db:8e:
82:33:c1:26:5f:e9:84:f1:9a:78:a8:8b:0c:d4:50:f7:6e:bb:
cd:0a:d2:05:c1:d2:d7:51:68:c2:ad:a0:9f:ca:3b:69:e3:29:
4e:bd:6b:07
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQuDWLYM72YyYDP/ZaDZWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWFkMzEzYjhkM2RhZDU5YWY5MGYwOThhNmU2YmM2ZTZlZmRjZmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1o6d+8/uSU1bW5kwVYFAnn3bfuQE
l3JLsfHsNOG8/mV59IG68X/NLNOlE9ew+Tfxk6Hoso2tmXXCkDblEH2pdRW2OHpL
Ech6R/n1dxv6DCllQwMF9d5HOAE590ukrzwlz/Yjkc6L/SPnbuugQo5GoGDEm8F/
m9csKPuYVsWssd1j76eaUhiDG9tXBM6apqG+2sbrwuo3ZLVu6cco4mo3h0BevLQx
gCUKgPqxmOMt9kJgwk8ShEgrk/QiecMyehnMnj9qhHnqDMmcp4hvUJcBpjRlfmNM
KceIZCjOyHZuMs9IqheNXmhOdnKSql3YrannwsqKdxR3Ug29/jmMwyJNLQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIqtMTuNPa1Zr5DwmKbmvG5u/c+qMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvaXEweE80MDlyVm12a1BDWXB1YThibTc5ejZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6PAiEg
MA0GCSqGSIb3DQEBCwUAA4IBAQB1k2f3sUa4BHX3bITBYykMSZpUd3sYpoDsq2ES
wINU6M4mV/VDtSTYFHCeUFKKQi8Qijyup1LFef8USb5GCQOCm0z8mEatZb2GY0ke
c8Tbe1nu5pOi3qcNZOQ8Fu5ytLsaWtOE+AvjzEHD8SYPUpSoA/UtrvUweY4eDNko
qW2XIAmDrgDTl1X90OvwS7SEwJehtjLRosvzdB40hk8XMougq4H5yqyqGD5tv7J9
cxpABwUvEp6/i10XWHO3tFA5gM1nmx0g4IPv89GWGK/cnSGs4fSw+A7U246CM8Em
X+mE8Zp4qIsM1FD3brvNCtIFwdLXUWjCraCfyjtp4ylOvWsH
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:52 2024 by rpki-client on console-fra.rpki-client.org