Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/kMfv8rWhJXrBwKhF1lXjVQXWGo0.roa
File: kMfv8rWhJXrBwKhF1lXjVQXWGo0.roa (raw, json)
Hash identifier: TLV1yiGH51HG0AYHvq+vOPj/DbcA0uaF3MR1W3xDBag=
Subject key identifier: 90:C7:EF:F2:B5:A1:25:7A:C1:C0:A8:45:D6:55:E3:55:05:D6:1A:8D
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 018C38EB50EB1707615A59715AFF2EBBB2FF
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/kMfv8rWhJXrBwKhF1lXjVQXWGo0.roa
Signing time: Tue 05 Dec 2023 07:39:54 +0000
ROA not before: Tue 05 Dec 2023 07:39:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203915
IP address blocks: 2a0e:8f02:f045::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:38:eb:50:eb:17:07:61:5a:59:71:5a:ff:2e:bb:b2:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Dec 5 07:39:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90c7eff2b5a1257ac1c0a845d655e35505d61a8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:9d:f4:f9:2f:99:46:8b:37:85:86:d3:b5:34:
15:11:83:88:79:f9:a6:6d:5f:98:9f:ad:56:01:88:
ec:5a:3d:80:4d:68:5d:f7:25:57:e4:80:41:8d:f5:
6c:6d:ca:be:ed:c0:ce:3c:df:af:96:3a:fb:d8:2a:
c5:8d:05:f1:bf:9b:a9:c4:95:52:ef:eb:9c:59:fe:
05:63:2a:c5:51:c9:77:04:fe:3f:d3:a9:96:ca:06:
e3:e5:9c:04:65:6c:16:49:62:79:17:d5:2a:52:d8:
61:07:b0:3d:0e:74:7d:10:e8:c8:92:e2:fd:d8:b9:
bb:49:56:4a:b2:92:fa:39:82:a4:fc:9b:95:7e:69:
1f:6c:f7:96:3b:77:a1:e5:b9:fb:a4:cd:84:8e:9b:
82:ed:83:8e:a5:e6:0e:c7:1b:2e:8b:40:64:8b:fe:
9e:8e:28:8b:46:bd:ef:c2:58:77:a5:18:9c:c7:de:
9a:fb:c2:aa:eb:f5:7f:f5:9b:bb:46:36:03:a1:2b:
41:45:56:61:67:ec:40:35:89:d0:f9:c5:85:7e:30:
84:9c:4c:bb:27:26:b3:6b:4e:23:02:1a:87:1f:49:
69:79:26:2c:c8:46:c5:34:c5:3e:1b:6d:7f:0e:f1:
e7:ef:b6:a7:43:e1:77:bd:70:9b:11:01:c1:73:0d:
46:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:C7:EF:F2:B5:A1:25:7A:C1:C0:A8:45:D6:55:E3:55:05:D6:1A:8D
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/kMfv8rWhJXrBwKhF1lXjVQXWGo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f045::/48
Signature Algorithm: sha256WithRSAEncryption
07:86:24:12:61:a4:af:dd:11:c3:2c:70:6e:ef:bc:2f:69:75:
f6:84:a0:c8:fa:83:c4:f6:15:95:15:48:94:87:1c:a6:fc:7c:
ec:4c:25:64:53:73:16:31:7f:9c:67:b8:88:53:81:45:cf:24:
38:cc:47:82:80:cd:aa:cb:78:85:d8:b4:17:be:ba:49:b6:bb:
21:cc:e4:8d:ee:98:a5:19:93:d5:c9:e3:62:f1:6f:7c:85:f2:
33:87:f6:19:04:d1:16:43:61:97:ea:69:1b:1d:7c:5e:d1:a9:
60:ac:a7:aa:5c:d3:30:b7:58:c2:33:00:78:8a:c2:55:3e:5f:
11:13:94:2c:af:2e:5b:9a:f6:f8:fc:d4:fa:ba:32:e6:66:b1:
8d:c1:a2:e1:38:92:00:ad:18:37:c8:74:01:3a:8a:8c:99:0e:
9a:f4:65:16:63:48:f9:31:38:85:5e:6e:d3:38:46:77:1b:e1:
f1:19:4c:9a:9b:6c:7e:cd:ca:1c:38:f5:ec:e0:d9:22:2e:74:
fb:51:d4:38:d9:bf:fa:3a:5e:b9:cb:47:42:7d:99:5b:ce:bf:
09:1a:8c:ea:f3:d1:34:5e:a9:a6:4f:86:75:23:6e:9e:0e:3c:
41:0a:64:da:f8:a2:26:1f:72:ff:5a:14:c7:fb:ad:f7:86:8b:
40:0d:a9:58
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYw461DrFwdhWllxWv8uu7L/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMxMjA1MDczOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGM3ZWZmMmI1YTEyNTdhYzFjMGE4NDVkNjU1ZTM1NTA1ZDYxYThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZ30+S+ZRos3hYbTtTQVEYOIefmm
bV+Yn61WAYjsWj2ATWhd9yVX5IBBjfVsbcq+7cDOPN+vljr72CrFjQXxv5upxJVS
7+ucWf4FYyrFUcl3BP4/06mWygbj5ZwEZWwWSWJ5F9UqUthhB7A9DnR9EOjIkuL9
2Lm7SVZKspL6OYKk/JuVfmkfbPeWO3eh5bn7pM2EjpuC7YOOpeYOxxsui0Bki/6e
jiiLRr3vwlh3pRicx96a+8Kq6/V/9Zu7RjYDoStBRVZhZ+xANYnQ+cWFfjCEnEy7
Jyaza04jAhqHH0lpeSYsyEbFNMU+G21/DvHn77anQ+F3vXCbEQHBcw1GBQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJDH7/K1oSV6wcCoRdZV41UF1hqNMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEva01mdjhyV2hKWHJCd0toRjFsWGpWUVhXR28wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvBF
MA0GCSqGSIb3DQEBCwUAA4IBAQAHhiQSYaSv3RHDLHBu77wvaXX2hKDI+oPE9hWV
FUiUhxym/HzsTCVkU3MWMX+cZ7iIU4FFzyQ4zEeCgM2qy3iF2LQXvrpJtrshzOSN
7pilGZPVyeNi8W98hfIzh/YZBNEWQ2GX6mkbHXxe0algrKeqXNMwt1jCMwB4isJV
Pl8RE5Qsry5bmvb4/NT6ujLmZrGNwaLhOJIArRg3yHQBOoqMmQ6a9GUWY0j5MTiF
Xm7TOEZ3G+HxGUyam2x+zcocOPXs4NkiLnT7UdQ42b/6Ol65y0dCfZlbzr8JGozq
89E0XqmmT4Z1I26eDjxBCmTa+KImH3L/WhTH+633hotADalY
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:00 2024 by rpki-client on console-ams.rpki-client.org