Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/lycDc3afzd2c3-EWksr8mbtgN8Y.roa
File: lycDc3afzd2c3-EWksr8mbtgN8Y.roa (raw, json)
Hash identifier: snwV5e48VAU9eo8bX34ox0AlLdzcB1NU8EgbWPqt7Js=
Subject key identifier: 97:27:03:73:76:9F:CD:DD:9C:DF:E1:16:92:CA:FC:99:BB:60:37:C6
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01856F42D9C7001201255DB4CE4E9A990F09
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/lycDc3afzd2c3-EWksr8mbtgN8Y.roa
Signing time: Sun 01 Jan 2023 21:35:30 +0000
ROA not before: Sun 01 Jan 2023 21:35:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211168
IP address blocks: 2a0e:8f02:2170::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:d9:c7:00:12:01:25:5d:b4:ce:4e:9a:99:0f:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 21:35:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97270373769fcddd9cdfe11692cafc99bb6037c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:c4:d9:f1:0a:b5:61:cb:0a:98:d1:70:7d:27:
40:59:57:fa:b2:4a:2c:f9:9c:16:5b:e7:a4:99:ae:
75:26:dd:30:ef:f8:c6:d7:a7:0f:89:07:cd:a7:d3:
ca:04:40:d7:7e:e1:68:e8:9a:a5:b3:35:69:f6:c5:
3b:c2:a0:f9:91:2c:a4:40:56:bd:59:b0:23:7f:11:
ed:26:60:94:4c:1c:88:e6:44:64:3c:a1:1b:40:c4:
8e:e3:49:9c:aa:27:cf:d1:7f:30:26:55:1d:da:b6:
0e:85:f8:77:8f:f7:4c:63:c3:4e:35:55:16:57:cb:
3a:1c:f4:74:1b:85:40:34:1b:24:5a:1a:00:44:a5:
42:94:58:bb:18:a4:70:bc:0e:b6:c6:84:2e:4f:07:
bd:af:50:5a:24:0f:26:d8:b3:c8:72:ac:c4:13:3a:
13:5d:55:3e:99:cb:dc:58:a3:9f:93:8e:d2:58:f6:
e5:de:74:c6:a5:0f:17:5a:77:54:2e:5c:af:f3:9e:
7d:cd:08:c3:44:1c:3a:f7:cd:ea:9a:d0:22:f0:10:
38:41:c0:11:17:50:f9:e0:0f:ad:0e:77:86:af:bc:
88:1e:e2:93:86:fe:fa:23:05:2d:d6:50:00:d4:f0:
fb:18:74:a2:87:e6:32:52:83:fb:7a:8c:5c:07:e9:
05:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:27:03:73:76:9F:CD:DD:9C:DF:E1:16:92:CA:FC:99:BB:60:37:C6
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/lycDc3afzd2c3-EWksr8mbtgN8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:2170::/44
Signature Algorithm: sha256WithRSAEncryption
a9:cf:94:0a:d5:20:d0:a4:25:51:fd:4a:75:79:3d:50:75:c1:
cf:89:cd:da:2e:0b:49:5e:d8:e6:5f:f8:c4:91:40:65:cd:d4:
b8:89:cb:79:60:15:0c:54:e0:69:c3:fa:06:2c:9a:71:92:b2:
8a:25:c5:b6:4c:0c:32:af:88:73:98:26:26:15:e1:34:5c:69:
7e:70:43:c2:3d:b6:e7:ef:af:d1:ad:88:15:8c:b5:82:91:97:
1f:5d:5e:c4:88:c5:01:de:1c:f6:51:82:e9:79:45:38:d7:1b:
d3:37:4f:37:ba:87:58:ce:3c:34:2b:5a:51:cd:1d:eb:35:2d:
51:0c:27:7b:3c:d5:4e:5d:e7:ed:95:0e:b3:ad:9b:d2:56:44:
5c:fc:bf:33:1f:a3:9a:40:c4:11:1c:66:df:fa:f1:d1:f6:8d:
9e:f0:de:de:63:3a:14:a7:fe:55:b3:72:4a:b9:75:95:d0:af:
e7:f8:a1:e6:e3:4a:e0:a4:54:bd:8f:4c:d3:9f:ec:e9:ea:c1:
00:6c:3e:b6:d3:38:98:3b:fc:03:c7:09:9b:a3:b7:66:d9:ff:
15:72:35:06:5d:93:ef:12:99:1a:df:5c:55:7b:41:88:3c:33:
bc:86:77:b9:ed:e8:51:19:c5:a9:a6:4d:b4:85:50:c5:90:04:
e9:fb:ae:d4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQtnHABIBJV20zk6amQ8JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzI3MDM3Mzc2OWZjZGRkOWNkZmUxMTY5MmNhZmM5OWJiNjAzN2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhcTZ8Qq1YcsKmNFwfSdAWVf6skos
+ZwWW+ekma51Jt0w7/jG16cPiQfNp9PKBEDXfuFo6JqlszVp9sU7wqD5kSykQFa9
WbAjfxHtJmCUTByI5kRkPKEbQMSO40mcqifP0X8wJlUd2rYOhfh3j/dMY8NONVUW
V8s6HPR0G4VANBskWhoARKVClFi7GKRwvA62xoQuTwe9r1BaJA8m2LPIcqzEEzoT
XVU+mcvcWKOfk47SWPbl3nTGpQ8XWndULlyv8559zQjDRBw6983qmtAi8BA4QcAR
F1D54A+tDneGr7yIHuKThv76IwUt1lAA1PD7GHSih+YyUoP7eoxcB+kF4wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJcnA3N2n83dnN/hFpLK/Jm7YDfGMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvbHljRGMzYWZ6ZDJjMy1FV2tzcjhtYnRnTjhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6PAiFw
MA0GCSqGSIb3DQEBCwUAA4IBAQCpz5QK1SDQpCVR/Up1eT1QdcHPic3aLgtJXtjm
X/jEkUBlzdS4ict5YBUMVOBpw/oGLJpxkrKKJcW2TAwyr4hzmCYmFeE0XGl+cEPC
Pbbn76/RrYgVjLWCkZcfXV7EiMUB3hz2UYLpeUU41xvTN083uodYzjw0K1pRzR3r
NS1RDCd7PNVOXeftlQ6zrZvSVkRc/L8zH6OaQMQRHGbf+vHR9o2e8N7eYzoUp/5V
s3JKuXWV0K/n+KHm40rgpFS9j0zTn+zp6sEAbD620ziYO/wDxwmbo7dm2f8VcjUG
XZPvEpka31xVe0GIPDO8hne57ehRGcWppk20hVDFkATp+67U
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:00 2024 by rpki-client on console-ams.rpki-client.org