Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/oqB5X9RFP_IXqTBVLnCF7Z3RaAY.roa
File: oqB5X9RFP_IXqTBVLnCF7Z3RaAY.roa (raw, json)
Hash identifier: /NSFeUu5i9aNO2fBs1YT3HXR0j6gj0b6BE4kpIcjh0o=
Subject key identifier: A2:A0:79:5F:D4:45:3F:F2:17:A9:30:55:2E:70:85:ED:9D:D1:68:06
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 0188424A9821ACD5B5ED6A547F12BBDF0E25
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/oqB5X9RFP_IXqTBVLnCF7Z3RaAY.roa
Signing time: Mon 22 May 2023 07:09:24 +0000
ROA not before: Mon 22 May 2023 07:09:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57403
IP address blocks: 2a0e:8f02:f04f::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:42:4a:98:21:ac:d5:b5:ed:6a:54:7f:12:bb:df:0e:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: May 22 07:09:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2a0795fd4453ff217a930552e7085ed9dd16806
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e3:9a:81:6e:12:99:0a:9a:6b:f7:8e:ea:b8:
c9:17:0a:0d:9d:40:c4:c7:30:7b:e1:46:67:19:21:
42:44:13:c9:b7:04:2d:73:32:53:f2:80:83:7c:30:
59:24:e7:a0:3c:94:74:5d:93:31:5c:ed:79:53:c1:
7b:f5:ae:5e:05:5b:ff:94:8a:05:b1:58:a8:40:44:
d9:70:85:83:1f:49:1b:b0:3c:92:9d:c2:1c:05:0a:
a7:6c:fc:fd:01:df:7c:62:c2:99:32:c3:2c:de:9c:
4b:71:5d:6e:13:9f:a1:9f:32:f8:ce:1f:d3:50:5f:
9f:f8:f7:e4:4d:12:f5:51:b5:3e:eb:ef:97:7e:f2:
96:c6:53:7e:5b:fe:02:ec:5f:bb:5b:5a:25:a7:5e:
58:ae:5a:92:d8:a7:f3:42:46:1f:4b:18:6a:fc:6e:
fd:5a:4f:a3:50:57:8a:d5:e5:1e:73:33:0f:25:9c:
b6:91:cf:b3:a0:98:2b:ad:99:79:ab:28:1f:89:74:
fc:f7:d7:59:8e:20:b7:d0:c0:57:85:08:03:22:b7:
56:57:e7:57:ad:04:2a:3d:d8:96:13:71:1f:65:c1:
c1:5e:ae:04:e1:8f:51:e4:40:27:f1:dc:03:af:bb:
19:8b:34:2b:b8:56:5d:ea:d8:62:ae:42:d0:da:d5:
a7:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:A0:79:5F:D4:45:3F:F2:17:A9:30:55:2E:70:85:ED:9D:D1:68:06
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/oqB5X9RFP_IXqTBVLnCF7Z3RaAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f04f::/48
Signature Algorithm: sha256WithRSAEncryption
8d:54:6e:13:ed:4f:51:19:ac:58:a0:25:59:31:23:30:03:d0:
70:32:3e:46:ca:45:09:d0:f9:b8:b3:36:95:ec:d0:7d:9b:61:
05:e8:d3:8f:c9:07:8a:18:be:95:85:b8:2a:54:4f:76:48:e8:
ca:82:01:44:ea:be:2a:8b:04:2f:3d:63:3b:63:c7:c8:b1:d1:
b0:74:4f:8b:59:da:20:0c:17:29:56:33:70:06:ae:e1:e6:86:
44:b5:f3:93:33:ea:1c:94:d7:c9:0a:9b:74:f9:c7:4e:3a:50:
ac:4d:62:a8:0b:ee:9a:9b:9e:c2:83:39:45:45:bd:1d:8b:0a:
ff:69:35:81:3f:b4:0c:ab:33:30:07:0b:f9:b7:57:e0:8d:80:
4c:64:fd:3d:91:fe:58:a7:16:de:ca:71:82:46:6c:63:d5:32:
4a:85:ad:20:67:5b:7b:3c:48:74:92:78:39:ee:0b:56:0d:d3:
57:e7:fc:56:03:d9:d0:4b:f9:63:bd:5b:77:29:66:2b:32:1d:
26:14:1a:89:6c:eb:0e:bd:19:cc:df:27:c0:9d:4c:3f:25:1e:
c8:a7:07:83:6a:d4:44:ff:61:16:6c:5a:50:1b:84:f0:30:77:
b8:76:d1:7a:d6:9a:e3:95:e3:ea:88:37:35:23:00:b8:e3:67:
f1:6d:71:a2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYhCSpghrNW17WpUfxK73w4lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwNTIyMDcwOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmEwNzk1ZmQ0NDUzZmYyMTdhOTMwNTUyZTcwODVlZDlkZDE2ODA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOOagW4SmQqaa/eO6rjJFwoNnUDE
xzB74UZnGSFCRBPJtwQtczJT8oCDfDBZJOegPJR0XZMxXO15U8F79a5eBVv/lIoF
sVioQETZcIWDH0kbsDySncIcBQqnbPz9Ad98YsKZMsMs3pxLcV1uE5+hnzL4zh/T
UF+f+PfkTRL1UbU+6++XfvKWxlN+W/4C7F+7W1olp15YrlqS2KfzQkYfSxhq/G79
Wk+jUFeK1eUeczMPJZy2kc+zoJgrrZl5qygfiXT899dZjiC30MBXhQgDIrdWV+dX
rQQqPdiWE3EfZcHBXq4E4Y9R5EAn8dwDr7sZizQruFZd6thirkLQ2tWncwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKKgeV/URT/yF6kwVS5whe2d0WgGMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvb3FCNVg5UkZQX0lYcVRCVkxuQ0Y3WjNSYUFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvBP
MA0GCSqGSIb3DQEBCwUAA4IBAQCNVG4T7U9RGaxYoCVZMSMwA9BwMj5GykUJ0Pm4
szaV7NB9m2EF6NOPyQeKGL6VhbgqVE92SOjKggFE6r4qiwQvPWM7Y8fIsdGwdE+L
WdogDBcpVjNwBq7h5oZEtfOTM+oclNfJCpt0+cdOOlCsTWKoC+6am57CgzlFRb0d
iwr/aTWBP7QMqzMwBwv5t1fgjYBMZP09kf5YpxbeynGCRmxj1TJKha0gZ1t7PEh0
kng57gtWDdNX5/xWA9nQS/ljvVt3KWYrMh0mFBqJbOsOvRnM3yfAnUw/JR7IpweD
atRE/2EWbFpQG4TwMHe4dtF61prjlePqiDc1IwC442fxbXGi
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:52 2024 by rpki-client on console-fra.rpki-client.org