Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/pL6UDo7UTRKYdWD3btRADWpDjpU.roa
File: pL6UDo7UTRKYdWD3btRADWpDjpU.roa (raw, json)
Hash identifier: jfHiYzcXnOSYRr82WIHZnoOnBVN2qCxYAVUpzAuxd4I=
Subject key identifier: A4:BE:94:0E:8E:D4:4D:12:98:75:60:F7:6E:D4:40:0D:6A:43:8E:95
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01856F42D958A98EE2F157B1B0C26A010D89
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/pL6UDo7UTRKYdWD3btRADWpDjpU.roa
Signing time: Sun 01 Jan 2023 21:35:30 +0000
ROA not before: Sun 01 Jan 2023 21:35:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211153
IP address blocks: 2a0e:8f02:2190::/44 maxlen: 48
2a0e:8f02:f034::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:d9:58:a9:8e:e2:f1:57:b1:b0:c2:6a:01:0d:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 21:35:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4be940e8ed44d12987560f76ed4400d6a438e95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:63:e1:09:1a:1e:55:e6:38:bb:6f:22:51:63:
13:17:15:da:5b:13:e7:8d:45:19:0c:b6:1e:50:7e:
56:38:13:bd:9d:ef:a3:66:ab:57:d3:7c:27:7d:01:
85:72:e2:63:5d:ad:ee:92:9c:d2:6b:97:61:c7:eb:
0c:53:fc:4a:7d:34:a6:e8:cc:f8:4f:4a:a3:22:fd:
8d:9c:fe:2e:39:22:75:54:97:d0:7c:43:16:80:b6:
c6:81:2c:97:cd:d1:d5:e6:73:ac:b8:01:ea:74:2d:
8c:be:65:af:6f:60:59:83:71:11:34:4c:e5:b6:12:
f7:e1:14:83:4d:6e:af:42:d0:d0:f9:ed:e2:e4:ee:
ce:ed:e2:3a:c6:da:7c:04:2d:cf:d4:1d:5f:61:64:
dd:13:96:97:7e:a9:bb:bb:11:18:e2:b0:e9:fe:b3:
4c:63:d5:d3:5a:ca:f6:f1:06:df:c8:2f:ae:2c:c3:
32:bf:bd:32:ec:59:94:fb:77:87:7e:05:92:f8:59:
a7:e7:82:f0:66:dd:8b:1a:73:15:18:65:62:24:6b:
9f:6d:a0:ad:53:5f:2a:a6:26:44:dd:f6:af:ac:5a:
70:08:8f:85:e6:3c:cf:b9:2d:c5:9b:a3:1e:41:d6:
7e:cb:3a:07:48:9a:3a:19:b4:90:02:17:d6:71:7e:
11:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:BE:94:0E:8E:D4:4D:12:98:75:60:F7:6E:D4:40:0D:6A:43:8E:95
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/pL6UDo7UTRKYdWD3btRADWpDjpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:2190::/44
2a0e:8f02:f034::/48
Signature Algorithm: sha256WithRSAEncryption
06:ce:fc:2e:79:e1:2f:2c:dc:92:eb:22:24:48:f5:9d:94:31:
6d:09:fb:a1:68:62:20:9f:81:d7:8c:86:1a:5c:e8:b6:1f:21:
c2:c2:85:9d:18:bc:4b:42:f5:23:fa:6d:e2:3c:af:a8:eb:3a:
fd:c0:92:0e:35:f2:a1:1f:82:46:45:00:63:b8:b9:59:53:b5:
1a:b9:d0:69:12:58:f5:21:ce:df:e2:32:e3:be:eb:2e:ad:c8:
33:1b:29:4e:e9:dd:13:41:a4:bb:a5:d3:9d:47:33:e3:22:15:
8c:57:14:26:fc:33:21:be:21:1c:83:45:ce:24:f4:f3:75:24:
08:ab:2c:a5:54:b5:0c:c8:cd:59:74:e5:a0:3d:4a:04:b8:e9:
9f:3f:dc:9d:5c:cc:38:43:f2:23:33:fe:ff:61:f4:56:44:32:
e6:e5:b2:5c:b9:35:df:47:45:c1:ce:d1:ba:78:8f:52:c2:d7:
7d:e0:15:fc:dc:b8:4c:04:7f:6d:ba:9a:77:46:c5:1a:3e:12:
10:53:38:86:db:32:d7:cf:8d:7f:ad:e3:2f:04:27:9c:03:32:
2b:64:62:96:2e:7f:2d:b1:26:98:07:23:68:bd:d6:67:c8:b1:
3c:c9:d7:1a:7b:82:7c:dd:4b:35:db:62:73:96:2c:98:07:e1:
b3:80:b3:64
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvQtlYqY7i8VexsMJqAQ2JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGJlOTQwZThlZDQ0ZDEyOTg3NTYwZjc2ZWQ0NDAwZDZhNDM4ZTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2PhCRoeVeY4u28iUWMTFxXaWxPn
jUUZDLYeUH5WOBO9ne+jZqtX03wnfQGFcuJjXa3ukpzSa5dhx+sMU/xKfTSm6Mz4
T0qjIv2NnP4uOSJ1VJfQfEMWgLbGgSyXzdHV5nOsuAHqdC2MvmWvb2BZg3ERNEzl
thL34RSDTW6vQtDQ+e3i5O7O7eI6xtp8BC3P1B1fYWTdE5aXfqm7uxEY4rDp/rNM
Y9XTWsr28QbfyC+uLMMyv70y7FmU+3eHfgWS+Fmn54LwZt2LGnMVGGViJGufbaCt
U18qpiZE3favrFpwCI+F5jzPuS3Fm6MeQdZ+yzoHSJo6GbSQAhfWcX4RQwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKS+lA6O1E0SmHVg927UQA1qQ46VMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvcEw2VURvN1VUUktZZFdEM2J0UkFEV3BEanBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6PAiGQ
AwcAKg6PAvA0MA0GCSqGSIb3DQEBCwUAA4IBAQAGzvwueeEvLNyS6yIkSPWdlDFt
CfuhaGIgn4HXjIYaXOi2HyHCwoWdGLxLQvUj+m3iPK+o6zr9wJIONfKhH4JGRQBj
uLlZU7UaudBpElj1Ic7f4jLjvusurcgzGylO6d0TQaS7pdOdRzPjIhWMVxQm/DMh
viEcg0XOJPTzdSQIqyylVLUMyM1ZdOWgPUoEuOmfP9ydXMw4Q/IjM/7/YfRWRDLm
5bJcuTXfR0XBztG6eI9Swtd94BX83LhMBH9tupp3RsUaPhIQUziG2zLXz41/reMv
BCecAzIrZGKWLn8tsSaYByNovdZnyLE8ydcae4J83Us122JzliyYB+GzgLNk
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:00 2024 by rpki-client on console-ams.rpki-client.org