Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/pmdajbSGcyz26gKcbw3iNGh7zhk.roa
File: pmdajbSGcyz26gKcbw3iNGh7zhk.roa (raw, json)
Hash identifier: M7PxBzrYmDA+1PAQiU6uypTCozSG7v/KSfwFj41lzR4=
Subject key identifier: A6:67:5A:8D:B4:86:73:2C:F6:EA:02:9C:6F:0D:E2:34:68:7B:CE:19
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01856F42F6773EBA8AE0B5FF53EE706F9B6C
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/pmdajbSGcyz26gKcbw3iNGh7zhk.roa
Signing time: Sun 01 Jan 2023 21:35:37 +0000
ROA not before: Sun 01 Jan 2023 21:35:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213326
IP address blocks: 2a0e:8f02:f01b::/48 maxlen: 48
2a0e:8f02:2110::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:f6:77:3e:ba:8a:e0:b5:ff:53:ee:70:6f:9b:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 21:35:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a6675a8db486732cf6ea029c6f0de234687bce19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f2:49:44:3a:d3:b1:7f:87:c2:b5:fc:b9:cf:
5b:1a:c0:61:e9:fe:63:1b:3a:67:40:59:49:22:2b:
cc:9c:cb:6b:f5:90:17:76:eb:c8:4d:87:a3:7d:0a:
43:48:4b:9e:35:97:52:fc:84:62:b1:69:c4:08:0c:
2c:c0:d4:c5:92:cf:98:1f:2f:2a:c0:19:56:34:66:
9e:f8:a1:9a:8c:2e:91:7a:6e:6d:c7:88:16:70:3f:
55:78:4e:37:44:73:95:0b:1d:c6:31:0b:f7:90:2d:
b0:59:02:aa:b0:97:ef:3d:49:40:91:1a:72:7e:42:
be:17:68:07:c2:99:59:68:6d:83:a9:c4:99:f5:d0:
ac:a3:ff:80:0a:20:b0:f8:fe:8b:f9:87:73:a7:01:
f2:da:35:c6:ed:c9:0c:e7:99:c7:5b:80:16:b3:55:
32:1a:90:97:19:a5:f7:ab:44:95:23:c4:64:38:36:
33:e0:61:13:16:22:73:aa:4c:af:b4:f9:0e:30:61:
7c:62:fe:55:dc:7c:7b:8e:96:77:71:3c:c7:a7:a4:
93:9d:e3:db:0b:23:2a:f8:92:bf:c3:9e:70:ff:08:
3e:5b:45:e0:90:90:ae:22:9e:4c:49:14:ea:80:27:
eb:17:24:df:3c:40:01:7c:80:4d:30:bd:c4:f8:0d:
fc:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:67:5A:8D:B4:86:73:2C:F6:EA:02:9C:6F:0D:E2:34:68:7B:CE:19
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/pmdajbSGcyz26gKcbw3iNGh7zhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:2110::/44
2a0e:8f02:f01b::/48
Signature Algorithm: sha256WithRSAEncryption
58:ce:95:37:0d:e7:35:b3:1e:ef:71:e4:37:95:9e:0f:f1:a2:
ae:4c:ae:e5:47:9e:b0:57:a3:37:94:e2:f2:b8:a1:84:c4:51:
22:60:2f:74:c3:72:b9:fe:04:77:cf:fc:85:5f:b1:bf:66:80:
2f:63:ec:af:2a:c5:a4:16:eb:3f:db:b7:2d:b2:b1:77:ad:63:
62:ad:3c:4b:9d:ef:7f:e2:c9:f0:84:81:b2:a5:6c:0d:7a:69:
ff:4d:55:d3:8f:bf:01:44:37:ca:a5:dc:ca:9d:6e:c2:9b:f2:
c9:f7:af:d6:72:2c:8a:1d:bb:c3:d5:9e:b4:a6:45:a0:92:fe:
50:f7:91:2b:4c:12:48:c2:7b:09:e4:5d:08:b7:1e:61:fd:04:
80:96:24:6b:78:1c:6c:50:e6:97:c5:63:a8:7a:f7:d6:c6:7d:
b9:da:49:0b:f6:ea:3f:cd:c4:8a:cd:cb:f2:e7:3b:93:ec:95:
70:27:71:9d:ba:cd:29:7d:b2:c4:0e:96:f1:71:ae:93:99:14:
52:4a:25:48:63:c8:3e:73:ed:4f:ea:f4:61:be:92:0a:fe:55:
22:ce:2d:3b:77:15:b2:c1:90:0f:43:8d:54:5e:59:95:ce:9e:
19:8a:9d:8c:1d:f4:6e:aa:fc:74:ae:e7:29:64:4f:af:ee:53:
11:0a:ae:cd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvQvZ3PrqK4LX/U+5wb5tsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjY3NWE4ZGI0ODY3MzJjZjZlYTAyOWM2ZjBkZTIzNDY4N2JjZTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvJJRDrTsX+HwrX8uc9bGsBh6f5j
GzpnQFlJIivMnMtr9ZAXduvITYejfQpDSEueNZdS/IRisWnECAwswNTFks+YHy8q
wBlWNGae+KGajC6Rem5tx4gWcD9VeE43RHOVCx3GMQv3kC2wWQKqsJfvPUlAkRpy
fkK+F2gHwplZaG2DqcSZ9dCso/+ACiCw+P6L+YdzpwHy2jXG7ckM55nHW4AWs1Uy
GpCXGaX3q0SVI8RkODYz4GETFiJzqkyvtPkOMGF8Yv5V3Hx7jpZ3cTzHp6STnePb
CyMq+JK/w55w/wg+W0XgkJCuIp5MSRTqgCfrFyTfPEABfIBNML3E+A38pwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKZnWo20hnMs9uoCnG8N4jRoe84ZMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvcG1kYWpiU0djeXoyNmdLY2J3M2lOR2g3emhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6PAiEQ
AwcAKg6PAvAbMA0GCSqGSIb3DQEBCwUAA4IBAQBYzpU3Dec1sx7vceQ3lZ4P8aKu
TK7lR56wV6M3lOLyuKGExFEiYC90w3K5/gR3z/yFX7G/ZoAvY+yvKsWkFus/27ct
srF3rWNirTxLne9/4snwhIGypWwNemn/TVXTj78BRDfKpdzKnW7Cm/LJ96/WciyK
HbvD1Z60pkWgkv5Q95ErTBJIwnsJ5F0Itx5h/QSAliRreBxsUOaXxWOoevfWxn25
2kkL9uo/zcSKzcvy5zuT7JVwJ3Gdus0pfbLEDpbxca6TmRRSSiVIY8g+c+1P6vRh
vpIK/lUizi07dxWywZAPQ41UXlmVzp4Zip2MHfRuqvx0rucpZE+v7lMRCq7N
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:52 2024 by rpki-client on console-fra.rpki-client.org