Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/y8WP1VMvtH5gNvt9cTcI0zgJ1mY.roa
File: y8WP1VMvtH5gNvt9cTcI0zgJ1mY.roa (raw, json)
Hash identifier: ZpVh8wFYzGKePf6+71U3ivQ8ciwAx+28yS8h+eLXLJ0=
Subject key identifier: CB:C5:8F:D5:53:2F:B4:7E:60:36:FB:7D:71:37:08:D3:38:09:D6:66
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01856F42EFD4E41491BA2775E55144B3BCEA
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/y8WP1VMvtH5gNvt9cTcI0zgJ1mY.roa
Signing time: Sun 01 Jan 2023 21:35:35 +0000
ROA not before: Sun 01 Jan 2023 21:35:35 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212746
IP address blocks: 2a0e:8f02:2040::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:ef:d4:e4:14:91:ba:27:75:e5:51:44:b3:bc:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 21:35:35 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cbc58fd5532fb47e6036fb7d713708d33809d666
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:30:07:21:cd:4c:c9:c3:39:ff:a0:b6:25:9f:
1e:40:0f:9b:5f:37:9e:d0:bc:9a:4e:8f:c5:ef:41:
5a:03:f7:99:99:ec:11:fb:2c:f1:ba:75:5a:42:87:
2d:a2:7b:7b:1f:27:8c:9a:b7:0a:b0:2c:e6:51:f0:
02:b9:a2:ae:a0:dc:5e:8a:26:28:9f:58:d8:c3:f3:
80:bb:ab:08:b6:f9:28:e8:78:6e:42:d3:97:ca:21:
5e:bc:e8:68:73:0f:1e:d1:f3:f6:42:91:fe:f7:64:
c1:08:79:49:01:58:9c:01:3c:25:de:19:9b:91:ca:
39:d4:7d:a1:f1:76:be:d9:4f:fd:6f:f3:e9:6b:5a:
f2:68:59:b1:83:63:ab:11:9e:e4:4f:fb:65:bc:a9:
fe:ce:a3:6e:4a:ba:ef:5c:0b:a7:20:97:06:45:2d:
1c:92:d0:d9:75:2b:4f:8f:ec:e7:30:fc:09:2d:88:
b5:3e:48:ea:cf:9a:ca:19:47:ad:73:69:d5:b0:20:
85:71:c0:86:59:fb:73:7c:ce:87:30:d6:11:24:70:
ea:14:9f:46:d1:33:55:d1:13:81:ac:1a:9b:50:34:
36:e9:7d:e4:a7:97:85:ac:8e:38:2a:fb:6f:a8:d2:
e9:70:93:02:8e:9a:d2:36:20:11:48:e7:b0:d4:5f:
b7:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:C5:8F:D5:53:2F:B4:7E:60:36:FB:7D:71:37:08:D3:38:09:D6:66
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/y8WP1VMvtH5gNvt9cTcI0zgJ1mY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:2040::/44
Signature Algorithm: sha256WithRSAEncryption
78:86:03:6f:7f:bb:2d:67:db:62:db:be:21:59:92:72:4b:80:
f9:7e:cf:9b:4e:94:be:42:60:90:05:cd:4f:9c:75:27:93:33:
9d:c6:90:4f:38:21:1b:18:ba:b7:7a:fa:d5:e6:79:1e:0e:51:
12:08:2f:f0:69:8e:1c:c2:03:4a:84:9e:a5:fc:f8:a3:81:c3:
cf:96:08:2e:f1:3b:0c:ce:65:25:31:dd:78:8e:51:15:50:30:
85:01:d5:42:a5:21:6b:d0:5f:60:0a:c1:76:3e:34:a6:b4:79:
d8:29:fb:c2:3b:f8:a3:02:c2:bf:1f:44:09:59:be:4f:3d:a5:
97:62:0b:b4:66:db:c5:b3:31:91:16:f3:1c:2f:f3:ef:53:91:
56:d6:30:ec:99:dd:a4:ff:41:0e:e9:b2:cd:45:b9:4d:fa:fe:
c8:9b:73:1f:9a:5b:d5:83:39:7c:80:a0:c2:00:37:0f:06:e6:
05:32:fc:72:6a:58:6b:5a:ab:1d:30:6b:31:b7:98:b3:49:5a:
8d:5c:09:2d:89:f2:86:8a:49:14:ed:6a:a7:ea:4d:3c:f9:a2:
2c:d9:f2:f0:44:2a:7b:06:46:26:ca:f0:6e:9c:f4:47:46:ab:
a3:d9:ec:36:75:b3:d5:a6:b1:40:4b:0c:81:54:b8:22:27:e5:
94:71:1e:ba
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQu/U5BSRuid15VFEs7zqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmM1OGZkNTUzMmZiNDdlNjAzNmZiN2Q3MTM3MDhkMzM4MDlkNjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTAHIc1MycM5/6C2JZ8eQA+bXzee
0LyaTo/F70FaA/eZmewR+yzxunVaQoctont7HyeMmrcKsCzmUfACuaKuoNxeiiYo
n1jYw/OAu6sItvko6HhuQtOXyiFevOhocw8e0fP2QpH+92TBCHlJAVicATwl3hmb
kco51H2h8Xa+2U/9b/Ppa1ryaFmxg2OrEZ7kT/tlvKn+zqNuSrrvXAunIJcGRS0c
ktDZdStPj+znMPwJLYi1Pkjqz5rKGUetc2nVsCCFccCGWftzfM6HMNYRJHDqFJ9G
0TNV0ROBrBqbUDQ26X3kp5eFrI44KvtvqNLpcJMCjprSNiARSOew1F+3jQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMvFj9VTL7R+YDb7fXE3CNM4CdZmMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEveThXUDFWTXZ0SDVnTnZ0OWNUY0kwemdKMW1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6PAiBA
MA0GCSqGSIb3DQEBCwUAA4IBAQB4hgNvf7stZ9ti274hWZJyS4D5fs+bTpS+QmCQ
Bc1PnHUnkzOdxpBPOCEbGLq3evrV5nkeDlESCC/waY4cwgNKhJ6l/PijgcPPlggu
8TsMzmUlMd14jlEVUDCFAdVCpSFr0F9gCsF2PjSmtHnYKfvCO/ijAsK/H0QJWb5P
PaWXYgu0ZtvFszGRFvMcL/PvU5FW1jDsmd2k/0EO6bLNRblN+v7Im3MfmlvVgzl8
gKDCADcPBuYFMvxyalhrWqsdMGsxt5izSVqNXAktifKGikkU7Wqn6k08+aIs2fLw
RCp7BkYmyvBunPRHRquj2ew2dbPVprFASwyBVLgiJ+WUcR66
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:00 2024 by rpki-client on console-ams.rpki-client.org