Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/zOh3Gzt4NOIxz0UnlezrOSWpRak.roa
File: zOh3Gzt4NOIxz0UnlezrOSWpRak.roa (raw, json)
Hash identifier: sVN1x/yXcLckJSMW5kbkQE1Bx/aY5ZFm6ICW9uLLITQ=
Subject key identifier: CC:E8:77:1B:3B:78:34:E2:31:CF:45:27:95:EC:EB:39:25:A9:45:A9
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 018A0098BEB9407B0AD4BD28998F46C553FB
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/zOh3Gzt4NOIxz0UnlezrOSWpRak.roa
Signing time: Wed 16 Aug 2023 23:05:24 +0000
ROA not before: Wed 16 Aug 2023 23:05:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205441
IP address blocks: 2a0e:8f02:21b0::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:00:98:be:b9:40:7b:0a:d4:bd:28:99:8f:46:c5:53:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Aug 16 23:05:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cce8771b3b7834e231cf452795eceb3925a945a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ed:d5:14:17:68:fe:ac:c4:9a:ce:9c:8b:79:
21:e1:2d:f8:25:76:c9:61:8c:64:80:c2:66:66:5c:
52:be:20:e0:c8:66:97:4e:81:8b:f5:1d:92:0c:a5:
49:fc:65:ef:23:8b:74:58:ea:10:a6:31:c4:06:37:
a6:8d:1b:b5:13:7c:e7:bc:bc:7c:29:0f:73:e2:12:
06:1f:f7:fb:9e:1d:3a:7a:e6:62:9f:f6:86:c8:3b:
1f:13:0a:5f:df:55:a9:47:ba:da:6a:de:d5:d3:7e:
85:4d:e6:ce:bf:5d:68:fe:b3:31:77:c4:05:64:d3:
a9:2c:04:d3:a0:29:4a:fa:61:d3:7d:6e:71:da:16:
0d:43:2a:a1:f0:0f:2d:1a:73:a1:dd:01:58:9e:e6:
0c:ba:26:ea:dd:f3:0c:f9:d6:32:c5:db:cf:bf:5e:
7e:5d:43:27:65:aa:c1:0a:84:91:0c:3a:7f:73:e2:
a1:2b:9f:87:f0:d3:af:05:50:ae:fb:db:20:8d:fc:
50:79:eb:d3:ef:c0:f5:0c:ea:f5:81:71:20:66:88:
f9:d1:bc:8c:7d:c0:59:32:07:98:41:7d:af:f6:52:
50:7c:3a:74:5d:a7:0e:be:72:db:34:25:49:ce:d2:
aa:41:68:93:24:50:38:10:82:79:c6:1a:6b:89:70:
5e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:E8:77:1B:3B:78:34:E2:31:CF:45:27:95:EC:EB:39:25:A9:45:A9
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/zOh3Gzt4NOIxz0UnlezrOSWpRak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:21b0::/44
Signature Algorithm: sha256WithRSAEncryption
79:c9:f4:81:bb:5e:47:df:de:31:0a:dd:aa:76:02:9c:45:e8:
d9:e2:57:1b:7a:ca:cd:33:b0:e1:96:ba:ec:e7:cd:6c:d9:77:
54:d7:b5:c4:b3:19:c5:2e:19:ef:32:94:d8:77:c1:c9:30:26:
45:92:6f:6e:0b:e5:92:1b:68:ed:e0:49:8e:cf:e1:1c:27:3c:
73:ea:01:49:21:47:ff:04:f2:21:1c:77:b1:d4:e3:75:78:5d:
cb:c1:7a:d9:1f:3c:3d:1d:0e:23:b4:c7:93:ae:3f:60:99:f1:
5d:ac:64:36:79:1d:c3:40:bc:48:bc:6a:fe:a9:3d:81:72:2d:
75:ed:44:af:54:e5:d0:77:07:4c:6c:76:ed:2f:43:00:7f:a6:
9c:4d:7e:97:1c:c1:d5:25:05:af:09:06:9a:72:14:a5:05:93:
65:81:40:2c:4c:01:2e:85:75:bd:83:c2:6b:b8:ab:d7:f1:cf:
81:1c:a6:a0:00:ab:48:6a:94:23:55:56:a6:01:46:c5:fe:74:
c3:d2:eb:ea:6a:e0:bf:d8:c0:fe:36:6f:d5:43:8c:7b:67:a4:
b8:c5:c8:90:54:15:7b:13:0d:84:bf:a3:a7:d5:5d:ab:35:92:
78:18:58:e3:20:fd:87:8d:27:b8:31:5e:5e:d1:73:6d:85:16:
d3:a2:19:11
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYoAmL65QHsK1L0omY9GxVP7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwODE2MjMwNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2U4NzcxYjNiNzgzNGUyMzFjZjQ1Mjc5NWVjZWIzOTI1YTk0NWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtu3VFBdo/qzEms6ci3kh4S34JXbJ
YYxkgMJmZlxSviDgyGaXToGL9R2SDKVJ/GXvI4t0WOoQpjHEBjemjRu1E3znvLx8
KQ9z4hIGH/f7nh06euZin/aGyDsfEwpf31WpR7raat7V036FTebOv11o/rMxd8QF
ZNOpLATToClK+mHTfW5x2hYNQyqh8A8tGnOh3QFYnuYMuibq3fMM+dYyxdvPv15+
XUMnZarBCoSRDDp/c+KhK5+H8NOvBVCu+9sgjfxQeevT78D1DOr1gXEgZoj50byM
fcBZMgeYQX2v9lJQfDp0XacOvnLbNCVJztKqQWiTJFA4EIJ5xhpriXBeKQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMzodxs7eDTiMc9FJ5Xs6zklqUWpMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvek9oM0d6dDROT0l4ejBVbmxlenJPU1dwUmFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6PAiGw
MA0GCSqGSIb3DQEBCwUAA4IBAQB5yfSBu15H394xCt2qdgKcRejZ4lcbesrNM7Dh
lrrs581s2XdU17XEsxnFLhnvMpTYd8HJMCZFkm9uC+WSG2jt4EmOz+EcJzxz6gFJ
IUf/BPIhHHex1ON1eF3LwXrZHzw9HQ4jtMeTrj9gmfFdrGQ2eR3DQLxIvGr+qT2B
ci117USvVOXQdwdMbHbtL0MAf6acTX6XHMHVJQWvCQaachSlBZNlgUAsTAEuhXW9
g8JruKvX8c+BHKagAKtIapQjVVamAUbF/nTD0uvqauC/2MD+Nm/VQ4x7Z6S4xciQ
VBV7Ew2Ev6On1V2rNZJ4GFjjIP2HjSe4MV5e0XNthRbTohkR
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:52 2024 by rpki-client on console-fra.rpki-client.org