Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/9xhvOYjcKYQEPyO96u0hz3wvB0Y.roa
File: 9xhvOYjcKYQEPyO96u0hz3wvB0Y.roa (raw, json)
Hash identifier: waNlaCJtOk1qG4cdycORk2IOl3jbosezv/wyQx8GX84=
Subject key identifier: F7:18:6F:39:88:DC:29:84:04:3F:23:BD:EA:ED:21:CF:7C:2F:07:46
Certificate issuer: /CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Certificate serial: 0186741F0CE123D0C60A30B94299F073D10C
Authority key identifier: 1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/9xhvOYjcKYQEPyO96u0hz3wvB0Y.roa
Signing time: Tue 21 Feb 2023 13:17:17 +0000
ROA not before: Tue 21 Feb 2023 13:17:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201612
IP address blocks: 2001:678:20::/48 maxlen: 48
2a02:850:ffe0::/48 maxlen: 48
2001:678:24::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:74:1f:0c:e1:23:d0:c6:0a:30:b9:42:99:f0:73:d1:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Validity
Not Before: Feb 21 13:17:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7186f3988dc2984043f23bdeaed21cf7c2f0746
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:25:75:68:ac:04:63:a8:0d:28:90:50:8b:1a:
e2:1b:98:5c:66:a1:96:d5:c4:35:e0:e0:ca:e8:40:
0a:ac:9a:46:53:9e:e8:6e:04:ba:ba:96:94:5d:0f:
a7:28:3b:a2:12:2a:84:8a:4a:9f:ce:c4:82:1f:80:
99:6d:1e:61:ea:7c:3f:ec:c3:85:6e:bc:9d:4c:76:
ca:6c:74:de:4d:96:35:3c:94:f7:6d:00:5d:35:e9:
b7:2c:be:27:d8:55:70:79:4a:d4:f5:bb:e3:2a:dc:
61:b8:eb:fb:04:f8:8a:7e:4f:40:55:70:c1:e3:8d:
5f:cf:68:e8:1e:e7:4d:f5:55:07:3b:db:17:46:ed:
5c:7c:68:7a:28:61:89:a4:19:12:0d:3b:ac:5a:8e:
92:0e:b5:a7:02:27:4f:eb:5e:a6:81:d5:dc:ce:e9:
65:20:14:62:cf:e8:25:66:e1:fe:d3:50:28:c3:1d:
4c:77:17:af:3d:fc:7b:14:b8:d6:e2:b7:53:c3:04:
94:fa:a9:9c:10:6b:f5:9d:8f:a2:2c:7d:a3:bd:49:
32:59:13:a8:99:77:d4:66:d5:f7:3e:b2:4e:94:4f:
c8:01:99:6d:d2:32:3a:12:f7:d8:f3:a5:0e:77:1b:
a5:b8:1e:54:fa:04:6c:d5:14:57:bc:15:36:03:e6:
6a:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:18:6F:39:88:DC:29:84:04:3F:23:BD:EA:ED:21:CF:7C:2F:07:46
X509v3 Authority Key Identifier:
keyid:1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/9xhvOYjcKYQEPyO96u0hz3wvB0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:20::/48
2001:678:24::/48
2a02:850:ffe0::/48
Signature Algorithm: sha256WithRSAEncryption
a1:54:b0:10:28:e0:dc:e1:51:60:98:a2:73:ae:f5:ce:12:d0:
33:58:af:c2:64:25:d6:a2:d4:2e:ea:e4:8c:9d:14:cd:da:f3:
4f:c1:df:55:85:cd:20:a6:e9:3b:10:3c:0c:12:5b:96:19:0b:
67:3c:4c:bd:df:4c:32:ba:1e:45:f9:45:66:8b:e7:70:df:04:
a3:15:fc:ef:5a:2d:6d:44:a0:3c:90:77:e9:3f:5d:63:f2:6e:
6a:03:a9:7e:35:fe:00:89:eb:64:f2:71:79:5f:c7:4a:b7:71:
d0:a7:00:a3:59:c4:a2:e1:03:be:e6:7d:9a:3f:75:58:ca:e4:
44:a8:fb:10:49:5b:27:28:40:7a:a4:40:bf:b8:5d:03:95:de:
3c:f2:b2:10:5b:be:f6:43:66:1c:3e:d1:87:6c:79:ed:c4:a5:
f5:08:62:51:d5:32:cc:ad:6e:be:58:ac:26:4e:25:b1:5b:4f:
8e:d8:32:90:b4:75:48:ef:d5:b8:33:cf:25:7b:63:11:db:5f:
d8:0a:7a:79:d6:08:f9:ff:d1:39:63:bb:57:32:94:d6:53:b6:
cd:3f:1e:fd:d6:3a:51:83:58:da:ff:b8:9d:a2:b0:b7:20:9d:
9b:65:2b:7f:f7:cd:2e:bd:2c:90:fd:9d:fc:fd:d4:75:56:e7:
f0:e2:12:d8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYZ0HwzhI9DGCjC5Qpnwc9EMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMzkwYmZmNjVkY2VkY2E4MTNkN2ExMGQ3ZWMzMjhjMmY2
ZWFjMzQwHhcNMjMwMjIxMTMxNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzE4NmYzOTg4ZGMyOTg0MDQzZjIzYmRlYWVkMjFjZjdjMmYwNzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yV1aKwEY6gNKJBQixriG5hcZqGW
1cQ14ODK6EAKrJpGU57obgS6upaUXQ+nKDuiEiqEikqfzsSCH4CZbR5h6nw/7MOF
brydTHbKbHTeTZY1PJT3bQBdNem3LL4n2FVweUrU9bvjKtxhuOv7BPiKfk9AVXDB
441fz2joHudN9VUHO9sXRu1cfGh6KGGJpBkSDTusWo6SDrWnAidP616mgdXczull
IBRiz+glZuH+01Aowx1MdxevPfx7FLjW4rdTwwSU+qmcEGv1nY+iLH2jvUkyWROo
mXfUZtX3PrJOlE/IAZlt0jI6EvfY86UOdxuluB5U+gRs1RRXvBU2A+Zq8QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPcYbzmI3CmEBD8jvertIc98LwdGMB8GA1UdIwQY
MBaAFBw5C/9l3O3KgT16ENfsMowvbqw0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTIt
YTk3NjVlZGM3OTVjLzEvOXhodk9ZamNLWVFFUHlPOTZ1MGh6M3d2QjBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTItYTk3NjVlZGM3OTVj
LzEvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAIAEGeAAg
AwcAIAEGeAAkAwcAKgIIUP/gMA0GCSqGSIb3DQEBCwUAA4IBAQChVLAQKODc4VFg
mKJzrvXOEtAzWK/CZCXWotQu6uSMnRTN2vNPwd9Vhc0gpuk7EDwMEluWGQtnPEy9
30wyuh5F+UVmi+dw3wSjFfzvWi1tRKA8kHfpP11j8m5qA6l+Nf4Aietk8nF5X8dK
t3HQpwCjWcSi4QO+5n2aP3VYyuREqPsQSVsnKEB6pEC/uF0Dld488rIQW772Q2Yc
PtGHbHntxKX1CGJR1TLMrW6+WKwmTiWxW0+O2DKQtHVI79W4M88le2MR21/YCnp5
1gj5/9E5Y7tXMpTWU7bNPx791jpRg1ja/7idorC3IJ2bZSt/980uvSyQ/Z38/dR1
Vufw4hLY
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:27 2023 by rpki-client on console-fra.rpki-client.org