Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/df38da-75cd-4e21-ad38-f2a2a5d5045e/1/hc6W9aZhsJWJXl5jWmD2lw8bahs.roa
File: hc6W9aZhsJWJXl5jWmD2lw8bahs.roa (raw, json)
Hash identifier: KFsoIXGbRyIDbPXAjGkOLN4YcYDTCNfle88BAQcJVUA=
Subject key identifier: 85:CE:96:F5:A6:61:B0:95:89:5E:5E:63:5A:60:F6:97:0F:1B:6A:1B
Certificate issuer: /CN=c1c26bb574b89b8c1866f8474bb1cb003264ec20
Certificate serial: 018BA698D5E75C35B10FBB8BABAA13F4A776
Authority key identifier: C1:C2:6B:B5:74:B8:9B:8C:18:66:F8:47:4B:B1:CB:00:32:64:EC:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wcJrtXS4m4wYZvhHS7HLADJk7CA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/df38da-75cd-4e21-ad38-f2a2a5d5045e/1/hc6W9aZhsJWJXl5jWmD2lw8bahs.roa
Signing time: Mon 06 Nov 2023 21:45:15 +0000
ROA not before: Mon 06 Nov 2023 21:45:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396982
IP address blocks: 2a0c:4a01:3b::/48 maxlen: 48
2a0c:4a01:1b::/48 maxlen: 48
2a0c:4a00:2b::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a6:98:d5:e7:5c:35:b1:0f:bb:8b:ab:aa:13:f4:a7:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1c26bb574b89b8c1866f8474bb1cb003264ec20
Validity
Not Before: Nov 6 21:45:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85ce96f5a661b095895e5e635a60f6970f1b6a1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:08:69:29:91:f4:68:28:0b:f7:c2:de:cb:56:
fe:30:74:27:1a:b6:fb:18:16:c3:81:cc:3f:0d:a4:
b2:60:ac:6f:1a:b7:a0:e7:f6:8c:0c:17:2e:3c:9e:
0f:5f:1b:97:dd:bc:e2:37:32:34:39:a9:97:24:91:
f1:00:05:cd:91:b6:7f:98:55:b8:66:56:7e:6e:28:
3b:d1:68:11:d2:86:60:cb:53:7f:a7:01:44:85:5d:
86:f8:4e:a9:ee:89:97:87:00:df:a0:90:a4:2b:86:
e8:1c:eb:8f:68:a9:d7:ff:87:0e:24:74:34:94:c2:
c2:61:2c:9e:93:4d:24:c0:a2:bd:fc:4d:ef:91:00:
ce:f8:97:75:23:94:da:56:ef:68:36:13:f2:f1:c5:
a0:99:9c:de:16:92:5f:01:e3:4f:ff:b2:4f:e3:18:
7f:26:94:e8:71:a1:bb:51:16:a6:b7:c9:f0:06:54:
31:09:1b:0a:d1:50:d5:44:be:6a:89:54:fb:ff:60:
cb:7a:f0:cf:14:7d:75:6c:9b:e6:1c:c9:00:1e:b6:
f5:cf:70:1d:cb:d4:8a:9b:db:e1:da:85:8f:61:2e:
01:66:8b:c3:b7:f5:36:94:54:8d:80:07:21:a2:71:
af:3f:eb:53:c1:70:49:6b:14:2b:4f:69:4e:bf:2e:
dd:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:CE:96:F5:A6:61:B0:95:89:5E:5E:63:5A:60:F6:97:0F:1B:6A:1B
X509v3 Authority Key Identifier:
keyid:C1:C2:6B:B5:74:B8:9B:8C:18:66:F8:47:4B:B1:CB:00:32:64:EC:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wcJrtXS4m4wYZvhHS7HLADJk7CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/df38da-75cd-4e21-ad38-f2a2a5d5045e/1/hc6W9aZhsJWJXl5jWmD2lw8bahs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/df38da-75cd-4e21-ad38-f2a2a5d5045e/1/wcJrtXS4m4wYZvhHS7HLADJk7CA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:4a00:2b::/48
2a0c:4a01:1b::/48
2a0c:4a01:3b::/48
Signature Algorithm: sha256WithRSAEncryption
23:f6:05:6c:f2:ad:82:99:96:ef:98:d9:7a:6e:5a:9d:c9:16:
80:8d:71:87:a4:37:92:c9:c9:e3:7b:d5:a9:e3:1c:d4:db:f9:
7e:45:4b:b7:59:19:83:26:73:0b:62:d0:64:ff:56:56:e7:46:
8d:ca:72:93:2d:41:04:80:24:59:75:d4:b0:a7:ee:9b:b5:66:
ca:b6:05:7c:1b:48:14:56:a4:e6:72:5b:4e:a8:27:b0:0d:b6:
34:8e:f6:45:e4:69:ff:f8:e5:43:7a:eb:d9:27:88:8d:ba:c8:
78:f7:86:e4:7a:dc:42:d9:3e:71:ff:e2:5d:69:54:90:4a:ba:
51:bf:25:e2:68:8d:89:e9:bf:9f:58:bc:3a:87:2a:14:7a:a9:
3c:53:ef:8b:de:12:4e:36:5b:0f:c8:39:b2:f3:f7:0f:da:c2:
e7:0a:18:8f:f1:ad:b0:bc:bc:00:a8:33:8e:54:d9:83:c0:3c:
4f:f7:1c:9c:cd:53:3c:6f:3e:f3:3d:d4:b5:c2:15:58:3d:65:
ba:df:38:1f:89:84:9b:8d:74:2b:6f:74:6d:1b:fb:aa:c2:c7:
69:7e:56:0a:a9:dd:7d:e8:41:df:d4:68:5e:a8:5f:18:b4:0b:
ae:8d:bd:16:44:7d:45:0d:dc:67:e8:2d:bf:d0:0c:17:d3:68:
7f:50:01:50
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYummNXnXDWxD7uLq6oT9Kd2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYzI2YmI1NzRiODliOGMxODY2Zjg0NzRiYjFjYjAwMzI2
NGVjMjAwHhcNMjMxMTA2MjE0NTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWNlOTZmNWE2NjFiMDk1ODk1ZTVlNjM1YTYwZjY5NzBmMWI2YTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAighpKZH0aCgL98Ley1b+MHQnGrb7
GBbDgcw/DaSyYKxvGreg5/aMDBcuPJ4PXxuX3bziNzI0OamXJJHxAAXNkbZ/mFW4
ZlZ+big70WgR0oZgy1N/pwFEhV2G+E6p7omXhwDfoJCkK4boHOuPaKnX/4cOJHQ0
lMLCYSyek00kwKK9/E3vkQDO+Jd1I5TaVu9oNhPy8cWgmZzeFpJfAeNP/7JP4xh/
JpTocaG7URamt8nwBlQxCRsK0VDVRL5qiVT7/2DLevDPFH11bJvmHMkAHrb1z3Ad
y9SKm9vh2oWPYS4BZovDt/U2lFSNgAchonGvP+tTwXBJaxQrT2lOvy7dVQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIXOlvWmYbCViV5eY1pg9pcPG2obMB8GA1UdIwQY
MBaAFMHCa7V0uJuMGGb4R0uxywAyZOwgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2NKcnRYUzRtNHdZWnZoSFM3SExBREprN0NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9kZjM4ZGEtNzVjZC00ZTIxLWFkMzgt
ZjJhMmE1ZDUwNDVlLzEvaGM2VzlhWmhzSldKWGw1aldtRDJsdzhiYWhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9kZjM4ZGEtNzVjZC00ZTIxLWFkMzgtZjJhMmE1ZDUwNDVl
LzEvd2NKcnRYUzRtNHdZWnZoSFM3SExBREprN0NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgxKAAAr
AwcAKgxKAQAbAwcAKgxKAQA7MA0GCSqGSIb3DQEBCwUAA4IBAQAj9gVs8q2CmZbv
mNl6blqdyRaAjXGHpDeSycnje9Wp4xzU2/l+RUu3WRmDJnMLYtBk/1ZW50aNynKT
LUEEgCRZddSwp+6btWbKtgV8G0gUVqTmcltOqCewDbY0jvZF5Gn/+OVDeuvZJ4iN
ush494bketxC2T5x/+JdaVSQSrpRvyXiaI2J6b+fWLw6hyoUeqk8U++L3hJONlsP
yDmy8/cP2sLnChiP8a2wvLwAqDOOVNmDwDxP9xyczVM8bz7zPdS1whVYPWW63zgf
iYSbjXQrb3RtG/uqwsdpflYKqd196EHf1GheqF8YtAuujb0WRH1FDdxn6C2/0AwX
02h/UAFQ
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:30:58 2024 by rpki-client on console-fra.rpki-client.org