Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/24149d-d115-4330-bd49-cb56ed3ea7fa/1/VqFWkqQOStoqN_-OK7-FztzYlUs.roa
File: VqFWkqQOStoqN_-OK7-FztzYlUs.roa (raw, json)
Hash identifier: CNp/O+I78tYVR0ENYakXsOyVq6uWNAL8EPPH/EuISLc=
Subject key identifier: 56:A1:56:92:A4:0E:4A:DA:2A:37:FF:8E:2B:BF:85:CE:DC:D8:95:4B
Certificate issuer: /CN=dc1089c942b68033683b4dd506c0c36f74be0ea3
Certificate serial: 01856B8A301650FD8B12FCE6EEB92F234355
Authority key identifier: DC:10:89:C9:42:B6:80:33:68:3B:4D:D5:06:C0:C3:6F:74:BE:0E:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3BCJyUK2gDNoO03VBsDDb3S-DqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/24149d-d115-4330-bd49-cb56ed3ea7fa/1/VqFWkqQOStoqN_-OK7-FztzYlUs.roa
Signing time: Sun 01 Jan 2023 04:14:56 +0000
ROA not before: Sun 01 Jan 2023 04:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31898
IP address blocks: 2a09:a447:ac1f::/48 maxlen: 64
2a09:a447:ac1e::/48 maxlen: 64
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:8a:30:16:50:fd:8b:12:fc:e6:ee:b9:2f:23:43:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc1089c942b68033683b4dd506c0c36f74be0ea3
Validity
Not Before: Jan 1 04:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56a15692a40e4ada2a37ff8e2bbf85cedcd8954b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:6c:3e:c8:99:7b:40:5e:46:9d:4d:be:68:69:
4b:d5:4c:6e:1f:76:2c:6c:b3:d4:f7:c9:1c:43:07:
6f:96:ea:46:b5:82:d1:0b:ef:8f:c4:8e:99:c6:00:
59:4d:91:39:93:80:8a:0a:a6:fc:96:b5:9e:b5:6b:
e5:57:69:79:7e:a8:13:bb:51:84:5b:bd:81:ce:68:
2f:2f:89:02:bb:83:42:2e:ab:1d:be:54:53:4d:df:
36:2e:48:97:ca:14:9d:d4:dc:45:12:fb:cc:53:ad:
b6:6c:eb:bb:76:7e:8b:a7:19:26:b4:f4:3b:fe:9d:
e1:9c:2b:6b:72:69:0a:6f:b6:f2:d1:e2:2d:df:19:
4c:31:f9:c5:07:a7:a8:fc:e6:f9:aa:e5:e6:e7:18:
44:17:fd:07:97:57:9b:bf:7b:0a:ac:9d:e7:ea:52:
da:50:ec:7a:b3:f9:69:03:f0:ee:d4:8a:a6:5d:22:
34:aa:84:d4:b9:38:c1:5d:d8:61:c6:9d:64:4a:f3:
fe:16:e1:b9:5e:d1:b7:61:dc:f4:ae:dc:7d:52:a4:
4d:54:8e:81:2d:8b:10:7c:13:49:1f:12:8a:60:9c:
33:98:b9:68:73:91:79:8f:eb:ff:e0:80:1c:04:11:
ba:af:bc:d0:c8:90:0c:d9:87:f8:8d:20:f9:73:df:
9a:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:A1:56:92:A4:0E:4A:DA:2A:37:FF:8E:2B:BF:85:CE:DC:D8:95:4B
X509v3 Authority Key Identifier:
keyid:DC:10:89:C9:42:B6:80:33:68:3B:4D:D5:06:C0:C3:6F:74:BE:0E:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BCJyUK2gDNoO03VBsDDb3S-DqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/24149d-d115-4330-bd49-cb56ed3ea7fa/1/VqFWkqQOStoqN_-OK7-FztzYlUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/24149d-d115-4330-bd49-cb56ed3ea7fa/1/3BCJyUK2gDNoO03VBsDDb3S-DqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:a447:ac1e::/47
Signature Algorithm: sha256WithRSAEncryption
8b:6f:11:08:5d:71:a1:33:48:8d:7f:cf:8d:c0:0b:98:11:3b:
68:b3:d6:0d:59:91:8f:94:47:5a:3f:c4:67:08:e5:04:09:36:
b4:94:0b:6d:d9:10:27:a9:2d:30:42:a7:89:da:55:ea:b8:ca:
7a:32:7a:f0:2c:84:51:85:a0:ea:04:5b:43:31:a2:a9:cc:7b:
7f:c1:32:f8:8a:62:ee:99:a3:88:f4:4f:b7:06:a7:d8:dd:e2:
2d:06:56:c3:98:5e:fd:84:9b:17:e6:bd:61:da:7f:de:a8:48:
04:ab:e9:74:58:5d:e7:83:a7:1a:dd:27:67:ca:d1:b2:c6:14:
f3:a5:18:c4:21:94:c5:fd:ef:e2:c4:90:2a:4f:7d:a8:22:6f:
89:d6:25:01:b0:7c:bc:09:9b:c0:8e:95:ae:6e:0f:b8:e1:62:
f0:10:1f:b9:e2:2f:0e:e4:ef:c4:c7:49:ba:e4:60:07:4b:b7:
f2:4e:03:83:a1:ca:5c:e9:fb:5d:b9:1e:08:29:dc:66:77:2e:
8c:d8:bd:14:b7:e7:b4:3b:9c:4b:0c:f5:db:78:67:71:b3:d7:
0c:07:ff:34:83:d6:11:85:dd:af:98:b2:51:6e:3e:18:35:dd:
47:9c:11:0e:a5:ad:15:c5:9f:34:a3:14:91:5d:30:cd:1e:b6:
65:77:78:c0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVrijAWUP2LEvzm7rkvI0NVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTA4OWM5NDJiNjgwMzM2ODNiNGRkNTA2YzBjMzZmNzRi
ZTBlYTMwHhcNMjMwMTAxMDQxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmExNTY5MmE0MGU0YWRhMmEzN2ZmOGUyYmJmODVjZWRjZDg5NTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGw+yJl7QF5GnU2+aGlL1UxuH3Ys
bLPU98kcQwdvlupGtYLRC++PxI6ZxgBZTZE5k4CKCqb8lrWetWvlV2l5fqgTu1GE
W72BzmgvL4kCu4NCLqsdvlRTTd82LkiXyhSd1NxFEvvMU622bOu7dn6LpxkmtPQ7
/p3hnCtrcmkKb7by0eIt3xlMMfnFB6eo/Ob5quXm5xhEF/0Hl1ebv3sKrJ3n6lLa
UOx6s/lpA/Du1IqmXSI0qoTUuTjBXdhhxp1kSvP+FuG5XtG3Ydz0rtx9UqRNVI6B
LYsQfBNJHxKKYJwzmLloc5F5j+v/4IAcBBG6r7zQyJAM2Yf4jSD5c9+a3wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFahVpKkDkraKjf/jiu/hc7c2JVLMB8GA1UdIwQY
MBaAFNwQiclCtoAzaDtN1QbAw290vg6jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JDSnlVSzJnRE5vTzAzVkJzRERiM1MtRHFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8yNDE0OWQtZDExNS00MzMwLWJkNDkt
Y2I1NmVkM2VhN2ZhLzEvVnFGV2txUU9TdG9xTl8tT0s3LUZ6dHpZbFVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy8yNDE0OWQtZDExNS00MzMwLWJkNDktY2I1NmVkM2VhN2Zh
LzEvM0JDSnlVSzJnRE5vTzAzVkJzRERiM1MtRHFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKgmkR6we
MA0GCSqGSIb3DQEBCwUAA4IBAQCLbxEIXXGhM0iNf8+NwAuYETtos9YNWZGPlEda
P8RnCOUECTa0lAtt2RAnqS0wQqeJ2lXquMp6MnrwLIRRhaDqBFtDMaKpzHt/wTL4
imLumaOI9E+3BqfY3eItBlbDmF79hJsX5r1h2n/eqEgEq+l0WF3ng6ca3SdnytGy
xhTzpRjEIZTF/e/ixJAqT32oIm+J1iUBsHy8CZvAjpWubg+44WLwEB+54i8O5O/E
x0m65GAHS7fyTgODocpc6ftduR4IKdxmdy6M2L0Ut+e0O5xLDPXbeGdxs9cMB/80
g9YRhd2vmLJRbj4YNd1HnBEOpa0VxZ80oxSRXTDNHrZld3jA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:46 2024 by rpki-client on console-fra.rpki-client.org