Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/rOcLgCMAMQyqkXAjuskSGaghceU.roa
File: rOcLgCMAMQyqkXAjuskSGaghceU.roa (raw, json)
Hash identifier: zuhTe2z5xc79zS+0lb8otojXllczo60A/wyETC4jSqw=
Subject key identifier: AC:E7:0B:80:23:00:31:0C:AA:91:70:23:BA:C9:12:19:A8:21:71:E5
Certificate issuer: /CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Certificate serial: 01856F14BE7EEDC8843CDACC7ABAC7DD0CBF
Authority key identifier: 00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/rOcLgCMAMQyqkXAjuskSGaghceU.roa
Signing time: Sun 01 Jan 2023 20:45:08 +0000
ROA not before: Sun 01 Jan 2023 20:45:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58076
IP address blocks: 2a03:97c0:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:be:7e:ed:c8:84:3c:da:cc:7a:ba:c7:dd:0c:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Validity
Not Before: Jan 1 20:45:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ace70b802300310caa917023bac91219a82171e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ec:04:bf:e7:92:f0:14:d9:37:a4:96:4e:54:
b5:19:78:b6:76:c9:ce:42:53:fa:a7:5c:9a:41:a6:
5b:61:20:cd:0b:64:46:8d:d5:ca:b0:5c:e9:e3:7f:
69:f0:5e:10:c0:3b:ab:17:d9:3c:f1:ca:d4:f5:9e:
a6:2e:96:22:f9:a0:53:b9:af:0b:6d:b2:11:ff:a3:
1e:10:98:85:48:d1:98:84:fd:2b:56:3f:75:3a:e0:
07:a0:cc:c6:1a:41:82:ef:b3:fc:73:da:7d:39:51:
21:3c:dd:5a:f1:c2:1a:4f:99:08:fa:31:52:45:4e:
0f:44:ef:0b:e9:1f:46:06:43:fa:e0:86:38:21:5d:
52:ad:c3:78:ca:53:b3:28:9e:66:b9:68:41:25:4c:
18:76:44:f7:4d:4f:9e:c0:2b:85:f3:2d:eb:f9:82:
1f:20:49:8e:f8:b4:f2:8f:51:f4:cf:24:43:e6:54:
72:f9:5b:f0:81:66:60:82:31:60:9f:4f:a1:76:b1:
4e:45:49:95:83:ba:08:2e:20:dd:1c:12:4f:ae:ed:
9a:7e:8e:6d:e3:fe:61:26:2f:b5:78:bc:b2:92:72:
70:c1:44:01:47:2f:fb:98:01:06:df:f3:63:97:ed:
c9:ee:25:dc:db:cd:68:66:c6:29:c3:09:69:a1:33:
1e:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:E7:0B:80:23:00:31:0C:AA:91:70:23:BA:C9:12:19:A8:21:71:E5
X509v3 Authority Key Identifier:
keyid:00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/rOcLgCMAMQyqkXAjuskSGaghceU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:97c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
3b:fa:41:f6:e8:eb:b6:29:ce:cc:9b:71:72:f6:fb:39:ff:e9:
ec:f3:e9:89:d4:c6:e9:11:25:9e:2b:4a:24:76:7c:5d:da:9c:
e3:24:d3:fe:b7:03:f6:c0:51:79:13:08:7d:da:8e:f2:28:65:
ac:a7:0e:0f:27:2c:d0:9a:1b:fd:11:f0:c6:bb:bf:2d:e2:28:
81:9c:f3:54:28:ab:72:71:a0:d4:0c:a2:21:c1:05:ce:74:fb:
a9:f1:4d:92:08:fa:1b:71:8d:f0:db:cc:ab:af:8c:bf:f5:d9:
98:f0:56:17:af:98:89:87:b6:63:94:c1:f0:0f:05:67:98:9f:
c4:2c:bf:29:76:c3:89:8e:31:86:ca:4e:1f:6b:06:cf:be:23:
d2:19:23:39:4e:b0:8a:2f:96:96:60:5e:c4:7e:2e:9e:29:97:
d6:c1:2c:e9:7f:95:60:61:fd:8c:57:dc:1d:57:6f:65:7e:d5:
45:53:be:5e:bf:e4:ce:53:20:ba:1e:23:26:80:d2:14:29:4b:
07:5f:8f:cc:b3:b9:fb:47:46:b0:c8:a4:c7:b3:d9:f1:77:87:
2e:5f:e4:dc:4a:27:27:88:28:07:e9:d1:19:68:da:65:50:21:
86:32:d5:fa:d4:45:d9:3a:66:8a:85:9a:0d:a7:5d:4f:a5:2d:
23:b1:77:cd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvFL5+7ciEPNrMerrH3Qy/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZTRmNmE3NzM2OGI3Y2VjZmU2NzIyMGI0MzY1NzZiMWUw
MDhhZWMwHhcNMjMwMTAxMjA0NTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2U3MGI4MDIzMDAzMTBjYWE5MTcwMjNiYWM5MTIxOWE4MjE3MWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOwEv+eS8BTZN6SWTlS1GXi2dsnO
QlP6p1yaQaZbYSDNC2RGjdXKsFzp439p8F4QwDurF9k88crU9Z6mLpYi+aBTua8L
bbIR/6MeEJiFSNGYhP0rVj91OuAHoMzGGkGC77P8c9p9OVEhPN1a8cIaT5kI+jFS
RU4PRO8L6R9GBkP64IY4IV1SrcN4ylOzKJ5muWhBJUwYdkT3TU+ewCuF8y3r+YIf
IEmO+LTyj1H0zyRD5lRy+VvwgWZggjFgn0+hdrFORUmVg7oILiDdHBJPru2afo5t
4/5hJi+1eLyyknJwwUQBRy/7mAEG3/Njl+3J7iXc281oZsYpwwlpoTMeNQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKznC4AjADEMqpFwI7rJEhmoIXHlMB8GA1UdIwQY
MBaAFADk9qdzaLfOz+ZyILQ2V2seAIrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMt
YjA3ZDg0MTZhZTRhLzEvck9jTGdDTUFNUXlxa1hBanVza1NHYWdoY2VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMtYjA3ZDg0MTZhZTRh
LzEvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgOXwAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQA7+kH26Ou2Kc7Mm3Fy9vs5/+ns8+mJ1MbpESWe
K0okdnxd2pzjJNP+twP2wFF5Ewh92o7yKGWspw4PJyzQmhv9EfDGu78t4iiBnPNU
KKtycaDUDKIhwQXOdPup8U2SCPobcY3w28yrr4y/9dmY8FYXr5iJh7ZjlMHwDwVn
mJ/ELL8pdsOJjjGGyk4fawbPviPSGSM5TrCKL5aWYF7Efi6eKZfWwSzpf5VgYf2M
V9wdV29lftVFU75ev+TOUyC6HiMmgNIUKUsHX4/Ms7n7R0awyKTHs9nxd4cuX+Tc
SicniCgH6dEZaNplUCGGMtX61EXZOmaKhZoNp11PpS0jsXfN
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:32:05 2024 by rpki-client on console-ams.rpki-client.org