Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/922f6d-7a74-4fa8-9495-184dff292a30/1/IMnBdPI0ZDXlYH-IFaYOwkkDTL0.roa
File: IMnBdPI0ZDXlYH-IFaYOwkkDTL0.roa (raw, json)
Hash identifier: s9jvA6btIM25zVuV4jsYWmfwDczXwDF1m7KXgp3vpGE=
Subject key identifier: 20:C9:C1:74:F2:34:64:35:E5:60:7F:88:15:A6:0E:C2:49:03:4C:BD
Certificate issuer: /CN=3e2742496400d810be5b4096fdedec30a231f9ab
Certificate serial: 0185D09D7018C464A14A64E73E9D8F0704FE
Authority key identifier: 3E:27:42:49:64:00:D8:10:BE:5B:40:96:FD:ED:EC:30:A2:31:F9:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PidCSWQA2BC-W0CW_e3sMKIx-as.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/922f6d-7a74-4fa8-9495-184dff292a30/1/IMnBdPI0ZDXlYH-IFaYOwkkDTL0.roa
Signing time: Fri 20 Jan 2023 19:17:36 +0000
ROA not before: Fri 20 Jan 2023 19:17:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200368
IP address blocks: 2001:67c:b44::/64 maxlen: 64
2001:67c:b44::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:d0:9d:70:18:c4:64:a1:4a:64:e7:3e:9d:8f:07:04:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e2742496400d810be5b4096fdedec30a231f9ab
Validity
Not Before: Jan 20 19:17:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20c9c174f2346435e5607f8815a60ec249034cbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:72:82:b4:57:69:75:c3:b0:e1:bd:80:07:7f:
0e:d1:a5:e5:0e:39:81:d2:bd:0b:f7:a2:3b:f4:67:
e7:7d:10:da:a9:0a:ed:d6:fc:87:b1:d3:10:42:bb:
f8:b2:32:fd:97:b8:f3:3f:f7:dc:a2:ce:ae:d8:82:
e1:7b:08:c1:92:23:3d:b2:c7:46:04:0a:9a:da:97:
51:ca:9f:6d:77:a9:f2:0d:70:42:93:a0:dd:25:74:
f2:eb:70:cc:11:f4:54:33:ad:bf:07:79:87:79:5e:
6d:f4:4f:dd:b4:ed:47:7b:36:da:c0:33:cb:3a:ab:
1a:99:60:a5:57:27:9b:eb:04:e1:17:e9:99:3f:7d:
f2:d2:4a:4e:e1:82:d1:eb:2a:f0:0c:9e:e6:22:5f:
bc:48:5d:30:86:25:4b:a2:9a:3a:26:c7:88:7a:e4:
35:1c:c3:69:1e:e0:15:fb:be:43:f5:fc:5a:9c:b1:
66:e8:2d:c3:21:c9:c5:a0:d0:03:ca:24:82:da:0e:
f1:10:30:13:39:46:3c:ca:87:d1:8b:dd:4e:94:df:
ee:d3:b6:51:9c:68:e8:e9:f5:ee:ee:69:4e:2c:38:
b9:79:71:95:c2:8d:39:05:fc:ce:93:b9:90:5a:f4:
17:3f:4f:b7:93:69:e4:be:1b:53:dc:8d:f8:9e:4c:
c2:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:C9:C1:74:F2:34:64:35:E5:60:7F:88:15:A6:0E:C2:49:03:4C:BD
X509v3 Authority Key Identifier:
keyid:3E:27:42:49:64:00:D8:10:BE:5B:40:96:FD:ED:EC:30:A2:31:F9:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PidCSWQA2BC-W0CW_e3sMKIx-as.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/922f6d-7a74-4fa8-9495-184dff292a30/1/IMnBdPI0ZDXlYH-IFaYOwkkDTL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/922f6d-7a74-4fa8-9495-184dff292a30/1/PidCSWQA2BC-W0CW_e3sMKIx-as.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:b44::/48
Signature Algorithm: sha256WithRSAEncryption
77:e1:c9:9e:19:dc:62:ff:4f:9e:51:2a:3d:d2:e2:f9:13:c1:
c1:90:22:6f:04:ce:7e:5a:cb:22:bc:79:c9:ee:4c:ec:2d:3f:
cc:40:ea:d2:85:27:76:4d:24:d1:dd:0a:6c:ff:39:58:33:86:
cd:1e:35:ea:05:2e:f7:7b:e4:eb:ca:b3:dc:b0:6d:2c:2a:34:
3c:17:5e:1f:24:76:8f:7d:8f:ac:6f:04:34:ba:65:32:2d:8a:
e8:6e:47:f7:84:b8:d8:9f:f1:89:e3:fd:45:4e:c5:15:69:7b:
04:0a:a7:6c:15:8a:9d:5d:68:92:4b:59:08:1c:fa:64:fb:29:
8b:0a:d0:17:be:2c:0b:db:c1:2f:c1:21:8e:35:48:a9:2f:af:
9f:1b:5d:76:88:88:18:87:84:fc:4a:98:e6:4b:eb:b7:ee:50:
44:91:fb:aa:cb:38:65:9e:53:17:06:92:c2:f6:36:5a:89:63:
97:05:d7:b6:c1:af:55:ba:6e:32:a4:96:e9:07:0c:4c:7d:e2:
b1:d5:ad:92:4e:98:db:98:14:ee:d4:8c:93:ec:53:ec:89:88:
b9:e5:e0:dc:34:ed:6d:af:04:07:96:3e:dd:b5:a6:47:0f:ac:
8a:86:f5:91:2e:c9:cc:fc:e1:9f:52:d8:d3:b2:d8:f5:65:dd:
77:a9:7c:f9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXQnXAYxGShSmTnPp2PBwT+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjc0MjQ5NjQwMGQ4MTBiZTViNDA5NmZkZWRlYzMwYTIz
MWY5YWIwHhcNMjMwMTIwMTkxNzM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGM5YzE3NGYyMzQ2NDM1ZTU2MDdmODgxNWE2MGVjMjQ5MDM0Y2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknKCtFdpdcOw4b2AB38O0aXlDjmB
0r0L96I79GfnfRDaqQrt1vyHsdMQQrv4sjL9l7jzP/fcos6u2ILhewjBkiM9ssdG
BAqa2pdRyp9td6nyDXBCk6DdJXTy63DMEfRUM62/B3mHeV5t9E/dtO1HezbawDPL
OqsamWClVyeb6wThF+mZP33y0kpO4YLR6yrwDJ7mIl+8SF0whiVLopo6JseIeuQ1
HMNpHuAV+75D9fxanLFm6C3DIcnFoNADyiSC2g7xEDATOUY8yofRi91OlN/u07ZR
nGjo6fXu7mlOLDi5eXGVwo05BfzOk7mQWvQXP0+3k2nkvhtT3I34nkzCdwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCDJwXTyNGQ15WB/iBWmDsJJA0y9MB8GA1UdIwQY
MBaAFD4nQklkANgQvltAlv3t7DCiMfmrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlkQ1NXUUEyQkMtVzBDV19lM3NNS0l4LWFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85MjJmNmQtN2E3NC00ZmE4LTk0OTUt
MTg0ZGZmMjkyYTMwLzEvSU1uQmRQSTBaRFhsWUgtSUZhWU93a2tEVEwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85MjJmNmQtN2E3NC00ZmE4LTk0OTUtMTg0ZGZmMjkyYTMw
LzEvUGlkQ1NXUUEyQkMtVzBDV19lM3NNS0l4LWFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAtE
MA0GCSqGSIb3DQEBCwUAA4IBAQB34cmeGdxi/0+eUSo90uL5E8HBkCJvBM5+Wssi
vHnJ7kzsLT/MQOrShSd2TSTR3Qps/zlYM4bNHjXqBS73e+TryrPcsG0sKjQ8F14f
JHaPfY+sbwQ0umUyLYrobkf3hLjYn/GJ4/1FTsUVaXsECqdsFYqdXWiSS1kIHPpk
+ymLCtAXviwL28EvwSGONUipL6+fG112iIgYh4T8SpjmS+u37lBEkfuqyzhlnlMX
BpLC9jZaiWOXBde2wa9Vum4ypJbpBwxMfeKx1a2STpjbmBTu1IyT7FPsiYi55eDc
NO1trwQHlj7dtaZHD6yKhvWRLsnM/OGfUtjTstj1Zd13qXz5
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:26 2023 by rpki-client on console-fra.rpki-client.org