Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/JaP5IOvdKxzxuhe6f4a0yBdGrrI.roa
File: JaP5IOvdKxzxuhe6f4a0yBdGrrI.roa (raw, json)
Hash identifier: nnYXk4pMrsP4B0JRT34bnuWVFmMQqsY+px1L30jIP4A=
Subject key identifier: 25:A3:F9:20:EB:DD:2B:1C:F1:BA:17:BA:7F:86:B4:C8:17:46:AE:B2
Certificate issuer: /CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2
Certificate serial: 01856E2FD2DA43FE89BB64898DC324FEC1EC
Authority key identifier: 34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/JaP5IOvdKxzxuhe6f4a0yBdGrrI.roa
Signing time: Sun 01 Jan 2023 16:35:05 +0000
ROA not before: Sun 01 Jan 2023 16:35:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 2a01:b960::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:d2:da:43:fe:89:bb:64:89:8d:c3:24:fe:c1:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2
Validity
Not Before: Jan 1 16:35:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25a3f920ebdd2b1cf1ba17ba7f86b4c81746aeb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:f4:3f:6c:51:5e:41:40:54:d3:4b:39:61:4d:
ab:08:16:a0:35:2e:fb:2c:f7:19:fc:1b:61:32:06:
19:77:17:c4:9f:af:94:39:0d:ad:57:37:4a:76:a3:
d5:84:27:b3:63:4e:2a:26:6d:06:cc:31:da:ab:e5:
35:fc:ce:28:20:60:44:c3:e5:e2:65:8e:35:0d:bb:
bd:c5:ff:12:02:07:fa:49:9d:af:ac:2b:16:c0:ab:
ef:98:32:bc:d9:bc:d4:54:b6:cb:30:6a:31:df:da:
72:ac:6b:85:35:3a:7e:80:20:38:11:d7:2a:ff:56:
8c:3f:8f:7b:40:9f:49:d7:02:82:3a:5f:f7:85:c3:
93:72:a7:cd:d4:56:da:82:9a:a1:df:75:53:66:93:
21:c4:ae:07:15:b9:69:f1:c1:9a:0a:bd:07:3a:16:
df:89:0e:df:35:ec:45:df:53:52:08:82:96:23:f9:
ee:1e:e6:c6:ad:f6:f4:fe:38:ae:70:79:53:e9:ee:
1d:b9:a7:78:0c:73:c6:79:57:a2:8b:b5:1d:43:62:
25:6c:78:06:cf:57:16:5c:ea:e8:10:5b:82:15:3a:
3e:6f:f6:cd:e4:76:83:e5:44:77:ae:9a:a0:ea:ad:
ee:23:18:69:2d:39:c4:8f:aa:ef:a5:0a:3b:c3:68:
78:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:A3:F9:20:EB:DD:2B:1C:F1:BA:17:BA:7F:86:B4:C8:17:46:AE:B2
X509v3 Authority Key Identifier:
keyid:34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/JaP5IOvdKxzxuhe6f4a0yBdGrrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:b960::/32
Signature Algorithm: sha256WithRSAEncryption
88:cd:16:21:7c:19:fd:19:71:ce:4a:86:42:b1:ac:65:4a:bd:
f5:0e:77:c4:bd:4a:fe:ae:0f:70:60:3e:68:3b:4e:86:88:2a:
c0:ce:de:cd:6a:a8:1d:75:21:2d:10:99:d6:a2:97:cc:c1:82:
62:da:b6:1b:ef:46:0e:8b:16:05:a2:74:f4:c7:b3:22:52:57:
d9:b7:bd:19:a4:9d:83:b5:c8:cf:b0:aa:da:dc:b5:7a:9b:3d:
92:90:41:51:4d:cf:b7:a3:b6:17:74:62:7d:0e:d3:db:09:10:
f2:17:b6:59:32:5c:a6:d8:8c:0c:b2:bb:d3:60:4c:34:97:8d:
22:f6:41:ed:5a:cf:b9:c0:b9:1b:0b:06:fc:39:fe:1c:94:34:
c8:39:09:13:01:5a:aa:23:da:ce:cf:b5:40:61:a8:78:a7:b6:
ef:63:6f:ea:c7:51:31:bb:61:70:c4:63:c0:fa:0b:76:f4:e3:
7e:6f:3f:29:b2:0d:66:de:2e:d7:8a:08:25:04:ba:0b:b1:5a:
99:db:f2:46:7e:9c:a3:1f:eb:7a:b0:35:1c:fe:5d:69:63:c5:
ac:0c:79:b6:b9:08:fe:eb:f5:f7:91:2c:02:ae:c4:77:17:3a:
77:0d:fd:60:b9:63:99:da:76:b3:90:be:61:31:84:19:11:b2:
7c:b6:34:31
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVuL9LaQ/6Ju2SJjcMk/sHsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZjE3MjZlYTRiZDZkM2M4MDkxYWUwYzhhZDFhMDNlOTFl
MzU5YTIwHhcNMjMwMTAxMTYzNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWEzZjkyMGViZGQyYjFjZjFiYTE3YmE3Zjg2YjRjODE3NDZhZWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfQ/bFFeQUBU00s5YU2rCBagNS77
LPcZ/BthMgYZdxfEn6+UOQ2tVzdKdqPVhCezY04qJm0GzDHaq+U1/M4oIGBEw+Xi
ZY41Dbu9xf8SAgf6SZ2vrCsWwKvvmDK82bzUVLbLMGox39pyrGuFNTp+gCA4Edcq
/1aMP497QJ9J1wKCOl/3hcOTcqfN1Fbagpqh33VTZpMhxK4HFblp8cGaCr0HOhbf
iQ7fNexF31NSCIKWI/nuHubGrfb0/jiucHlT6e4duad4DHPGeVeii7UdQ2IlbHgG
z1cWXOroEFuCFTo+b/bN5HaD5UR3rpqg6q3uIxhpLTnEj6rvpQo7w2h4oQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCWj+SDr3Ssc8boXun+GtMgXRq6yMB8GA1UdIwQY
MBaAFDTxcm6kvW08gJGuDIrRoD6R41miMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlBGeWJxUzliVHlBa2E0TWl0R2dQcEhqV2FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lZjhlODQtOTE2MS00MDJjLTgxYWQt
ZThlOGQyZmU3MGZlLzEvSmFQNUlPdmRLeHp4dWhlNmY0YTB5QmRHcnJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lZjhlODQtOTE2MS00MDJjLTgxYWQtZThlOGQyZmU3MGZl
LzEvTlBGeWJxUzliVHlBa2E0TWl0R2dQcEhqV2FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgG5YDAN
BgkqhkiG9w0BAQsFAAOCAQEAiM0WIXwZ/RlxzkqGQrGsZUq99Q53xL1K/q4PcGA+
aDtOhogqwM7ezWqoHXUhLRCZ1qKXzMGCYtq2G+9GDosWBaJ09MezIlJX2be9GaSd
g7XIz7Cq2ty1eps9kpBBUU3Pt6O2F3RifQ7T2wkQ8he2WTJcptiMDLK702BMNJeN
IvZB7VrPucC5GwsG/Dn+HJQ0yDkJEwFaqiPazs+1QGGoeKe272Nv6sdRMbthcMRj
wPoLdvTjfm8/KbINZt4u14oIJQS6C7FamdvyRn6cox/rerA1HP5daWPFrAx5trkI
/uv195EsAq7Edxc6dw39YLljmdp2s5C+YTGEGRGyfLY0MQ==
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:40:30 2024 by rpki-client on console-ams.rpki-client.org