Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/C0fDZtjKS0DYbU4zUHiQQsrckGg.roa
File: C0fDZtjKS0DYbU4zUHiQQsrckGg.roa (raw, json)
Hash identifier: UCTbsjY6ZJvtEbFn+hXuN5UeuX6R8yA0egynBA3xrnc=
Subject key identifier: 0B:47:C3:66:D8:CA:4B:40:D8:6D:4E:33:50:78:90:42:CA:DC:90:68
Certificate issuer: /CN=7d04c25c2f8b47e5daf52d1c4c5a50999dd0a0a9
Certificate serial: 0185710C3DCF1A11D889E749237206687092
Authority key identifier: 7D:04:C2:5C:2F:8B:47:E5:DA:F5:2D:1C:4C:5A:50:99:9D:D0:A0:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/C0fDZtjKS0DYbU4zUHiQQsrckGg.roa
Signing time: Mon 02 Jan 2023 05:55:05 +0000
ROA not before: Mon 02 Jan 2023 05:55:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206731
IP address blocks: 2a04:ff00:300::/40 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:3d:cf:1a:11:d8:89:e7:49:23:72:06:68:70:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d04c25c2f8b47e5daf52d1c4c5a50999dd0a0a9
Validity
Not Before: Jan 2 05:55:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b47c366d8ca4b40d86d4e3350789042cadc9068
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:87:ea:df:ac:a4:73:44:ba:c4:30:0c:ec:bf:
ba:98:a7:df:7e:06:e1:f1:0e:5d:90:48:2c:a3:69:
43:f5:d8:e3:f3:33:e1:96:76:ca:65:57:da:4c:6d:
0b:6d:86:3c:52:64:0a:10:1b:34:ae:04:c6:87:16:
ad:34:b4:ca:45:6c:10:c5:1e:1e:d5:35:03:18:1c:
e7:ad:e7:71:3a:49:11:29:6b:8e:01:68:c0:21:99:
f2:c5:37:a9:3d:51:76:72:c3:37:24:f9:0d:52:d3:
02:ca:53:7a:c9:b7:46:3d:4b:69:bb:0e:37:52:35:
9d:dd:64:d6:4d:74:1d:87:13:a3:80:bb:24:d4:b0:
2f:d1:c1:0e:af:50:33:6c:d7:c7:bc:2e:1c:c3:40:
83:66:84:3c:c2:9c:bb:5b:94:1b:5e:84:b8:8f:56:
01:d1:d7:10:6a:c9:7c:7e:73:4e:65:f2:51:7a:1d:
88:5f:d6:c1:20:c0:19:d9:c0:67:ce:38:56:0f:c9:
2b:5a:45:b2:20:dc:cd:60:77:ee:77:42:bb:11:fe:
4b:f4:4c:99:63:29:6e:0d:1e:02:53:92:a3:d7:f7:
15:2e:ac:4c:df:07:0e:02:ad:5c:a6:85:af:cd:63:
17:05:0f:b0:33:3d:9e:35:bc:7c:aa:05:04:0d:48:
15:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:47:C3:66:D8:CA:4B:40:D8:6D:4E:33:50:78:90:42:CA:DC:90:68
X509v3 Authority Key Identifier:
keyid:7D:04:C2:5C:2F:8B:47:E5:DA:F5:2D:1C:4C:5A:50:99:9D:D0:A0:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/C0fDZtjKS0DYbU4zUHiQQsrckGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:ff00:300::/40
Signature Algorithm: sha256WithRSAEncryption
78:46:e6:c5:d8:db:e4:2d:61:0c:a6:9a:94:c0:26:a0:20:6d:
34:e1:cf:ce:b9:c6:5a:f3:44:8e:9f:86:db:ef:33:24:b3:04:
87:df:ed:51:4e:d5:df:67:7b:3c:21:da:87:18:41:82:f2:bb:
8c:f8:36:c7:26:6b:c5:5d:85:73:9b:b5:cf:8f:6f:57:34:ab:
9d:03:34:e5:21:a0:6d:69:49:c0:e4:8a:8f:7b:99:cd:07:89:
41:2c:d5:2b:33:e7:e9:3e:1e:a4:0a:6c:e0:06:47:f2:b7:97:
3c:f7:15:7d:02:7c:e1:2a:64:4b:51:5b:25:07:8c:68:2f:c3:
fb:bd:ce:47:d0:b2:dc:0a:92:ad:f9:fd:e4:50:35:10:d8:9a:
39:d8:23:22:8f:c1:32:4b:64:9f:34:da:8d:3a:dd:09:e8:80:
eb:40:31:00:8a:4e:6f:96:56:7d:f4:12:99:02:4e:3d:df:1f:
c7:48:7f:3d:25:ac:fd:5e:9a:a4:7a:db:d6:b1:12:de:b1:f1:
86:cf:e0:c2:ca:24:ed:99:e1:3e:82:b2:fc:a3:c4:13:67:22:
ec:1b:82:83:b8:1d:2f:bd:21:98:01:26:11:3c:92:85:eb:c5:
4a:14:41:52:8c:75:26:bd:9b:d9:d3:32:28:60:f5:6f:3f:bb:
91:55:da:39
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVxDD3PGhHYiedJI3IGaHCSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDRjMjVjMmY4YjQ3ZTVkYWY1MmQxYzRjNWE1MDk5OWRk
MGEwYTkwHhcNMjMwMTAyMDU1NTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjQ3YzM2NmQ4Y2E0YjQwZDg2ZDRlMzM1MDc4OTA0MmNhZGM5MDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgofq36ykc0S6xDAM7L+6mKfffgbh
8Q5dkEgso2lD9djj8zPhlnbKZVfaTG0LbYY8UmQKEBs0rgTGhxatNLTKRWwQxR4e
1TUDGBznredxOkkRKWuOAWjAIZnyxTepPVF2csM3JPkNUtMCylN6ybdGPUtpuw43
UjWd3WTWTXQdhxOjgLsk1LAv0cEOr1AzbNfHvC4cw0CDZoQ8wpy7W5QbXoS4j1YB
0dcQasl8fnNOZfJReh2IX9bBIMAZ2cBnzjhWD8krWkWyINzNYHfud0K7Ef5L9EyZ
YyluDR4CU5Kj1/cVLqxM3wcOAq1cpoWvzWMXBQ+wMz2eNbx8qgUEDUgVzwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFAtHw2bYyktA2G1OM1B4kELK3JBoMB8GA1UdIwQY
MBaAFH0Ewlwvi0fl2vUtHExaUJmd0KCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFUQ1hDLUxSLVhhOVMwY1RGcFFtWjNRb0trLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85NzFjYzQtNTRkNS00YzI4LWExYzMt
ZTYzZTk0Y2JhMDlmLzEvQzBmRFp0aktTMERZYlU0elVIaVFRc3Jja0dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85NzFjYzQtNTRkNS00YzI4LWExYzMtZTYzZTk0Y2JhMDlm
LzEvZlFUQ1hDLUxSLVhhOVMwY1RGcFFtWjNRb0trLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgT/AAMw
DQYJKoZIhvcNAQELBQADggEBAHhG5sXY2+QtYQymmpTAJqAgbTThz865xlrzRI6f
htvvMySzBIff7VFO1d9nezwh2ocYQYLyu4z4Nscma8VdhXObtc+Pb1c0q50DNOUh
oG1pScDkio97mc0HiUEs1Ssz5+k+HqQKbOAGR/K3lzz3FX0CfOEqZEtRWyUHjGgv
w/u9zkfQstwKkq35/eRQNRDYmjnYIyKPwTJLZJ802o063QnogOtAMQCKTm+WVn30
EpkCTj3fH8dIfz0lrP1emqR629axEt6x8YbP4MLKJO2Z4T6CsvyjxBNnIuwbgoO4
HS+9IZgBJhE8koXrxUoUQVKMdSa9m9nTMihg9W8/u5FV2jk=
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:25 2024 by rpki-client on console-fra.rpki-client.org