Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/0175e6-427b-4ef9-8eb1-8232e350d458/1/l5D2_L2hf5xGpr6EdpZvIct6KRw.roa
File: l5D2_L2hf5xGpr6EdpZvIct6KRw.roa (raw, json)
Hash identifier: yfud6f/bj2XnUrKZ2OOLSXe+K8y7du0lHZwUCcNPy38=
Subject key identifier: 97:90:F6:FC:BD:A1:7F:9C:46:A6:BE:84:76:96:6F:21:CB:7A:29:1C
Certificate issuer: /CN=23662c9a980ad7584650abaa3545b9ea91d3e35e
Certificate serial: 01856D5CF60EC0A138F91BEE3BA0078BEC79
Authority key identifier: 23:66:2C:9A:98:0A:D7:58:46:50:AB:AA:35:45:B9:EA:91:D3:E3:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I2YsmpgK11hGUKuqNUW56pHT414.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/0175e6-427b-4ef9-8eb1-8232e350d458/1/l5D2_L2hf5xGpr6EdpZvIct6KRw.roa
Signing time: Sun 01 Jan 2023 12:44:46 +0000
ROA not before: Sun 01 Jan 2023 12:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49009
IP address blocks: 2a03:2267:4e16::/48 maxlen: 48
2a03:2267:54ae::/48 maxlen: 48
2a03:2267::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5c:f6:0e:c0:a1:38:f9:1b:ee:3b:a0:07:8b:ec:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23662c9a980ad7584650abaa3545b9ea91d3e35e
Validity
Not Before: Jan 1 12:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9790f6fcbda17f9c46a6be8476966f21cb7a291c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:6e:69:26:69:3c:cc:59:1a:e5:ee:dd:ff:8d:
da:65:07:7c:b8:be:4e:bc:4d:ed:a0:fd:d3:e2:95:
65:1c:4e:72:1c:76:6f:42:9f:6c:4d:b2:5d:0d:e1:
50:8c:a6:96:4e:f3:00:60:e6:43:f5:42:13:d4:f9:
89:9d:7c:fd:6b:66:e4:8b:fb:c7:04:02:1a:a5:de:
be:e2:e8:59:08:aa:ae:fd:ae:86:87:ba:84:d8:f6:
cc:a8:1e:2f:93:e4:65:66:ed:55:9b:66:6a:41:ba:
b9:67:a6:d9:61:9f:93:84:e5:ca:74:be:01:65:6f:
30:e1:50:dc:8a:10:57:11:06:f9:03:23:03:96:46:
75:86:0c:14:2e:4a:1f:af:da:99:44:32:fb:50:e6:
da:f9:c4:2d:95:5c:04:a4:34:aa:60:f4:cb:b2:7c:
ec:97:2d:20:51:38:7b:e2:45:9f:cb:3f:b0:b3:1a:
7c:70:49:78:f2:00:d9:e2:3b:35:5c:75:32:01:78:
d7:e4:c2:41:c8:09:bf:29:f4:be:f5:46:66:b2:c3:
06:56:00:c7:c0:e6:b8:06:69:87:67:e9:96:3e:e0:
ba:7c:c2:14:44:be:37:83:20:89:00:bc:13:31:13:
0e:dd:d6:21:a1:ea:6f:2c:dd:13:a6:43:99:c1:4c:
6f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:90:F6:FC:BD:A1:7F:9C:46:A6:BE:84:76:96:6F:21:CB:7A:29:1C
X509v3 Authority Key Identifier:
keyid:23:66:2C:9A:98:0A:D7:58:46:50:AB:AA:35:45:B9:EA:91:D3:E3:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I2YsmpgK11hGUKuqNUW56pHT414.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/0175e6-427b-4ef9-8eb1-8232e350d458/1/l5D2_L2hf5xGpr6EdpZvIct6KRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/0175e6-427b-4ef9-8eb1-8232e350d458/1/I2YsmpgK11hGUKuqNUW56pHT414.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:2267::/32
Signature Algorithm: sha256WithRSAEncryption
33:fa:10:41:78:36:25:d2:5f:9a:9d:54:0f:bc:19:93:6c:81:
cd:99:c3:71:b2:e6:03:7d:98:f6:8b:8e:b9:de:04:fc:06:d5:
38:bf:5c:d1:c4:53:35:dc:5c:7e:5f:02:a8:b4:5b:8f:a6:1b:
1b:26:82:b4:53:17:a2:23:5b:18:0a:90:1f:83:93:d3:81:b1:
2c:31:ae:5d:a0:9b:d0:e9:e7:18:63:db:09:84:17:c1:54:9d:
12:03:15:4c:26:26:ec:8a:6c:a8:79:f6:4a:7b:ae:13:3d:e2:
d5:4a:8f:f7:2a:be:f3:5a:34:ef:28:7d:74:1e:7d:f8:70:ad:
ba:14:9a:d5:a4:b4:dd:a0:ac:b0:ff:88:b3:4f:e9:b8:09:6d:
07:5f:de:54:db:1b:84:8f:f6:da:dc:2e:dc:d3:2d:48:d7:ea:
b9:52:cb:48:71:5f:43:f5:6e:6a:61:0a:c7:d6:d0:a8:d5:14:
33:89:c9:88:13:e1:1a:4c:8a:e1:ae:15:5d:c1:c0:a2:51:9a:
42:0a:95:b2:08:18:ac:45:7b:e8:a0:b3:e8:61:d1:f4:da:7d:
fa:92:56:f8:fd:3b:5b:e7:3c:32:73:45:d7:54:4b:4c:1e:af:
cf:d4:d6:4c:a0:9e:d4:86:c0:67:bf:1a:41:37:d9:11:32:ad:
c9:fe:2c:8b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtXPYOwKE4+RvuO6AHi+x5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNjYyYzlhOTgwYWQ3NTg0NjUwYWJhYTM1NDViOWVhOTFk
M2UzNWUwHhcNMjMwMTAxMTI0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzkwZjZmY2JkYTE3ZjljNDZhNmJlODQ3Njk2NmYyMWNiN2EyOTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAum5pJmk8zFka5e7d/43aZQd8uL5O
vE3toP3T4pVlHE5yHHZvQp9sTbJdDeFQjKaWTvMAYOZD9UIT1PmJnXz9a2bki/vH
BAIapd6+4uhZCKqu/a6Gh7qE2PbMqB4vk+RlZu1Vm2ZqQbq5Z6bZYZ+ThOXKdL4B
ZW8w4VDcihBXEQb5AyMDlkZ1hgwULkofr9qZRDL7UOba+cQtlVwEpDSqYPTLsnzs
ly0gUTh74kWfyz+wsxp8cEl48gDZ4js1XHUyAXjX5MJByAm/KfS+9UZmssMGVgDH
wOa4BmmHZ+mWPuC6fMIURL43gyCJALwTMRMO3dYhoepvLN0TpkOZwUxvmQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJeQ9vy9oX+cRqa+hHaWbyHLeikcMB8GA1UdIwQY
MBaAFCNmLJqYCtdYRlCrqjVFueqR0+NeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTJZc21wZ0sxMWhHVUt1cU5VVzU2cEhUNDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8wMTc1ZTYtNDI3Yi00ZWY5LThlYjEt
ODIzMmUzNTBkNDU4LzEvbDVEMl9MMmhmNXhHcHI2RWRwWnZJY3Q2S1J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8wMTc1ZTYtNDI3Yi00ZWY5LThlYjEtODIzMmUzNTBkNDU4
LzEvSTJZc21wZ0sxMWhHVUt1cU5VVzU2cEhUNDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgMiZzAN
BgkqhkiG9w0BAQsFAAOCAQEAM/oQQXg2JdJfmp1UD7wZk2yBzZnDcbLmA32Y9ouO
ud4E/AbVOL9c0cRTNdxcfl8CqLRbj6YbGyaCtFMXoiNbGAqQH4OT04GxLDGuXaCb
0OnnGGPbCYQXwVSdEgMVTCYm7IpsqHn2SnuuEz3i1UqP9yq+81o07yh9dB59+HCt
uhSa1aS03aCssP+Is0/puAltB1/eVNsbhI/22twu3NMtSNfquVLLSHFfQ/VuamEK
x9bQqNUUM4nJiBPhGkyK4a4VXcHAolGaQgqVsggYrEV76KCz6GHR9Np9+pJW+P07
W+c8MnNF11RLTB6vz9TWTKCe1IbAZ78aQTfZETKtyf4siw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:10:59 2024 by rpki-client on console-ams.rpki-client.org