Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/P97jFZYh_IBN-SspP398G9kIrrE.roa
File: P97jFZYh_IBN-SspP398G9kIrrE.roa (raw, json)
Hash identifier: CAE0ZZsMV73d8zpxcGmHIt6HoLf6KF4R91H3ApGvte4=
Subject key identifier: 3F:DE:E3:15:96:21:FC:80:4D:F9:2B:29:3F:7F:7C:1B:D9:08:AE:B1
Certificate issuer: /CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d
Certificate serial: 018B2F1919B77AA54463EE93AF1A14FF8EB8
Authority key identifier: FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/P97jFZYh_IBN-SspP398G9kIrrE.roa
Signing time: Sat 14 Oct 2023 16:50:55 +0000
ROA not before: Sat 14 Oct 2023 16:50:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216243
IP address blocks: 2a13:a5c7:1500::/40 maxlen: 48
2a13:a5c4::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:2f:19:19:b7:7a:a5:44:63:ee:93:af:1a:14:ff:8e:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d
Validity
Not Before: Oct 14 16:50:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3fdee3159621fc804df92b293f7f7c1bd908aeb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b7:14:ca:c8:7d:25:9b:c9:df:da:53:64:e8:
71:dc:e0:3e:c5:60:93:ce:2f:64:ed:f5:1b:24:39:
7c:66:6b:3e:93:44:38:7a:2f:e5:5f:0d:a5:96:46:
c2:ff:aa:f3:fc:51:a4:6f:a3:fa:c3:5d:60:53:8a:
ff:65:17:40:2e:c3:df:ac:07:18:4c:3e:30:84:20:
a1:53:fe:b9:3b:b1:6a:b0:f3:5e:35:19:6b:93:f0:
c1:67:f6:f2:99:f4:19:b9:62:10:dd:33:c8:5e:97:
6b:36:d2:96:cb:26:32:ef:bd:36:0b:42:88:16:83:
37:bd:d6:6b:0f:90:25:ef:98:74:8b:46:9e:28:ce:
43:6a:e9:b5:d5:06:84:11:b5:e0:d0:12:ce:28:9d:
65:42:00:99:1f:cd:76:6e:9d:59:7a:ef:12:a2:53:
f9:59:8b:56:3e:eb:f1:b9:4a:f2:57:14:22:23:5f:
30:3e:d9:68:77:98:8a:d5:71:35:87:2a:d8:7b:44:
24:a5:29:c8:be:cf:9a:45:a5:0d:57:9e:03:82:bd:
1d:2f:43:a5:b3:e0:24:37:a2:ab:0f:65:6c:40:6a:
cb:f6:ae:70:38:b3:e0:82:52:36:94:d8:f0:0d:87:
45:d3:1b:d9:c7:d0:ae:c4:4f:6f:b6:94:e4:cf:0e:
ff:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:DE:E3:15:96:21:FC:80:4D:F9:2B:29:3F:7F:7C:1B:D9:08:AE:B1
X509v3 Authority Key Identifier:
keyid:FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/P97jFZYh_IBN-SspP398G9kIrrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:a5c4::/32
2a13:a5c7:1500::/40
Signature Algorithm: sha256WithRSAEncryption
9a:8f:7b:7f:b0:e9:bc:8b:6b:cf:de:60:7c:f1:11:46:84:c1:
ab:47:29:36:b2:d6:eb:09:b2:f4:dc:a3:55:05:1e:3b:a1:72:
e4:45:b8:44:f9:fa:99:b7:45:d3:84:2d:d8:c4:bd:33:f6:ad:
18:df:d9:35:8d:50:67:1c:fa:0e:0e:95:ad:44:4c:73:29:ce:
98:7c:a4:16:40:2d:c1:5f:f6:9e:ef:e1:a0:c6:ef:53:34:ba:
9d:66:1c:32:51:86:43:34:07:ce:7d:a6:3f:8a:ef:0b:31:84:
76:a1:6a:60:c6:b7:0a:80:df:1d:7d:89:44:dd:84:85:3b:6c:
e8:d9:b9:e6:85:c7:c2:23:0f:c4:3a:2e:e4:95:e5:88:5b:ef:
31:9c:11:c6:8b:03:f2:83:c9:dc:3e:d5:67:bf:03:96:2e:05:
54:76:38:c2:24:7d:df:f0:75:c8:76:7c:4a:4a:33:6d:90:e8:
dd:ac:5d:0f:2c:06:e6:11:36:8b:13:20:3c:3e:59:5b:2f:32:
90:28:db:74:13:e2:2b:3a:23:d2:d5:57:0f:e6:2b:9a:c2:a8:
90:9f:51:d2:50:9b:d5:75:e0:9c:be:89:2f:7b:44:1d:a6:66:
85:2f:ec:89:8c:dc:d9:94:84:b4:6f:13:30:0e:9c:fe:64:8c:
66:c3:dc:92
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAYsvGRm3eqVEY+6TrxoU/464MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZDZlZTAxMGI5OTBhMzM3MzU3NTZiNGZlMmYzZDNjMjY3
MWRkOWQwHhcNMjMxMDE0MTY1MDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmRlZTMxNTk2MjFmYzgwNGRmOTJiMjkzZjdmN2MxYmQ5MDhhZWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7cUysh9JZvJ39pTZOhx3OA+xWCT
zi9k7fUbJDl8Zms+k0Q4ei/lXw2llkbC/6rz/FGkb6P6w11gU4r/ZRdALsPfrAcY
TD4whCChU/65O7FqsPNeNRlrk/DBZ/bymfQZuWIQ3TPIXpdrNtKWyyYy7702C0KI
FoM3vdZrD5Al75h0i0aeKM5Daum11QaEEbXg0BLOKJ1lQgCZH812bp1Zeu8SolP5
WYtWPuvxuUryVxQiI18wPtlod5iK1XE1hyrYe0QkpSnIvs+aRaUNV54Dgr0dL0Ol
s+AkN6KrD2VsQGrL9q5wOLPgglI2lNjwDYdF0xvZx9CuxE9vtpTkzw7/UQIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFD/e4xWWIfyATfkrKT9/fBvZCK6xMB8GA1UdIwQY
MBaAFP3W7gELmQozc1dWtP4vPTwmcd2dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDct
NjNjNzIxY2YxZjU2LzEvUDk3akZaWWhfSUJOLVNzcFAzOThHOWtJcnJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDctNjNjNzIxY2YxZjU2
LzEvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCgGCCsGAQUFBwEHAQH/BBkwFzAVBAIAAjAPAwUAKhOlxAMG
ACoTpccVMA0GCSqGSIb3DQEBCwUAA4IBAQCaj3t/sOm8i2vP3mB88RFGhMGrRyk2
stbrCbL03KNVBR47oXLkRbhE+fqZt0XThC3YxL0z9q0Y39k1jVBnHPoODpWtRExz
Kc6YfKQWQC3BX/ae7+Ggxu9TNLqdZhwyUYZDNAfOfaY/iu8LMYR2oWpgxrcKgN8d
fYlE3YSFO2zo2bnmhcfCIw/EOi7kleWIW+8xnBHGiwPyg8ncPtVnvwOWLgVUdjjC
JH3f8HXIdnxKSjNtkOjdrF0PLAbmETaLEyA8PllbLzKQKNt0E+IrOiPS1VcP5iua
wqiQn1HSUJvVdeCcvokve0QdpmaFL+yJjNzZlIS0bxMwDpz+ZIxmw9yS
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:43 2024 by rpki-client on console-ams.rpki-client.org