Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/a0IaHkwW2U9qBYiq5TA5tdHMCXQ.roa
File: a0IaHkwW2U9qBYiq5TA5tdHMCXQ.roa (raw, json)
Hash identifier: KFEA3rwrKWnMnXqOZ/gP2cfjwo7lRyyMEd6TMUikFAc=
Subject key identifier: 6B:42:1A:1E:4C:16:D9:4F:6A:05:88:AA:E5:30:39:B5:D1:CC:09:74
Certificate issuer: /CN=03cbdb0595fc48902938a78f42c1eaf0a159bf46
Certificate serial: 01857271407EB7C1820A9854D26D7B0AB494
Authority key identifier: 03:CB:DB:05:95:FC:48:90:29:38:A7:8F:42:C1:EA:F0:A1:59:BF:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/a0IaHkwW2U9qBYiq5TA5tdHMCXQ.roa
Signing time: Mon 02 Jan 2023 12:25:02 +0000
ROA not before: Mon 02 Jan 2023 12:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39020
IP address blocks: 2a0f:8c00::/33 maxlen: 33
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:71:40:7e:b7:c1:82:0a:98:54:d2:6d:7b:0a:b4:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03cbdb0595fc48902938a78f42c1eaf0a159bf46
Validity
Not Before: Jan 2 12:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b421a1e4c16d94f6a0588aae53039b5d1cc0974
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c7:f7:c9:5d:13:f3:f1:fa:20:33:f8:94:84:
1f:cf:e9:57:08:41:52:a7:dd:f5:0b:f7:8b:0a:57:
e6:56:a6:9a:c7:23:c5:5c:b2:4d:37:22:e7:d1:dc:
d8:f7:a6:89:ec:f3:59:d7:da:0a:9c:29:d2:9c:25:
d7:47:3d:d0:1e:97:36:dc:0c:6d:6c:93:07:d3:67:
f8:d4:ed:a9:49:7e:44:16:15:3d:bb:a1:c3:1d:19:
a2:dc:1a:61:d3:88:4e:1a:aa:bd:7a:e5:2a:9d:07:
51:06:41:a1:18:68:e5:51:48:df:36:7b:10:78:a4:
ba:66:70:74:31:8a:56:f7:5e:b4:9b:de:4e:dd:c8:
07:30:eb:c5:c8:b7:70:3f:d4:ac:9a:f3:3d:7e:ed:
66:8b:44:e8:ae:39:5a:85:6a:1d:4f:97:ae:77:53:
e9:c7:fa:2b:6d:aa:b4:8a:28:3c:94:75:10:4f:64:
6d:88:da:f2:18:1b:0e:e3:5f:fd:83:93:71:bd:f5:
81:f0:57:34:fe:10:7f:25:17:ef:7d:64:0a:ed:6c:
53:fd:d1:aa:55:64:9b:f5:5a:67:4f:61:bc:f8:a4:
f2:fc:d9:f4:aa:9d:b2:29:ea:34:fc:48:b0:c9:20:
7b:c2:a0:62:40:db:4c:fb:f0:12:db:e9:a2:63:9c:
ae:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:42:1A:1E:4C:16:D9:4F:6A:05:88:AA:E5:30:39:B5:D1:CC:09:74
X509v3 Authority Key Identifier:
keyid:03:CB:DB:05:95:FC:48:90:29:38:A7:8F:42:C1:EA:F0:A1:59:BF:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/a0IaHkwW2U9qBYiq5TA5tdHMCXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/A8vbBZX8SJApOKePQsHq8KFZv0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:8c00::/33
Signature Algorithm: sha256WithRSAEncryption
39:80:56:da:74:14:4c:6d:1e:b0:bd:b6:22:06:ff:68:8c:6f:
19:0c:f3:21:4a:5a:e2:f8:bf:86:4d:66:43:46:53:49:94:52:
d4:a1:f7:49:ab:42:1c:1a:0a:95:c7:04:12:34:a0:b2:48:41:
0c:36:a0:1f:3c:c5:1b:d1:c7:68:0c:e7:94:01:55:d7:f7:97:
04:56:68:ad:7f:a6:7d:99:6d:b4:ed:c2:00:a6:bf:f3:c6:2c:
1d:b2:b6:22:53:81:59:d3:fa:8f:f4:74:13:fe:8d:77:cf:7d:
f3:01:61:5e:4f:2a:15:4a:98:70:c4:e4:27:86:18:79:8f:58:
5c:88:18:5e:6a:d9:b5:b5:bf:15:74:eb:bb:f5:b6:e7:b2:5a:
46:1e:fa:a8:d7:52:b4:4a:4a:84:f8:35:a9:9b:06:05:f7:6d:
c6:b9:f9:5c:89:bd:2c:69:82:3d:d0:f3:24:32:83:0d:06:26:
fc:e0:6a:d1:ae:1e:0a:16:33:97:09:75:df:5d:0f:f0:df:2b:
c1:22:78:b5:9b:69:1a:cb:61:bb:04:d1:c2:42:ef:a3:6e:ce:
2e:1a:69:f2:00:5c:42:27:5e:73:46:ce:00:d8:7c:df:6e:8d:
52:21:e5:b2:56:83:26:84:ea:bc:52:74:ff:ef:27:09:e0:d5:
96:72:04:71
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVycUB+t8GCCphU0m17CrSUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzY2JkYjA1OTVmYzQ4OTAyOTM4YTc4ZjQyYzFlYWYwYTE1
OWJmNDYwHhcNMjMwMTAyMTIyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjQyMWExZTRjMTZkOTRmNmEwNTg4YWFlNTMwMzliNWQxY2MwOTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMf3yV0T8/H6IDP4lIQfz+lXCEFS
p931C/eLClfmVqaaxyPFXLJNNyLn0dzY96aJ7PNZ19oKnCnSnCXXRz3QHpc23Axt
bJMH02f41O2pSX5EFhU9u6HDHRmi3Bph04hOGqq9euUqnQdRBkGhGGjlUUjfNnsQ
eKS6ZnB0MYpW9160m95O3cgHMOvFyLdwP9SsmvM9fu1mi0TorjlahWodT5eud1Pp
x/orbaq0iig8lHUQT2RtiNryGBsO41/9g5NxvfWB8Fc0/hB/JRfvfWQK7WxT/dGq
VWSb9VpnT2G8+KTy/Nn0qp2yKeo0/EiwySB7wqBiQNtM+/AS2+miY5yuzQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGtCGh5MFtlPagWIquUwObXRzAl0MB8GA1UdIwQY
MBaAFAPL2wWV/EiQKTinj0LB6vChWb9GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTh2YkJaWDhTSkFwT0tlUFFzSHE4S0ZadjBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80YTdkN2YtODg2ZC00YmRmLTgzZDYt
ZjY2MTM4MDY2MzU4LzEvYTBJYUhrd1cyVTlxQllpcTVUQTV0ZEhNQ1hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My80YTdkN2YtODg2ZC00YmRmLTgzZDYtZjY2MTM4MDY2MzU4
LzEvQTh2YkJaWDhTSkFwT0tlUFFzSHE4S0ZadjBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYHKg+MAAAw
DQYJKoZIhvcNAQELBQADggEBADmAVtp0FExtHrC9tiIG/2iMbxkM8yFKWuL4v4ZN
ZkNGU0mUUtSh90mrQhwaCpXHBBI0oLJIQQw2oB88xRvRx2gM55QBVdf3lwRWaK1/
pn2ZbbTtwgCmv/PGLB2ytiJTgVnT+o/0dBP+jXfPffMBYV5PKhVKmHDE5CeGGHmP
WFyIGF5q2bW1vxV067v1tueyWkYe+qjXUrRKSoT4NambBgX3bca5+VyJvSxpgj3Q
8yQygw0GJvzgatGuHgoWM5cJdd9dD/DfK8EieLWbaRrLYbsE0cJC76Nuzi4aafIA
XEInXnNGzgDYfN9ujVIh5bJWgyaE6rxSdP/vJwng1ZZyBHE=
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:40:35 2024 by rpki-client on console-ams.rpki-client.org