Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/Lu2nu7I6aGfHNWQ1iV_nsiHnFRE.roa
File: Lu2nu7I6aGfHNWQ1iV_nsiHnFRE.roa (raw, json)
Hash identifier: IgOPCJnkKxJV34ZmwqjDFOP2yoDAU7bFaswfdlHkkKw=
Subject key identifier: 2E:ED:A7:BB:B2:3A:68:67:C7:35:64:35:89:5F:E7:B2:21:E7:15:11
Certificate issuer: /CN=f50bae60970a2dfc86dd607c5b915ad5c534b413
Certificate serial: 01856D8ACA38E9F0704E8002E1F9D5D95DF0
Authority key identifier: F5:0B:AE:60:97:0A:2D:FC:86:DD:60:7C:5B:91:5A:D5:C5:34:B4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/Lu2nu7I6aGfHNWQ1iV_nsiHnFRE.roa
Signing time: Sun 01 Jan 2023 13:34:50 +0000
ROA not before: Sun 01 Jan 2023 13:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210805
IP address blocks: 2a0a:2786::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:ca:38:e9:f0:70:4e:80:02:e1:f9:d5:d9:5d:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f50bae60970a2dfc86dd607c5b915ad5c534b413
Validity
Not Before: Jan 1 13:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2eeda7bbb23a6867c7356435895fe7b221e71511
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:fa:b5:a1:64:11:81:c1:7c:ed:41:6b:81:6e:
30:37:7d:4f:a7:2a:2c:72:07:c4:bc:d3:ff:4b:97:
10:28:a9:3f:ac:d9:d4:c8:31:24:23:c4:25:ca:76:
42:61:95:df:37:cd:f0:51:a7:3b:3d:52:a4:b8:e4:
25:e8:24:54:b0:cc:3d:4b:f4:84:8a:54:92:ff:40:
d9:4a:22:4e:17:ac:46:35:a6:a5:d4:18:d0:ef:6a:
2c:de:29:41:55:95:df:1d:f5:bf:59:67:3e:13:13:
ed:55:c5:15:1b:0e:c1:2e:45:ca:fb:88:d5:3b:5d:
13:51:c5:ce:a9:10:7c:fb:45:01:2b:fa:0e:55:2c:
3d:00:2d:56:68:eb:95:76:cb:cf:34:35:38:9b:18:
54:ab:76:5d:a0:9e:81:50:79:7b:b6:3f:04:34:8f:
27:b6:64:82:49:59:ca:10:b6:6d:32:ab:70:08:a4:
da:9b:43:34:86:8f:02:90:f9:52:c7:2c:33:a2:b8:
94:a6:a9:08:2f:3f:d4:86:f4:49:e5:8b:d3:eb:5a:
64:7d:cc:df:fb:d7:a9:8d:97:0a:b7:7d:c7:d2:5d:
6a:24:97:d4:aa:f9:7f:2b:62:3a:b1:c1:91:82:f2:
6f:b9:fe:09:e2:10:bd:46:d5:e2:7e:78:85:c2:10:
c6:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:ED:A7:BB:B2:3A:68:67:C7:35:64:35:89:5F:E7:B2:21:E7:15:11
X509v3 Authority Key Identifier:
keyid:F5:0B:AE:60:97:0A:2D:FC:86:DD:60:7C:5B:91:5A:D5:C5:34:B4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/Lu2nu7I6aGfHNWQ1iV_nsiHnFRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2786::/32
Signature Algorithm: sha256WithRSAEncryption
52:44:56:cc:41:15:84:ec:38:09:f1:ce:eb:a0:2a:25:01:ca:
ea:6a:b7:de:34:e8:21:0d:6a:a8:45:90:e8:bd:cf:6f:ad:0a:
26:1c:8e:ff:2f:2f:ad:dd:76:1d:7b:d9:65:db:78:3b:4b:00:
42:79:fe:16:e0:73:78:a0:ed:e9:ef:6d:bb:5c:52:e9:55:6c:
a4:5b:72:c3:a9:b8:76:22:28:af:9c:be:33:a7:44:28:cc:66:
93:b0:7c:54:fc:4c:fd:39:e1:a2:29:07:bb:3f:66:d5:1d:70:
31:d5:a0:c0:47:e6:cd:d8:a0:b9:a7:3f:2f:85:52:ba:42:b0:
06:00:29:70:c0:9a:7a:2f:17:f4:9d:c2:e7:69:e8:e8:5e:7d:
fc:5d:bf:dc:31:cb:be:70:e2:34:44:74:3e:59:f0:87:75:5a:
a4:6c:43:37:74:4c:fd:bb:ed:e7:da:89:f2:77:31:08:be:a3:
1b:da:41:ca:c8:eb:3f:3b:19:d0:db:0b:85:78:75:32:a8:cb:
1a:5e:48:9b:f9:42:54:ea:3b:7a:c5:92:bf:3b:67:44:81:1c:
80:e4:f1:bb:7e:ee:87:9c:1a:1e:76:95:ba:81:33:ef:df:dd:
8c:a7:d3:91:25:f6:34:4e:e9:65:fd:44:77:64:52:75:dc:5d:
2f:ef:15:03
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtiso46fBwToAC4fnV2V3wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MGJhZTYwOTcwYTJkZmM4NmRkNjA3YzViOTE1YWQ1YzUz
NGI0MTMwHhcNMjMwMTAxMTMzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWVkYTdiYmIyM2E2ODY3YzczNTY0MzU4OTVmZTdiMjIxZTcxNTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/q1oWQRgcF87UFrgW4wN31Ppyos
cgfEvNP/S5cQKKk/rNnUyDEkI8QlynZCYZXfN83wUac7PVKkuOQl6CRUsMw9S/SE
ilSS/0DZSiJOF6xGNaal1BjQ72os3ilBVZXfHfW/WWc+ExPtVcUVGw7BLkXK+4jV
O10TUcXOqRB8+0UBK/oOVSw9AC1WaOuVdsvPNDU4mxhUq3ZdoJ6BUHl7tj8ENI8n
tmSCSVnKELZtMqtwCKTam0M0ho8CkPlSxywzoriUpqkILz/UhvRJ5YvT61pkfczf
+9epjZcKt33H0l1qJJfUqvl/K2I6scGRgvJvuf4J4hC9RtXifniFwhDGVwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFC7tp7uyOmhnxzVkNYlf57Ih5xURMB8GA1UdIwQY
MBaAFPULrmCXCi38ht1gfFuRWtXFNLQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVF1dVlKY0tMZnlHM1dCOFc1RmExY1UwdEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9mNzFkY2ItOWU5Mi00NGU3LWIwNDIt
MzY2NTA2N2RiMjU2LzEvTHUybnU3STZhR2ZITldRMWlWX25zaUhuRlJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9mNzFkY2ItOWU5Mi00NGU3LWIwNDItMzY2NTA2N2RiMjU2
LzEvOVF1dVlKY0tMZnlHM1dCOFc1RmExY1UwdEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgonhjAN
BgkqhkiG9w0BAQsFAAOCAQEAUkRWzEEVhOw4CfHO66AqJQHK6mq33jToIQ1qqEWQ
6L3Pb60KJhyO/y8vrd12HXvZZdt4O0sAQnn+FuBzeKDt6e9tu1xS6VVspFtyw6m4
diIor5y+M6dEKMxmk7B8VPxM/TnhoikHuz9m1R1wMdWgwEfmzdiguac/L4VSukKw
BgApcMCaei8X9J3C52no6F59/F2/3DHLvnDiNER0Plnwh3VapGxDN3RM/bvt59qJ
8ncxCL6jG9pBysjrPzsZ0NsLhXh1MqjLGl5Im/lCVOo7esWSvztnRIEcgOTxu37u
h5waHnaVuoEz79/djKfTkSX2NE7pZf1Ed2RSddxdL+8VAw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:16 2024 by rpki-client on console-ams.rpki-client.org