Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/q7IAMZ11_0DSVFHdbJFcl2sl0MA.roa
File: q7IAMZ11_0DSVFHdbJFcl2sl0MA.roa (raw, json)
Hash identifier: CVPlK8Htw6wF+UO6KPUSXxOSN59oLr9s8cYM+7Ze10c=
Subject key identifier: AB:B2:00:31:9D:75:FF:40:D2:54:51:DD:6C:91:5C:97:6B:25:D0:C0
Certificate issuer: /CN=f50bae60970a2dfc86dd607c5b915ad5c534b413
Certificate serial: 01856D8ACA83F1AE71BE6490CC52EE9A86C2
Authority key identifier: F5:0B:AE:60:97:0A:2D:FC:86:DD:60:7C:5B:91:5A:D5:C5:34:B4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/q7IAMZ11_0DSVFHdbJFcl2sl0MA.roa
Signing time: Sun 01 Jan 2023 13:34:50 +0000
ROA not before: Sun 01 Jan 2023 13:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212804
IP address blocks: 2a0a:2785::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:ca:83:f1:ae:71:be:64:90:cc:52:ee:9a:86:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f50bae60970a2dfc86dd607c5b915ad5c534b413
Validity
Not Before: Jan 1 13:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=abb200319d75ff40d25451dd6c915c976b25d0c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:29:ad:3a:d7:de:ed:be:56:71:46:2c:2b:39:
33:bc:2f:40:dc:0d:f8:81:9c:f1:6a:16:45:3f:e2:
0c:62:eb:85:6e:c8:bb:b1:77:1b:89:c6:8e:47:11:
05:79:68:e2:8d:53:4e:74:2a:e3:76:91:21:5d:3f:
86:8a:a7:d7:d8:7b:e5:fe:04:be:55:0c:8d:05:3c:
23:04:5f:df:8b:ff:e4:11:a3:34:41:36:dc:94:a3:
57:88:14:83:84:cb:ad:3a:70:12:fe:7f:34:51:59:
1c:38:9a:e1:bd:ca:76:24:8b:94:34:ed:b9:33:4c:
13:2f:6f:e0:62:2e:39:ce:85:29:e8:22:65:f0:9f:
f2:95:f7:59:2d:e1:35:e1:c2:ca:f1:bf:73:c4:87:
f7:d9:bb:1c:c2:32:f1:df:07:c8:1d:db:cf:d2:4c:
c4:bb:9d:2d:0a:b7:bf:84:2f:67:b0:9c:1c:9b:6c:
32:9a:90:d3:a6:1a:b7:55:e1:76:e2:fe:1c:26:c1:
20:8a:8f:27:a7:df:c6:51:1c:6f:5b:44:e4:26:31:
54:fa:dc:8c:5a:81:93:51:60:7c:85:0a:a8:77:94:
07:3a:9a:18:1e:56:2c:c9:eb:ba:56:18:be:18:30:
28:e4:0c:ac:75:bb:89:f9:a2:0c:db:ee:ae:bf:78:
74:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:B2:00:31:9D:75:FF:40:D2:54:51:DD:6C:91:5C:97:6B:25:D0:C0
X509v3 Authority Key Identifier:
keyid:F5:0B:AE:60:97:0A:2D:FC:86:DD:60:7C:5B:91:5A:D5:C5:34:B4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/q7IAMZ11_0DSVFHdbJFcl2sl0MA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2785::/32
Signature Algorithm: sha256WithRSAEncryption
8c:2b:74:e2:b6:e8:7a:be:db:6b:2f:f2:5d:06:31:11:78:20:
2d:ff:41:86:db:94:06:5e:d6:7a:44:a5:53:8b:31:1e:58:45:
52:5a:2b:f4:5a:60:b8:d8:60:c7:54:15:2a:0f:33:9f:53:93:
eb:be:4a:8e:4a:6a:17:c8:cb:d5:e3:f8:96:4c:c4:48:9f:a7:
ac:0b:b4:9b:ad:3c:1a:45:e0:36:7c:bc:ce:eb:8a:7f:2c:00:
f8:6c:e0:ab:7c:c3:9a:65:8e:05:fe:c7:3d:85:a0:49:5c:07:
0d:fa:b0:c8:1a:bb:d6:f9:a3:dd:53:73:1f:a9:ce:fd:7b:d5:
73:cc:4d:b9:be:91:6d:fe:74:61:0a:9a:9e:b9:dc:96:29:fc:
f6:a4:98:77:23:b7:4d:12:a5:53:31:b4:09:05:fc:1a:75:d0:
bd:eb:31:7c:8a:a1:49:71:cc:e1:bc:f9:fe:63:2f:c1:0d:77:
06:6f:28:21:b3:8a:33:96:64:e4:a5:12:74:e5:21:e8:a3:80:
46:74:8f:34:e2:de:54:38:cc:d3:94:2f:ea:e9:2f:b3:07:1a:
9e:01:9d:ee:f7:2a:8a:68:34:67:2c:69:d2:fb:1d:04:7e:4f:
1e:5c:25:21:d9:23:04:da:86:82:cb:6a:a5:32:6b:c3:0a:bd:
c5:9e:e2:35
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtisqD8a5xvmSQzFLumobCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MGJhZTYwOTcwYTJkZmM4NmRkNjA3YzViOTE1YWQ1YzUz
NGI0MTMwHhcNMjMwMTAxMTMzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmIyMDAzMTlkNzVmZjQwZDI1NDUxZGQ2YzkxNWM5NzZiMjVkMGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCmtOtfe7b5WcUYsKzkzvC9A3A34
gZzxahZFP+IMYuuFbsi7sXcbicaORxEFeWjijVNOdCrjdpEhXT+GiqfX2Hvl/gS+
VQyNBTwjBF/fi//kEaM0QTbclKNXiBSDhMutOnAS/n80UVkcOJrhvcp2JIuUNO25
M0wTL2/gYi45zoUp6CJl8J/ylfdZLeE14cLK8b9zxIf32bscwjLx3wfIHdvP0kzE
u50tCre/hC9nsJwcm2wympDTphq3VeF24v4cJsEgio8np9/GURxvW0TkJjFU+tyM
WoGTUWB8hQqod5QHOpoYHlYsyeu6Vhi+GDAo5AysdbuJ+aIM2+6uv3h0WQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKuyADGddf9A0lRR3WyRXJdrJdDAMB8GA1UdIwQY
MBaAFPULrmCXCi38ht1gfFuRWtXFNLQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVF1dVlKY0tMZnlHM1dCOFc1RmExY1UwdEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9mNzFkY2ItOWU5Mi00NGU3LWIwNDIt
MzY2NTA2N2RiMjU2LzEvcTdJQU1aMTFfMERTVkZIZGJKRmNsMnNsME1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9mNzFkY2ItOWU5Mi00NGU3LWIwNDItMzY2NTA2N2RiMjU2
LzEvOVF1dVlKY0tMZnlHM1dCOFc1RmExY1UwdEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgonhTAN
BgkqhkiG9w0BAQsFAAOCAQEAjCt04rboer7bay/yXQYxEXggLf9BhtuUBl7WekSl
U4sxHlhFUlor9FpguNhgx1QVKg8zn1OT675KjkpqF8jL1eP4lkzESJ+nrAu0m608
GkXgNny8zuuKfywA+Gzgq3zDmmWOBf7HPYWgSVwHDfqwyBq71vmj3VNzH6nO/XvV
c8xNub6Rbf50YQqanrnclin89qSYdyO3TRKlUzG0CQX8GnXQvesxfIqhSXHM4bz5
/mMvwQ13Bm8oIbOKM5Zk5KUSdOUh6KOARnSPNOLeVDjM05Qv6ukvswcangGd7vcq
img0Zyxp0vsdBH5PHlwlIdkjBNqGgstqpTJrwwq9xZ7iNQ==
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:16 2024 by rpki-client on console-ams.rpki-client.org