Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/wpKqN21G1lQZ4J3oso1npGB56zA.roa
File: wpKqN21G1lQZ4J3oso1npGB56zA.roa (raw, json)
Hash identifier: F0346Ct0ReKC6CzrbYr3y4oNWuhOeyHRZxcWcbA9MDU=
Subject key identifier: C2:92:AA:37:6D:46:D6:54:19:E0:9D:E8:B2:8D:67:A4:60:79:EB:30
Certificate issuer: /CN=f50bae60970a2dfc86dd607c5b915ad5c534b413
Certificate serial: 01856D8AC9E3243CC974A135617DFEAAAB6B
Authority key identifier: F5:0B:AE:60:97:0A:2D:FC:86:DD:60:7C:5B:91:5A:D5:C5:34:B4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/wpKqN21G1lQZ4J3oso1npGB56zA.roa
Signing time: Sun 01 Jan 2023 13:34:50 +0000
ROA not before: Sun 01 Jan 2023 13:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207821
IP address blocks: 2a0a:2782::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:c9:e3:24:3c:c9:74:a1:35:61:7d:fe:aa:ab:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f50bae60970a2dfc86dd607c5b915ad5c534b413
Validity
Not Before: Jan 1 13:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c292aa376d46d65419e09de8b28d67a46079eb30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:42:73:2b:54:20:55:7b:50:13:12:d1:a9:ce:
29:ee:0e:d3:dd:3b:ce:76:04:4f:27:05:82:5a:e6:
26:17:d0:68:07:3f:09:56:54:e3:05:fb:17:bb:93:
68:f1:72:10:99:47:75:7c:56:dc:1d:e0:1b:28:70:
5b:28:69:58:a9:d7:54:11:17:9d:97:ce:0f:9b:07:
b9:da:6c:1e:59:13:78:3c:21:4c:22:48:84:07:94:
bb:6c:98:a0:70:e5:0d:7e:f9:ae:f6:3f:a0:0a:98:
26:bd:63:5d:33:dc:a6:63:32:7a:ca:cf:ca:b2:44:
62:1a:1c:7d:ed:43:c3:89:28:61:59:3b:25:1e:82:
56:d6:42:f6:57:73:e6:6a:13:e2:bc:54:a1:9a:56:
b1:ce:ee:89:2d:20:e0:a1:9b:5d:c7:32:31:40:b6:
3c:01:96:58:5c:42:96:35:4d:fc:41:d5:66:15:a9:
c3:13:c4:0c:f9:6c:c2:3b:c0:9e:db:c2:4e:b2:20:
2c:95:aa:28:2a:10:83:0b:ff:d9:4c:7a:c3:f1:d8:
fc:76:dc:f1:cd:74:04:74:ab:45:72:77:3e:77:40:
e5:47:b9:35:01:20:23:18:c3:1f:73:1e:b0:f5:f8:
9c:cf:12:69:85:73:c0:1b:22:93:d2:1c:70:ac:0d:
7c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:92:AA:37:6D:46:D6:54:19:E0:9D:E8:B2:8D:67:A4:60:79:EB:30
X509v3 Authority Key Identifier:
keyid:F5:0B:AE:60:97:0A:2D:FC:86:DD:60:7C:5B:91:5A:D5:C5:34:B4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/wpKqN21G1lQZ4J3oso1npGB56zA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2782::/32
Signature Algorithm: sha256WithRSAEncryption
78:18:70:92:20:06:59:b7:32:c1:17:39:71:21:3c:26:3b:c5:
29:3b:3e:55:40:76:8d:ad:f8:39:0a:48:59:48:78:7e:90:c3:
73:48:9a:48:0b:69:1a:f1:3a:ef:c3:3c:b7:d2:af:c8:ce:18:
9c:23:e6:77:fc:e2:c4:e3:a0:fa:00:69:aa:b1:7e:9b:ab:61:
3c:e2:7a:2a:ff:ad:1c:4f:8f:b6:37:bd:40:b7:9e:93:36:82:
4d:55:ce:e9:1c:f4:4f:e0:04:ca:e5:17:49:1c:60:52:08:70:
55:8d:7c:5f:e5:cd:26:c4:54:c9:2e:71:db:09:69:9a:64:45:
f3:cd:d8:53:91:4c:b9:e7:1f:73:30:30:bb:b4:d1:f1:59:ec:
f5:6e:6c:01:c3:fb:f0:3c:ca:6f:dc:07:5d:99:86:69:a7:ec:
f2:fc:2b:1d:81:62:50:5f:b4:a7:13:69:65:f3:9d:a1:8e:6f:
13:07:b1:2e:82:ff:a5:8f:59:e4:21:88:89:2c:d0:15:34:18:
57:fc:4a:04:fc:4a:1c:3f:a9:a1:9c:a4:b7:1f:ea:0a:cb:92:
19:42:7a:c6:7b:28:66:ef:df:21:6c:d3:93:42:75:5c:e1:22:
4d:1a:a9:9c:98:b1:e0:85:bd:90:2c:76:fe:8d:87:a6:44:bb:
bd:43:3c:00
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtisnjJDzJdKE1YX3+qqtrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MGJhZTYwOTcwYTJkZmM4NmRkNjA3YzViOTE1YWQ1YzUz
NGI0MTMwHhcNMjMwMTAxMTMzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjkyYWEzNzZkNDZkNjU0MTllMDlkZThiMjhkNjdhNDYwNzllYjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUJzK1QgVXtQExLRqc4p7g7T3TvO
dgRPJwWCWuYmF9BoBz8JVlTjBfsXu5No8XIQmUd1fFbcHeAbKHBbKGlYqddUERed
l84Pmwe52mweWRN4PCFMIkiEB5S7bJigcOUNfvmu9j+gCpgmvWNdM9ymYzJ6ys/K
skRiGhx97UPDiShhWTslHoJW1kL2V3PmahPivFShmlaxzu6JLSDgoZtdxzIxQLY8
AZZYXEKWNU38QdVmFanDE8QM+WzCO8Ce28JOsiAslaooKhCDC//ZTHrD8dj8dtzx
zXQEdKtFcnc+d0DlR7k1ASAjGMMfcx6w9ficzxJphXPAGyKT0hxwrA18qwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMKSqjdtRtZUGeCd6LKNZ6RgeeswMB8GA1UdIwQY
MBaAFPULrmCXCi38ht1gfFuRWtXFNLQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVF1dVlKY0tMZnlHM1dCOFc1RmExY1UwdEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9mNzFkY2ItOWU5Mi00NGU3LWIwNDIt
MzY2NTA2N2RiMjU2LzEvd3BLcU4yMUcxbFFaNEozb3NvMW5wR0I1NnpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9mNzFkY2ItOWU5Mi00NGU3LWIwNDItMzY2NTA2N2RiMjU2
LzEvOVF1dVlKY0tMZnlHM1dCOFc1RmExY1UwdEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgongjAN
BgkqhkiG9w0BAQsFAAOCAQEAeBhwkiAGWbcywRc5cSE8JjvFKTs+VUB2ja34OQpI
WUh4fpDDc0iaSAtpGvE678M8t9KvyM4YnCPmd/zixOOg+gBpqrF+m6thPOJ6Kv+t
HE+Ptje9QLeekzaCTVXO6Rz0T+AEyuUXSRxgUghwVY18X+XNJsRUyS5x2wlpmmRF
883YU5FMuecfczAwu7TR8Vns9W5sAcP78DzKb9wHXZmGaafs8vwrHYFiUF+0pxNp
ZfOdoY5vEwexLoL/pY9Z5CGIiSzQFTQYV/xKBPxKHD+poZyktx/qCsuSGUJ6xnso
Zu/fIWzTk0J1XOEiTRqpnJix4IW9kCx2/o2HpkS7vUM8AA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:09:37 2024 by rpki-client on console-fra.rpki-client.org