Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/128588-3207-4f36-983c-f79ad8122ef5/1/dZdj5SXdo97a-D4P81H0j70rAzk.roa
File: dZdj5SXdo97a-D4P81H0j70rAzk.roa (raw, json)
Hash identifier: jBMSFh1xuZb8LfiTVybCRjoW/Pm8QlmqhPbOOFQtYuI=
Subject key identifier: 75:97:63:E5:25:DD:A3:DE:DA:F8:3E:0F:F3:51:F4:8F:BD:2B:03:39
Certificate issuer: /CN=f3d494b8b271afb7c62f1397f712cf2dcd364185
Certificate serial: 0185718338FBF84FBE33BCE34180D7A906D4
Authority key identifier: F3:D4:94:B8:B2:71:AF:B7:C6:2F:13:97:F7:12:CF:2D:CD:36:41:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/89SUuLJxr7fGLxOX9xLPLc02QYU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/128588-3207-4f36-983c-f79ad8122ef5/1/dZdj5SXdo97a-D4P81H0j70rAzk.roa
Signing time: Mon 02 Jan 2023 08:05:03 +0000
ROA not before: Mon 02 Jan 2023 08:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206885
IP address blocks: 2001:678:284::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:38:fb:f8:4f:be:33:bc:e3:41:80:d7:a9:06:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3d494b8b271afb7c62f1397f712cf2dcd364185
Validity
Not Before: Jan 2 08:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=759763e525dda3dedaf83e0ff351f48fbd2b0339
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:15:26:29:ca:d4:e4:2a:4f:e7:9b:cf:53:3e:
c7:dc:b6:c6:d1:da:24:1d:8d:2a:08:ec:4c:4c:71:
2d:13:da:27:5d:a9:a9:07:35:98:69:80:b0:eb:88:
8e:f1:06:9f:36:3e:be:0d:d5:5d:10:69:29:33:09:
c4:3f:ac:b7:e5:71:b4:20:b1:9f:c8:80:87:e0:50:
00:d7:ab:dc:41:c9:81:3e:f5:6a:ca:2a:6e:74:ef:
b0:3c:61:8f:d3:01:8e:e7:df:a8:d1:92:8b:fa:07:
a4:ad:f1:1a:1e:06:d6:11:50:d5:7e:53:93:0b:d6:
06:2a:41:0b:f9:ea:58:97:9c:89:89:cd:af:e7:bd:
28:98:62:28:56:f8:c8:50:84:62:12:e9:e8:fe:ce:
c3:fb:af:a4:8e:ac:8d:8c:df:45:7e:59:c4:22:0c:
0b:ed:72:65:a4:3b:b0:6c:b0:db:42:80:38:3f:f6:
c2:80:1b:04:45:bd:6b:8a:85:9c:e6:85:22:da:a5:
38:f0:ab:c0:ab:40:34:d4:f1:16:b1:db:3b:13:07:
75:fc:bf:bb:ca:14:5f:dc:0e:dd:9c:58:19:7c:36:
5b:4b:61:b0:19:c6:41:f7:c4:8c:28:5d:2a:bc:7a:
c3:6a:ed:3d:ba:b2:4e:d9:6e:bb:62:ee:bf:91:e9:
37:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:97:63:E5:25:DD:A3:DE:DA:F8:3E:0F:F3:51:F4:8F:BD:2B:03:39
X509v3 Authority Key Identifier:
keyid:F3:D4:94:B8:B2:71:AF:B7:C6:2F:13:97:F7:12:CF:2D:CD:36:41:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/89SUuLJxr7fGLxOX9xLPLc02QYU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/128588-3207-4f36-983c-f79ad8122ef5/1/dZdj5SXdo97a-D4P81H0j70rAzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/128588-3207-4f36-983c-f79ad8122ef5/1/89SUuLJxr7fGLxOX9xLPLc02QYU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:284::/48
Signature Algorithm: sha256WithRSAEncryption
bc:58:0d:f1:8e:fd:e8:a2:d1:04:d9:a1:51:26:e6:70:fc:d6:
12:f7:b2:1e:71:2c:c7:49:67:60:fc:71:17:10:46:0d:ce:84:
ef:cc:30:5d:32:85:54:b0:c4:c3:ec:49:b8:f7:d8:a8:bc:f4:
3f:fd:11:c7:2a:7a:e4:7a:6a:5b:84:68:86:67:23:f1:07:de:
6e:c0:e8:4c:d4:7e:f8:e4:6c:10:5c:8e:5a:82:10:58:8c:f0:
76:91:19:40:04:fb:ae:a1:2e:bd:b8:d6:33:e2:e7:5e:8a:dc:
4e:93:d2:d0:2b:5c:4d:97:3f:b7:10:00:d6:86:4d:d9:35:77:
f6:85:d7:f0:8e:97:1b:7f:ac:c4:ce:cc:06:70:d1:88:52:ed:
a5:ed:7b:91:2c:6b:ea:77:00:f1:e9:dc:50:87:14:a8:e1:8b:
47:c7:d6:a9:b7:78:e7:5c:0a:55:14:9d:76:e3:fa:0c:32:05:
d4:8e:64:2d:7b:78:5c:94:a8:53:66:c9:4e:9a:ef:9d:bf:18:
bf:d9:55:d4:c7:fb:c3:cb:dc:bb:fc:1b:5f:f3:ab:e6:82:12:
45:6a:c7:21:28:4c:fd:ab:ff:63:39:19:5b:5f:f6:d7:47:51:
a9:46:e4:60:f3:3b:6f:d4:94:78:d7:39:ac:ff:d5:c6:bf:cc:
6e:43:b3:c6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxgzj7+E++M7zjQYDXqQbUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzZDQ5NGI4YjI3MWFmYjdjNjJmMTM5N2Y3MTJjZjJkY2Qz
NjQxODUwHhcNMjMwMTAyMDgwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTk3NjNlNTI1ZGRhM2RlZGFmODNlMGZmMzUxZjQ4ZmJkMmIwMzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxUmKcrU5CpP55vPUz7H3LbG0dok
HY0qCOxMTHEtE9onXampBzWYaYCw64iO8QafNj6+DdVdEGkpMwnEP6y35XG0ILGf
yICH4FAA16vcQcmBPvVqyipudO+wPGGP0wGO59+o0ZKL+gekrfEaHgbWEVDVflOT
C9YGKkEL+epYl5yJic2v570omGIoVvjIUIRiEuno/s7D+6+kjqyNjN9FflnEIgwL
7XJlpDuwbLDbQoA4P/bCgBsERb1rioWc5oUi2qU48KvAq0A01PEWsds7Ewd1/L+7
yhRf3A7dnFgZfDZbS2GwGcZB98SMKF0qvHrDau09urJO2W67Yu6/kek37QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHWXY+Ul3aPe2vg+D/NR9I+9KwM5MB8GA1UdIwQY
MBaAFPPUlLiyca+3xi8Tl/cSzy3NNkGFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODlTVXVMSnhyN2ZHTHhPWDl4TFBMYzAyUVlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xMjg1ODgtMzIwNy00ZjM2LTk4M2Mt
Zjc5YWQ4MTIyZWY1LzEvZFpkajVTWGRvOTdhLUQ0UDgxSDBqNzByQXprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xMjg1ODgtMzIwNy00ZjM2LTk4M2MtZjc5YWQ4MTIyZWY1
LzEvODlTVXVMSnhyN2ZHTHhPWDl4TFBMYzAyUVlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAKE
MA0GCSqGSIb3DQEBCwUAA4IBAQC8WA3xjv3ootEE2aFRJuZw/NYS97IecSzHSWdg
/HEXEEYNzoTvzDBdMoVUsMTD7Em499iovPQ//RHHKnrkempbhGiGZyPxB95uwOhM
1H745GwQXI5aghBYjPB2kRlABPuuoS69uNYz4udeitxOk9LQK1xNlz+3EADWhk3Z
NXf2hdfwjpcbf6zEzswGcNGIUu2l7XuRLGvqdwDx6dxQhxSo4YtHx9apt3jnXApV
FJ124/oMMgXUjmQte3hclKhTZslOmu+dvxi/2VXUx/vDy9y7/Btf86vmghJFasch
KEz9q/9jORlbX/bXR1GpRuRg8ztv1JR41zms/9XGv8xuQ7PG
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:10 2024 by rpki-client on console-fra.rpki-client.org