Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/iI_iS8pnJfd8MnIKCcug2miuyQQ.roa
File: iI_iS8pnJfd8MnIKCcug2miuyQQ.roa (raw, json)
Hash identifier: rJmExAXV9RQyRiKcLjlIciYRFdCbSPkIG37mHfWH5G8=
Subject key identifier: 88:8F:E2:4B:CA:67:25:F7:7C:32:72:0A:09:CB:A0:DA:68:AE:C9:04
Certificate issuer: /CN=0563cb263df50d2d4d073c0f7db6cd2776302c9d
Certificate serial: 018CB57C19D867B0EF53A4C564AFAEC82EB1
Authority key identifier: 05:63:CB:26:3D:F5:0D:2D:4D:07:3C:0F:7D:B6:CD:27:76:30:2C:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/iI_iS8pnJfd8MnIKCcug2miuyQQ.roa
Signing time: Fri 29 Dec 2023 12:10:58 +0000
ROA not before: Fri 29 Dec 2023 12:10:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212270
IP address blocks: 2a0f:9240:2000::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b5:7c:19:d8:67:b0:ef:53:a4:c5:64:af:ae:c8:2e:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0563cb263df50d2d4d073c0f7db6cd2776302c9d
Validity
Not Before: Dec 29 12:10:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=888fe24bca6725f77c32720a09cba0da68aec904
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:65:1a:af:94:a3:71:8d:bf:9b:5f:8a:4b:0f:
b9:3c:bd:31:8c:ca:2a:d6:a4:f5:f6:59:ff:65:9d:
d0:36:83:93:36:2b:53:52:ae:94:ff:04:7c:16:4e:
2a:e0:42:b9:4f:c5:0c:98:1a:7e:e2:21:81:2a:ce:
80:be:ca:f2:18:16:59:d5:3c:2a:9c:30:63:76:e3:
2c:2a:57:12:0a:c4:21:b6:fd:9b:12:53:2d:ee:e6:
82:a8:45:a9:5f:3e:0e:50:f6:72:1f:07:75:26:82:
f1:33:28:78:c6:1e:50:74:8a:fe:be:83:36:9b:fc:
6a:c4:a1:11:9c:04:40:52:cd:6d:c8:9e:a0:8e:43:
89:00:af:5a:33:d3:cd:ae:d6:20:66:3a:1b:21:4d:
60:9f:74:47:29:b2:ae:70:73:f8:99:ce:f9:38:11:
28:57:b8:4c:38:6f:a8:9a:da:15:a3:5e:16:bf:99:
4e:d9:75:93:48:80:e8:71:a8:73:6a:e1:e5:95:25:
87:eb:f5:d0:2c:c0:19:75:8c:5c:6f:32:f8:d9:f3:
85:23:fb:56:3f:0f:49:23:17:b0:b1:1b:be:80:07:
06:be:a5:50:30:e7:04:71:92:00:8e:af:52:6a:ac:
20:c1:dc:40:47:53:29:71:81:2a:09:c1:af:fd:9a:
73:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:8F:E2:4B:CA:67:25:F7:7C:32:72:0A:09:CB:A0:DA:68:AE:C9:04
X509v3 Authority Key Identifier:
keyid:05:63:CB:26:3D:F5:0D:2D:4D:07:3C:0F:7D:B6:CD:27:76:30:2C:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/iI_iS8pnJfd8MnIKCcug2miuyQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9240:2000::/48
Signature Algorithm: sha256WithRSAEncryption
3d:bd:0f:75:52:69:a4:ad:07:dc:36:83:54:73:ea:82:aa:67:
3c:81:a8:35:1b:23:8e:f1:de:d8:80:f9:f8:a5:e6:c8:c0:33:
c9:58:48:85:80:65:0d:33:df:0b:9d:77:5a:ec:7d:48:13:10:
b7:29:9a:bc:fa:2e:e7:bb:3f:fc:78:f3:99:9b:e2:cd:48:4b:
ab:07:b7:4f:be:2e:f8:ae:da:28:51:6c:cb:46:a9:4f:0b:95:
19:6f:30:c6:81:4a:ec:fd:94:15:37:3e:f9:8d:e9:48:d1:27:
34:ae:b2:22:6e:f0:2b:e7:3d:b7:f0:da:19:5b:87:5a:87:56:
36:1f:f9:ea:0b:55:78:10:13:56:79:a9:6a:e0:5e:e9:d1:e2:
59:88:29:6f:0f:13:fc:70:32:fc:04:53:28:56:66:0e:87:99:
ed:cd:ab:00:d1:57:54:20:59:6f:7a:0c:a1:fc:f6:a5:b5:37:
0e:c0:68:e1:7c:52:7d:bc:ea:86:32:0a:53:a0:35:77:72:32:
32:ba:f3:9e:57:5c:5e:ff:8f:e8:ec:47:08:62:f6:86:be:ec:
4f:21:0c:43:39:f5:cf:82:55:51:6d:1e:0a:2a:6f:9d:a6:ee:
7b:5e:53:a8:0d:14:0f:a4:28:ea:5f:45:62:26:c9:dc:30:19:
ac:b0:f1:b3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYy1fBnYZ7DvU6TFZK+uyC6xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NjNjYjI2M2RmNTBkMmQ0ZDA3M2MwZjdkYjZjZDI3NzYz
MDJjOWQwHhcNMjMxMjI5MTIxMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODhmZTI0YmNhNjcyNWY3N2MzMjcyMGEwOWNiYTBkYTY4YWVjOTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4WUar5SjcY2/m1+KSw+5PL0xjMoq
1qT19ln/ZZ3QNoOTNitTUq6U/wR8Fk4q4EK5T8UMmBp+4iGBKs6AvsryGBZZ1Twq
nDBjduMsKlcSCsQhtv2bElMt7uaCqEWpXz4OUPZyHwd1JoLxMyh4xh5QdIr+voM2
m/xqxKERnARAUs1tyJ6gjkOJAK9aM9PNrtYgZjobIU1gn3RHKbKucHP4mc75OBEo
V7hMOG+omtoVo14Wv5lO2XWTSIDocahzauHllSWH6/XQLMAZdYxcbzL42fOFI/tW
Pw9JIxewsRu+gAcGvqVQMOcEcZIAjq9SaqwgwdxAR1MpcYEqCcGv/ZpzoQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIiP4kvKZyX3fDJyCgnLoNporskEMB8GA1UdIwQY
MBaAFAVjyyY99Q0tTQc8D322zSd2MCydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQldQTEpqMzFEUzFOQnp3UGZiYk5KM1l3TEowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi82MmU1ZjItMjViMy00NTU3LWFhOTQt
MTUwMzU0YjAwZTU1LzEvaUlfaVM4cG5KZmQ4TW5JS0NjdWcybWl1eVFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi82MmU1ZjItMjViMy00NTU3LWFhOTQtMTUwMzU0YjAwZTU1
LzEvQldQTEpqMzFEUzFOQnp3UGZiYk5KM1l3TEowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+SQCAA
MA0GCSqGSIb3DQEBCwUAA4IBAQA9vQ91UmmkrQfcNoNUc+qCqmc8gag1GyOO8d7Y
gPn4pebIwDPJWEiFgGUNM98LnXda7H1IExC3KZq8+i7nuz/8ePOZm+LNSEurB7dP
vi74rtooUWzLRqlPC5UZbzDGgUrs/ZQVNz75jelI0Sc0rrIibvAr5z238NoZW4da
h1Y2H/nqC1V4EBNWealq4F7p0eJZiClvDxP8cDL8BFMoVmYOh5ntzasA0VdUIFlv
egyh/PaltTcOwGjhfFJ9vOqGMgpToDV3cjIyuvOeV1xe/4/o7EcIYvaGvuxPIQxD
OfXPglVRbR4KKm+dpu57XlOoDRQPpCjqX0ViJsncMBmssPGz
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:40:42 2024 by rpki-client on console-ams.rpki-client.org