Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/72RqPb5wxOCo_fhnKaHfpp7Ftv4.roa
File: 72RqPb5wxOCo_fhnKaHfpp7Ftv4.roa (raw, json)
Hash identifier: 4VoeNRA4f/gNuVrIXniOT8LO1fdWim0uSRTT805wIjY=
Subject key identifier: EF:64:6A:3D:BE:70:C4:E0:A8:FD:F8:67:29:A1:DF:A6:9E:C5:B6:FE
Certificate issuer: /CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Certificate serial: 018BDC6B9CC76C4055D90636D35E00BE0B6B
Authority key identifier: 8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/72RqPb5wxOCo_fhnKaHfpp7Ftv4.roa
Signing time: Fri 17 Nov 2023 08:35:21 +0000
ROA not before: Fri 17 Nov 2023 08:35:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 2a00:4bc0:2300::/40 maxlen: 48
2a00:4bc0:2100::/40 maxlen: 48
2a00:4bc0:2400::/40 maxlen: 48
2a00:4bc0:2600::/40 maxlen: 40
2a00:4bc0:2000::/44 maxlen: 56
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:dc:6b:9c:c7:6c:40:55:d9:06:36:d3:5e:00:be:0b:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Validity
Not Before: Nov 17 08:35:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef646a3dbe70c4e0a8fdf86729a1dfa69ec5b6fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f1:6d:58:7a:91:67:30:c8:62:6f:70:e7:1b:
f3:95:34:41:7f:09:e2:1b:1e:de:f1:ea:e9:7b:55:
5f:fc:81:a4:17:f7:69:f7:55:bc:d8:69:5d:88:0a:
79:e9:61:68:71:dd:f5:c2:79:21:d3:b2:92:1e:26:
eb:ef:35:84:a6:c1:15:0f:53:3b:d2:e0:3b:9f:cb:
81:12:cb:fb:8c:be:11:f8:af:3f:4d:da:c7:41:71:
f3:ae:a3:fa:78:96:1d:ed:ea:4d:3a:4e:64:b9:de:
2e:a3:be:65:c5:63:7f:ef:3b:72:31:b0:5f:c2:aa:
f6:cb:ce:d7:8b:a1:7e:19:a5:8e:b5:d2:31:50:ac:
04:01:8e:39:4f:46:0d:5f:ff:bd:d9:7b:85:c0:6a:
06:e0:6b:21:1a:2c:35:70:65:c1:53:83:8c:ab:41:
29:11:ff:d5:22:fe:d5:fb:77:97:cb:9a:a5:4f:c8:
be:17:80:97:d7:e5:11:12:fb:0d:2f:9a:da:62:06:
37:3c:18:a7:4d:c4:f3:7b:24:7d:9b:3b:9c:85:5e:
8c:55:84:97:75:b2:34:c7:ec:50:96:07:30:8d:26:
83:72:c2:28:a3:70:06:53:1d:0d:90:f7:02:de:8f:
f0:a0:c3:93:75:e0:2a:87:c0:d5:f5:50:76:12:13:
9c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:64:6A:3D:BE:70:C4:E0:A8:FD:F8:67:29:A1:DF:A6:9E:C5:B6:FE
X509v3 Authority Key Identifier:
keyid:8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/72RqPb5wxOCo_fhnKaHfpp7Ftv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/jygkxhNX3DRLvfNbg1d0WbnT_EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:4bc0:2000::/44
2a00:4bc0:2100::/40
2a00:4bc0:2300::-2a00:4bc0:24ff:ffff:ffff:ffff:ffff:ffff
2a00:4bc0:2600::/40
Signature Algorithm: sha256WithRSAEncryption
0d:b1:7c:c6:a4:89:b2:0e:06:9c:6a:d6:74:55:d4:7e:dd:5e:
66:0b:e1:38:f1:37:9a:80:4b:43:7c:67:8a:69:a9:32:67:f8:
d0:90:f7:b0:95:81:8c:13:b1:09:4b:fe:28:cd:b4:57:5f:94:
cb:50:dd:44:c4:42:fd:cd:62:7b:b8:90:37:bf:57:ee:4c:06:
ef:01:f9:5d:15:e5:5b:77:e3:b8:36:0a:40:e5:76:67:4b:51:
07:2e:7c:80:87:fc:c8:45:7b:00:a8:7b:25:9c:3b:a9:44:4a:
0f:da:32:bc:cc:b0:d1:2a:ce:d0:81:91:5b:b9:2a:5d:4e:5e:
8b:26:e5:ed:87:18:8f:2a:08:c5:b0:ff:51:1f:96:90:8b:58:
f0:49:44:fa:c5:66:8e:8f:3a:8d:e8:c3:28:86:91:65:b7:33:
ca:5c:88:64:0c:17:26:74:de:8b:fa:90:07:02:75:c0:c6:0a:
c6:f3:a2:57:63:9d:b7:eb:27:60:b6:4a:b1:ca:d7:89:24:f7:
2f:25:94:ba:ed:6f:2a:72:12:50:e6:a3:c6:b7:1d:f1:1b:9f:
d6:2c:11:4b:58:b4:55:74:d1:73:55:aa:7f:86:88:97:ee:6f:
21:95:42:df:e4:fc:bd:4d:01:33:7f:4d:3e:0b:0f:61:d5:95:
7f:1a:0b:a1
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYvca5zHbEBV2QY2014AvgtrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMjgyNGM2MTM1N2RjMzQ0YmJkZjM1YjgzNTc3NDU5Yjlk
M2ZjNDQwHhcNMjMxMTE3MDgzNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjY0NmEzZGJlNzBjNGUwYThmZGY4NjcyOWExZGZhNjllYzViNmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfFtWHqRZzDIYm9w5xvzlTRBfwni
Gx7e8erpe1Vf/IGkF/dp91W82GldiAp56WFocd31wnkh07KSHibr7zWEpsEVD1M7
0uA7n8uBEsv7jL4R+K8/TdrHQXHzrqP6eJYd7epNOk5kud4uo75lxWN/7ztyMbBf
wqr2y87Xi6F+GaWOtdIxUKwEAY45T0YNX/+92XuFwGoG4GshGiw1cGXBU4OMq0Ep
Ef/VIv7V+3eXy5qlT8i+F4CX1+UREvsNL5raYgY3PBinTcTzeyR9mzuchV6MVYSX
dbI0x+xQlgcwjSaDcsIoo3AGUx0NkPcC3o/woMOTdeAqh8DV9VB2EhOckwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFO9kaj2+cMTgqP34Zymh36aexbb+MB8GA1UdIwQY
MBaAFI8oJMYTV9w0S73zW4NXdFm50/xEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzIt
M2FlNzExYWYwMzRiLzEvNzJScVBiNXd4T0NvX2ZobkthSGZwcDdGdHY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzItM2FlNzExYWYwMzRi
LzEvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAxBAIAAjArAwcEKgBLwCAA
AwYAKgBLwCEwEAMGACoAS8AjAwYAKgBLwCQDBgAqAEvAJjANBgkqhkiG9w0BAQsF
AAOCAQEADbF8xqSJsg4GnGrWdFXUft1eZgvhOPE3moBLQ3xnimmpMmf40JD3sJWB
jBOxCUv+KM20V1+Uy1DdRMRC/c1ie7iQN79X7kwG7wH5XRXlW3fjuDYKQOV2Z0tR
By58gIf8yEV7AKh7JZw7qURKD9oyvMyw0SrO0IGRW7kqXU5eiybl7YcYjyoIxbD/
UR+WkItY8ElE+sVmjo86jejDKIaRZbczylyIZAwXJnTei/qQBwJ1wMYKxvOiV2Od
t+snYLZKscrXiST3LyWUuu1vKnISUOajxrcd8Ruf1iwRS1i0VXTRc1Wqf4aIl+5v
IZVC3+T8vU0BM39NPgsPYdWVfxoLoQ==
-----END CERTIFICATE-----
Generated at Fri Nov 17 11:30:37 2023 by rpki-client on console-ams.rpki-client.org