Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/ee3e3f-3a45-43eb-a5de-4285998392d3/1/itpFnVt0xtxirQRzixsIUX3sH4Y.roa
File: itpFnVt0xtxirQRzixsIUX3sH4Y.roa (raw, json)
Hash identifier: 3o7MmDJeQ7LDh6qmF8ieyMWTJBsceo02jVmhaB757ik=
Subject key identifier: 8A:DA:45:9D:5B:74:C6:DC:62:AD:04:73:8B:1B:08:51:7D:EC:1F:86
Certificate issuer: /CN=ccc478dd9ccd6162f82488ac6fc50c21d369f2a0
Certificate serial: 018A09F941A5C11F900640E4CB2D9FD78FCE
Authority key identifier: CC:C4:78:DD:9C:CD:61:62:F8:24:88:AC:6F:C5:0C:21:D3:69:F2:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zMR43ZzNYWL4JIisb8UMIdNp8qA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/ee3e3f-3a45-43eb-a5de-4285998392d3/1/itpFnVt0xtxirQRzixsIUX3sH4Y.roa
Signing time: Fri 18 Aug 2023 18:47:24 +0000
ROA not before: Fri 18 Aug 2023 18:47:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202044
IP address blocks: 2a0d:db00::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:09:f9:41:a5:c1:1f:90:06:40:e4:cb:2d:9f:d7:8f:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccc478dd9ccd6162f82488ac6fc50c21d369f2a0
Validity
Not Before: Aug 18 18:47:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ada459d5b74c6dc62ad04738b1b08517dec1f86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:40:a3:12:6f:2f:6b:50:c3:e4:84:cd:03:ae:
66:8a:03:ba:8e:08:3c:90:c4:5c:b9:2e:cf:81:ae:
33:1b:6f:bd:8a:55:95:dd:a5:83:e5:cb:3f:e7:60:
c4:a6:9f:21:37:5a:ae:9f:1a:28:5e:14:01:48:25:
d8:5f:96:7f:9c:60:c9:6d:a4:07:95:09:45:5b:64:
6b:af:07:27:03:1d:b4:a8:04:28:1f:a8:8b:81:c1:
50:e5:01:21:4c:bc:c7:1e:17:17:8f:b5:c8:37:57:
cd:79:9e:ef:b0:05:ba:6e:27:a4:db:f7:b4:51:4b:
2c:b7:28:6a:60:68:19:8c:86:c8:bd:26:b9:00:be:
39:12:34:2a:a6:3f:fc:7b:e3:bb:e1:8b:4f:92:a8:
47:05:cb:86:06:b7:4f:c9:43:bf:96:93:84:65:8e:
74:26:e1:a9:5e:1e:a9:ef:3e:17:aa:51:42:35:4e:
c8:1d:a1:52:0f:4a:7a:84:ca:4a:01:d2:fe:f2:5f:
8b:23:01:c8:53:f1:ae:1a:40:8b:3c:b5:8a:cc:0e:
f5:10:db:fc:ab:46:78:25:6d:9a:48:62:67:fb:4e:
d2:47:a1:89:12:a8:72:3b:d8:dc:b3:1d:b5:e7:1d:
c8:f1:18:8d:18:68:b0:44:dc:5d:b7:9e:d6:de:ee:
59:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:DA:45:9D:5B:74:C6:DC:62:AD:04:73:8B:1B:08:51:7D:EC:1F:86
X509v3 Authority Key Identifier:
keyid:CC:C4:78:DD:9C:CD:61:62:F8:24:88:AC:6F:C5:0C:21:D3:69:F2:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zMR43ZzNYWL4JIisb8UMIdNp8qA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/ee3e3f-3a45-43eb-a5de-4285998392d3/1/itpFnVt0xtxirQRzixsIUX3sH4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/ee3e3f-3a45-43eb-a5de-4285998392d3/1/zMR43ZzNYWL4JIisb8UMIdNp8qA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:db00::/29
Signature Algorithm: sha256WithRSAEncryption
9f:b5:25:83:0d:5b:b8:b6:88:dd:71:32:55:12:29:a1:bc:72:
ab:02:6d:57:d4:ea:b3:20:a8:7b:79:94:5c:63:f2:23:b1:8d:
68:f1:28:44:05:7d:b0:ae:06:84:b6:51:70:8c:9d:a6:0a:17:
92:76:78:73:d9:15:06:85:16:ec:46:21:4e:b7:85:51:db:b8:
bb:b5:b4:8c:69:b0:82:3e:08:27:29:5e:c1:e1:5f:ab:75:2e:
4b:e8:b4:48:c4:b3:b0:b7:16:76:ae:5f:34:53:f8:cb:76:54:
b3:6d:dd:81:b7:3c:c2:c7:50:f4:57:77:aa:de:1f:ad:8e:6a:
64:b4:d4:3b:f8:07:6a:a3:c6:e4:1f:8c:4f:77:cd:f0:a0:12:
1f:db:30:eb:d7:4d:33:6d:fa:fc:39:89:7b:f5:3c:5e:8e:e1:
eb:1d:3a:24:53:41:93:6d:37:93:03:60:3d:f6:d5:c6:49:52:
b1:c7:7a:51:e1:06:1c:e6:45:a4:8c:3f:1c:e7:7e:fe:06:51:
a2:2b:ba:6d:bb:d3:fc:69:13:45:f2:5d:ae:3b:bd:74:4e:3b:
0e:61:7c:a6:e3:51:79:94:d0:92:58:42:80:71:8b:84:65:6f:
af:ce:28:ee:3c:07:a6:30:53:de:d6:21:4b:aa:88:ce:63:29:
b1:86:dc:55
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYoJ+UGlwR+QBkDkyy2f14/OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjYzQ3OGRkOWNjZDYxNjJmODI0ODhhYzZmYzUwYzIxZDM2
OWYyYTAwHhcNMjMwODE4MTg0NzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWRhNDU5ZDViNzRjNmRjNjJhZDA0NzM4YjFiMDg1MTdkZWMxZjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUCjEm8va1DD5ITNA65migO6jgg8
kMRcuS7Pga4zG2+9ilWV3aWD5cs/52DEpp8hN1qunxooXhQBSCXYX5Z/nGDJbaQH
lQlFW2RrrwcnAx20qAQoH6iLgcFQ5QEhTLzHHhcXj7XIN1fNeZ7vsAW6biek2/e0
UUsstyhqYGgZjIbIvSa5AL45EjQqpj/8e+O74YtPkqhHBcuGBrdPyUO/lpOEZY50
JuGpXh6p7z4XqlFCNU7IHaFSD0p6hMpKAdL+8l+LIwHIU/GuGkCLPLWKzA71ENv8
q0Z4JW2aSGJn+07SR6GJEqhyO9jcsx215x3I8RiNGGiwRNxdt57W3u5ZZwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIraRZ1bdMbcYq0Ec4sbCFF97B+GMB8GA1UdIwQY
MBaAFMzEeN2czWFi+CSIrG/FDCHTafKgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek1SNDNaek5ZV0w0Sklpc2I4VU1JZE5wOHFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9lZTNlM2YtM2E0NS00M2ViLWE1ZGUt
NDI4NTk5ODM5MmQzLzEvaXRwRm5WdDB4dHhpclFSeml4c0lVWDNzSDRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9lZTNlM2YtM2E0NS00M2ViLWE1ZGUtNDI4NTk5ODM5MmQz
LzEvek1SNDNaek5ZV0w0Sklpc2I4VU1JZE5wOHFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg3bADAN
BgkqhkiG9w0BAQsFAAOCAQEAn7Ulgw1buLaI3XEyVRIpobxyqwJtV9TqsyCoe3mU
XGPyI7GNaPEoRAV9sK4GhLZRcIydpgoXknZ4c9kVBoUW7EYhTreFUdu4u7W0jGmw
gj4IJyleweFfq3UuS+i0SMSzsLcWdq5fNFP4y3ZUs23dgbc8wsdQ9Fd3qt4frY5q
ZLTUO/gHaqPG5B+MT3fN8KASH9sw69dNM236/DmJe/U8Xo7h6x06JFNBk203kwNg
PfbVxklSscd6UeEGHOZFpIw/HOd+/gZRoiu6bbvT/GkTRfJdrju9dE47DmF8puNR
eZTQklhCgHGLhGVvr84o7jwHpjBT3tYhS6qIzmMpsYbcVQ==
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:43 2024 by rpki-client on console-ams.rpki-client.org