Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/853ee3-3a4f-4d95-9bdb-b03c2fbdc644/1/CPybKkn-nHzKOPwyrRM4L38Hj2I.roa
File: CPybKkn-nHzKOPwyrRM4L38Hj2I.roa (raw, json)
Hash identifier: fPa0EU3kCqfqCF2gOg/MVBWxzKFuy5FYaKcSTAhvwfQ=
Subject key identifier: 08:FC:9B:2A:49:FE:9C:7C:CA:38:FC:32:AD:13:38:2F:7F:07:8F:62
Certificate issuer: /CN=ee0739d0528dcb4fce578d11f7ec34b0e37452cf
Certificate serial: 01856ED4A6A73F495781FAC737EA4ABB8A9D
Authority key identifier: EE:07:39:D0:52:8D:CB:4F:CE:57:8D:11:F7:EC:34:B0:E3:74:52:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7gc50FKNy0_OV40R9-w0sON0Us8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/853ee3-3a4f-4d95-9bdb-b03c2fbdc644/1/CPybKkn-nHzKOPwyrRM4L38Hj2I.roa
Signing time: Sun 01 Jan 2023 19:35:08 +0000
ROA not before: Sun 01 Jan 2023 19:35:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 2001:67c:17fc::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:a6:a7:3f:49:57:81:fa:c7:37:ea:4a:bb:8a:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee0739d0528dcb4fce578d11f7ec34b0e37452cf
Validity
Not Before: Jan 1 19:35:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08fc9b2a49fe9c7cca38fc32ad13382f7f078f62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ef:f6:6e:84:2f:f6:c4:e1:c8:95:22:12:b3:
bc:c9:2a:e5:35:2f:77:35:1e:8b:df:85:ed:32:ae:
b2:77:00:69:c3:80:9c:59:b1:81:92:7d:2f:49:fa:
7d:aa:b6:98:1e:2f:a1:65:75:d9:fb:b5:8b:1c:fe:
57:f8:2c:c3:6a:dc:ae:e7:16:35:aa:6e:61:85:8b:
5b:6c:e0:02:d0:1e:bf:14:72:1f:b6:29:01:18:4b:
78:e7:51:13:f5:53:8e:85:1e:f3:32:02:c3:14:b0:
d9:28:ef:41:c6:27:c3:c4:25:4b:11:a3:09:62:40:
cd:69:76:06:d9:77:a1:65:32:0e:96:3e:c4:13:47:
1e:c0:46:77:2c:2d:1d:15:f6:e3:78:ac:38:5b:8e:
8e:b1:b1:34:4e:35:c2:87:6d:3a:7e:3a:fe:78:c8:
bd:8f:d4:7b:18:23:71:a0:db:6d:e6:7f:65:da:38:
7f:da:d9:75:b6:24:65:ff:18:b7:0f:2f:01:63:42:
9c:4f:bd:db:98:53:4f:7b:cf:45:89:cf:3c:37:06:
f3:d7:b1:e9:9f:d1:88:06:dc:6b:71:05:3c:fe:8a:
a5:d6:7a:02:7a:e1:85:fa:fa:56:57:01:c7:94:95:
d3:30:64:c9:88:7d:a8:7e:1e:0c:7b:3d:18:7e:54:
4b:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:FC:9B:2A:49:FE:9C:7C:CA:38:FC:32:AD:13:38:2F:7F:07:8F:62
X509v3 Authority Key Identifier:
keyid:EE:07:39:D0:52:8D:CB:4F:CE:57:8D:11:F7:EC:34:B0:E3:74:52:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7gc50FKNy0_OV40R9-w0sON0Us8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/853ee3-3a4f-4d95-9bdb-b03c2fbdc644/1/CPybKkn-nHzKOPwyrRM4L38Hj2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/853ee3-3a4f-4d95-9bdb-b03c2fbdc644/1/7gc50FKNy0_OV40R9-w0sON0Us8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:17fc::/48
Signature Algorithm: sha256WithRSAEncryption
8f:d2:8a:0e:d3:52:e7:81:ec:1d:19:b7:64:ea:fb:ce:b8:0e:
a5:0e:81:6a:47:b5:f6:76:fb:f5:a9:c0:f6:f6:4d:e9:e0:7d:
30:8a:49:91:c8:d7:f5:66:56:a7:b1:49:06:87:b1:c1:8f:7a:
c7:91:7f:82:5d:4d:91:5b:b8:a2:d8:e2:43:ea:9d:39:8f:c1:
2c:1b:b1:48:a4:ca:29:5e:e3:34:ba:f9:2b:95:fa:b7:1b:e6:
4b:05:34:85:e5:a9:3a:bc:3d:05:69:d0:98:87:02:8c:b9:59:
e9:ff:bb:70:6f:85:26:88:28:2e:c1:d3:b5:9f:bf:58:09:41:
20:16:e7:5c:50:8e:1b:d0:16:7e:b8:ea:6b:12:36:d8:5a:36:
8b:49:c7:fc:64:12:8c:ba:5e:f7:fa:71:31:a3:fe:20:95:66:
31:df:10:01:8f:f2:b2:10:f5:28:d5:2f:94:33:41:33:fd:15:
7c:07:e1:f5:f6:cf:62:b6:d1:f2:d1:71:86:50:80:76:30:f5:
a2:a2:29:49:44:77:f1:ba:3a:94:d8:4a:98:c5:38:c4:a1:36:
b7:bf:24:b2:6f:0a:e2:d9:64:63:5f:e3:f8:60:4f:93:10:25:
de:4b:79:cc:c4:f2:98:4b:95:d9:79:73:b8:b3:d8:d0:b1:ef:
68:7e:16:57
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVu1KanP0lXgfrHN+pKu4qdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMDczOWQwNTI4ZGNiNGZjZTU3OGQxMWY3ZWMzNGIwZTM3
NDUyY2YwHhcNMjMwMTAxMTkzNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGZjOWIyYTQ5ZmU5YzdjY2EzOGZjMzJhZDEzMzgyZjdmMDc4ZjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+/2boQv9sThyJUiErO8ySrlNS93
NR6L34XtMq6ydwBpw4CcWbGBkn0vSfp9qraYHi+hZXXZ+7WLHP5X+CzDatyu5xY1
qm5hhYtbbOAC0B6/FHIftikBGEt451ET9VOOhR7zMgLDFLDZKO9BxifDxCVLEaMJ
YkDNaXYG2XehZTIOlj7EE0cewEZ3LC0dFfbjeKw4W46OsbE0TjXCh206fjr+eMi9
j9R7GCNxoNtt5n9l2jh/2tl1tiRl/xi3Dy8BY0KcT73bmFNPe89Fic88Nwbz17Hp
n9GIBtxrcQU8/oql1noCeuGF+vpWVwHHlJXTMGTJiH2ofh4Mez0YflRLRwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAj8mypJ/px8yjj8Mq0TOC9/B49iMB8GA1UdIwQY
MBaAFO4HOdBSjctPzleNEffsNLDjdFLPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2djNTBGS055MF9PVjQwUjktdzBzT04wVXM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni84NTNlZTMtM2E0Zi00ZDk1LTliZGIt
YjAzYzJmYmRjNjQ0LzEvQ1B5Yktrbi1uSHpLT1B3eXJSTTRMMzhIajJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni84NTNlZTMtM2E0Zi00ZDk1LTliZGItYjAzYzJmYmRjNjQ0
LzEvN2djNTBGS055MF9PVjQwUjktdzBzT04wVXM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBf8
MA0GCSqGSIb3DQEBCwUAA4IBAQCP0ooO01LngewdGbdk6vvOuA6lDoFqR7X2dvv1
qcD29k3p4H0wikmRyNf1ZlansUkGh7HBj3rHkX+CXU2RW7ii2OJD6p05j8EsG7FI
pMopXuM0uvkrlfq3G+ZLBTSF5ak6vD0FadCYhwKMuVnp/7twb4UmiCguwdO1n79Y
CUEgFudcUI4b0BZ+uOprEjbYWjaLScf8ZBKMul73+nExo/4glWYx3xABj/KyEPUo
1S+UM0Ez/RV8B+H19s9ittHy0XGGUIB2MPWioilJRHfxujqU2EqYxTjEoTa3vySy
bwri2WRjX+P4YE+TECXeS3nMxPKYS5XZeXO4s9jQse9ofhZX
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:13 2024 by rpki-client on console-fra.rpki-client.org