Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/f507cb-7371-4ad1-b7e3-16a7d60d5bea/1/V3Dw9kzhAK9RXMQ2DK6edC3HE0M.roa
File: V3Dw9kzhAK9RXMQ2DK6edC3HE0M.roa (raw, json)
Hash identifier: EybQYnOan9rDMROqYksu/P1Bo3rOnx4nK15AKGIZTp4=
Subject key identifier: 57:70:F0:F6:4C:E1:00:AF:51:5C:C4:36:0C:AE:9E:74:2D:C7:13:43
Certificate issuer: /CN=d116835d037786620a9e9f7a0e360498bb654127
Certificate serial: 01856F0228D883463B790069DADE9FAFCA12
Authority key identifier: D1:16:83:5D:03:77:86:62:0A:9E:9F:7A:0E:36:04:98:BB:65:41:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0RaDXQN3hmIKnp96DjYEmLtlQSc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/f507cb-7371-4ad1-b7e3-16a7d60d5bea/1/V3Dw9kzhAK9RXMQ2DK6edC3HE0M.roa
Signing time: Sun 01 Jan 2023 20:24:50 +0000
ROA not before: Sun 01 Jan 2023 20:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8881
IP address blocks: 2001:678:274::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:28:d8:83:46:3b:79:00:69:da:de:9f:af:ca:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d116835d037786620a9e9f7a0e360498bb654127
Validity
Not Before: Jan 1 20:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5770f0f64ce100af515cc4360cae9e742dc71343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:82:5e:fd:0c:c6:9e:9c:24:d8:0b:5a:d8:d9:
24:d3:18:e9:80:7c:5f:17:05:cf:55:1c:05:d9:63:
18:bc:40:7c:0f:3e:61:75:4d:dc:89:b7:15:ff:ca:
dc:33:fe:7d:f6:9a:4c:62:0a:71:51:a7:ff:4e:3a:
1e:02:e7:8d:b0:af:e1:eb:b4:a7:43:e7:06:3a:8a:
28:c1:4f:30:16:a5:e0:23:32:32:8e:be:8d:7d:47:
7e:a2:bd:e1:06:e7:68:89:63:64:32:12:48:8e:28:
2e:d8:05:f0:75:a8:6f:f6:5e:b1:fe:3e:e8:94:11:
07:c7:74:8f:16:03:96:37:00:b8:3c:98:e0:9f:23:
2d:2d:d2:5c:96:8b:9a:b7:0e:1b:98:ac:6d:13:64:
97:9e:8b:b8:3b:01:a2:06:01:41:1d:be:86:29:a7:
34:f0:e8:a1:b2:e6:d3:ba:72:a2:7f:e0:cc:83:2d:
31:56:56:d1:f9:fd:59:bd:b8:68:e6:90:b6:c1:33:
4c:17:8e:97:8d:75:6e:85:a2:82:4b:7e:bc:35:bc:
35:e8:76:03:e0:87:d6:ed:72:83:ad:d8:58:e0:e8:
c7:a9:d2:7b:6a:03:ff:65:8f:a4:ee:00:cc:17:dc:
a4:dd:c9:06:ff:96:73:df:05:d5:9c:dd:a1:32:35:
9d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:70:F0:F6:4C:E1:00:AF:51:5C:C4:36:0C:AE:9E:74:2D:C7:13:43
X509v3 Authority Key Identifier:
keyid:D1:16:83:5D:03:77:86:62:0A:9E:9F:7A:0E:36:04:98:BB:65:41:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0RaDXQN3hmIKnp96DjYEmLtlQSc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/f507cb-7371-4ad1-b7e3-16a7d60d5bea/1/V3Dw9kzhAK9RXMQ2DK6edC3HE0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/f507cb-7371-4ad1-b7e3-16a7d60d5bea/1/0RaDXQN3hmIKnp96DjYEmLtlQSc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:274::/48
Signature Algorithm: sha256WithRSAEncryption
46:78:36:3a:b8:c6:ec:7e:f6:09:77:7f:c9:92:b6:e2:b7:f1:
05:02:be:1f:9c:47:f3:d1:e1:85:40:3a:fe:59:dc:bf:47:3f:
4a:1f:b3:cd:ce:55:e2:9d:a6:b2:d8:c5:ba:09:b2:d7:6b:44:
24:61:58:80:d5:3e:68:b8:d4:fa:a8:62:82:db:af:e4:0d:e5:
36:f2:d5:fd:f4:5f:14:fe:bf:03:20:bc:4b:4e:ee:53:a5:a1:
57:36:5c:09:60:ea:68:dc:c2:c9:b0:f4:b1:6e:ec:61:ab:7e:
4a:05:0e:7a:08:d6:59:4f:fe:51:87:31:ce:03:b5:71:d9:70:
95:79:2b:42:9c:d3:43:e0:95:ff:5b:4f:96:b3:d4:12:b4:95:
78:0e:9c:2b:42:45:27:7b:1a:51:bc:24:fb:03:6c:bb:84:73:
49:5f:85:58:b3:15:50:c9:22:87:9c:cc:7b:ea:30:ca:11:8e:
e4:63:df:94:60:d2:c0:2f:94:d4:fb:ea:03:83:03:cb:cc:84:
4d:62:c5:00:51:f3:1d:af:a1:0e:aa:8f:8a:98:57:de:e4:32:
84:e3:95:c5:26:ad:c3:4c:fb:1b:f0:80:4a:42:a7:5f:8f:d0:
04:97:85:46:1a:63:bb:fb:4b:0d:e9:30:0b:c1:06:c2:81:23:
15:ff:d6:50
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvAijYg0Y7eQBp2t6fr8oSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxMTY4MzVkMDM3Nzg2NjIwYTllOWY3YTBlMzYwNDk4YmI2
NTQxMjcwHhcNMjMwMTAxMjAyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzcwZjBmNjRjZTEwMGFmNTE1Y2M0MzYwY2FlOWU3NDJkYzcxMzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIJe/QzGnpwk2Ata2Nkk0xjpgHxf
FwXPVRwF2WMYvEB8Dz5hdU3cibcV/8rcM/599ppMYgpxUaf/TjoeAueNsK/h67Sn
Q+cGOooowU8wFqXgIzIyjr6NfUd+or3hBudoiWNkMhJIjigu2AXwdahv9l6x/j7o
lBEHx3SPFgOWNwC4PJjgnyMtLdJclouatw4bmKxtE2SXnou4OwGiBgFBHb6GKac0
8OihsubTunKif+DMgy0xVlbR+f1Zvbho5pC2wTNMF46XjXVuhaKCS368Nbw16HYD
4IfW7XKDrdhY4OjHqdJ7agP/ZY+k7gDMF9yk3ckG/5Zz3wXVnN2hMjWdBQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFdw8PZM4QCvUVzENgyunnQtxxNDMB8GA1UdIwQY
MBaAFNEWg10Dd4ZiCp6feg42BJi7ZUEnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFJhRFhRTjNobUlLbnA5NkRqWUVtTHRsUVNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9mNTA3Y2ItNzM3MS00YWQxLWI3ZTMt
MTZhN2Q2MGQ1YmVhLzEvVjNEdzlremhBSzlSWE1RMkRLNmVkQzNIRTBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9mNTA3Y2ItNzM3MS00YWQxLWI3ZTMtMTZhN2Q2MGQ1YmVh
LzEvMFJhRFhRTjNobUlLbnA5NkRqWUVtTHRsUVNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAJ0
MA0GCSqGSIb3DQEBCwUAA4IBAQBGeDY6uMbsfvYJd3/Jkrbit/EFAr4fnEfz0eGF
QDr+Wdy/Rz9KH7PNzlXinaay2MW6CbLXa0QkYViA1T5ouNT6qGKC26/kDeU28tX9
9F8U/r8DILxLTu5TpaFXNlwJYOpo3MLJsPSxbuxhq35KBQ56CNZZT/5RhzHOA7Vx
2XCVeStCnNND4JX/W0+Ws9QStJV4DpwrQkUnexpRvCT7A2y7hHNJX4VYsxVQySKH
nMx76jDKEY7kY9+UYNLAL5TU++oDgwPLzIRNYsUAUfMdr6EOqo+KmFfe5DKE45XF
Jq3DTPsb8IBKQqdfj9AEl4VGGmO7+0sN6TALwQbCgSMV/9ZQ
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:44 2024 by rpki-client on console-fra.rpki-client.org