Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/skZD3KzOQ3sNKUOE5sQSALI9zxk.roa
File: skZD3KzOQ3sNKUOE5sQSALI9zxk.roa (raw, json)
Hash identifier: gSK7XV5UsgSCbKXt8niEYYXNxRH5mRmc00+AVYRY9h4=
Subject key identifier: B2:46:43:DC:AC:CE:43:7B:0D:29:43:84:E6:C4:12:00:B2:3D:CF:19
Certificate issuer: /CN=2f5cab8a09a9fde23c9635f8e164aef09e17948c
Certificate serial: 018CA0CE8562D98FC730BF7E6C5B76E87836
Authority key identifier: 2F:5C:AB:8A:09:A9:FD:E2:3C:96:35:F8:E1:64:AE:F0:9E:17:94:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/skZD3KzOQ3sNKUOE5sQSALI9zxk.roa
Signing time: Mon 25 Dec 2023 11:48:58 +0000
ROA not before: Mon 25 Dec 2023 11:48:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204916
IP address blocks: 2a09:7e00::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a0:ce:85:62:d9:8f:c7:30:bf:7e:6c:5b:76:e8:78:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f5cab8a09a9fde23c9635f8e164aef09e17948c
Validity
Not Before: Dec 25 11:48:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b24643dcacce437b0d294384e6c41200b23dcf19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:81:34:7e:99:c7:0b:db:71:7c:62:2a:5e:5d:
eb:8e:5a:d6:db:af:4c:cf:87:0e:ee:39:b6:5a:8a:
5c:1b:3d:92:ba:a6:a7:b1:82:25:a2:ba:de:de:2a:
8c:e1:4a:3e:f8:6b:da:45:55:7b:ad:82:8d:9e:09:
6b:04:03:c5:c0:2e:1e:f4:b2:5b:b6:1c:7f:4b:be:
82:e6:6c:78:26:3a:bf:69:dd:8b:71:2b:e2:45:83:
19:83:5f:d9:39:20:d6:ec:b2:01:57:9c:05:2e:d1:
c7:07:7a:02:56:30:8f:45:8a:90:bf:3e:10:0e:1a:
5d:08:d2:7a:09:fd:e8:0a:01:f0:21:fe:f8:ed:26:
94:17:10:23:59:b6:69:6b:fd:02:38:93:2b:9d:f4:
51:93:04:d0:ee:29:4d:f6:8b:e4:c0:1f:83:a0:47:
53:5d:8d:a9:7e:3e:41:05:48:77:a0:a1:e4:72:2a:
eb:71:d5:cd:d4:ae:18:d8:06:4e:88:f4:fd:c6:f5:
3c:d7:d0:d9:e8:04:bb:38:5c:5b:ab:c7:8d:86:40:
60:13:5b:e6:98:0d:b7:7f:59:e9:6a:42:db:a4:67:
a7:c8:16:49:36:07:45:9e:ab:15:e7:b4:66:9c:55:
ab:a7:18:ed:7b:70:c5:c7:36:1e:65:90:8d:6f:27:
96:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:46:43:DC:AC:CE:43:7B:0D:29:43:84:E6:C4:12:00:B2:3D:CF:19
X509v3 Authority Key Identifier:
keyid:2F:5C:AB:8A:09:A9:FD:E2:3C:96:35:F8:E1:64:AE:F0:9E:17:94:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/skZD3KzOQ3sNKUOE5sQSALI9zxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/L1yrigmp_eI8ljX44WSu8J4XlIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:7e00::/29
Signature Algorithm: sha256WithRSAEncryption
3d:76:6a:5a:9a:7a:ba:9b:e3:93:9b:48:e2:7c:6c:c3:81:80:
fe:8c:9e:00:df:e0:da:2c:b0:54:16:48:dd:7f:b4:2d:c0:05:
8d:68:72:59:25:3f:82:fb:a8:28:16:49:3f:6a:58:46:14:8f:
e4:78:18:78:22:cc:65:2a:4e:18:e6:d4:e0:1c:00:af:c0:9b:
6f:15:d8:7b:dd:8f:73:54:cd:6f:c6:59:70:64:eb:5f:6b:60:
dc:24:7e:0e:84:c9:fc:74:61:e7:9d:95:88:99:5d:23:b7:52:
44:2f:42:d5:ec:78:0b:8e:9f:7a:ae:a9:4d:1d:f9:12:0f:8c:
70:fc:23:f8:de:ec:bb:03:e9:0e:ba:e9:d2:f3:4a:b7:bc:21:
e3:54:30:be:75:d9:73:e3:d8:4b:a7:25:1a:4c:23:62:6d:ee:
c8:da:bd:e6:db:3a:9f:05:ec:fd:c5:e1:ac:2b:f6:e8:52:df:
53:cc:c7:e9:53:16:6d:2a:5c:41:b7:17:1d:26:f3:83:5d:43:
66:b4:f8:f6:62:bc:23:70:64:12:60:36:da:5c:f9:71:95:e2:
42:08:86:0c:47:f6:a0:18:96:8a:05:08:34:01:54:fd:a0:1c:
a8:23:88:68:6e:a5:89:2b:f4:57:5b:f5:36:69:3a:4d:29:8f:
3c:94:7c:ce
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYygzoVi2Y/HML9+bFt26Hg2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNWNhYjhhMDlhOWZkZTIzYzk2MzVmOGUxNjRhZWYwOWUx
Nzk0OGMwHhcNMjMxMjI1MTE0ODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjQ2NDNkY2FjY2U0MzdiMGQyOTQzODRlNmM0MTIwMGIyM2RjZjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9YE0fpnHC9txfGIqXl3rjlrW269M
z4cO7jm2WopcGz2SuqansYIlorre3iqM4Uo++GvaRVV7rYKNnglrBAPFwC4e9LJb
thx/S76C5mx4Jjq/ad2LcSviRYMZg1/ZOSDW7LIBV5wFLtHHB3oCVjCPRYqQvz4Q
DhpdCNJ6Cf3oCgHwIf747SaUFxAjWbZpa/0COJMrnfRRkwTQ7ilN9ovkwB+DoEdT
XY2pfj5BBUh3oKHkcirrcdXN1K4Y2AZOiPT9xvU819DZ6AS7OFxbq8eNhkBgE1vm
mA23f1npakLbpGenyBZJNgdFnqsV57RmnFWrpxjte3DFxzYeZZCNbyeWXQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLJGQ9yszkN7DSlDhObEEgCyPc8ZMB8GA1UdIwQY
MBaAFC9cq4oJqf3iPJY1+OFkrvCeF5SMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDF5cmlnbXBfZUk4bGpYNDRXU3U4SjRYbEl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9jMmUxNmUtYWI2OC00NDI5LTk2ZWUt
MDAyZjI2ZTNiODk4LzEvc2taRDNLek9RM3NOS1VPRTVzUVNBTEk5enhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9jMmUxNmUtYWI2OC00NDI5LTk2ZWUtMDAyZjI2ZTNiODk4
LzEvTDF5cmlnbXBfZUk4bGpYNDRXU3U4SjRYbEl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgl+ADAN
BgkqhkiG9w0BAQsFAAOCAQEAPXZqWpp6upvjk5tI4nxsw4GA/oyeAN/g2iywVBZI
3X+0LcAFjWhyWSU/gvuoKBZJP2pYRhSP5HgYeCLMZSpOGObU4BwAr8CbbxXYe92P
c1TNb8ZZcGTrX2tg3CR+DoTJ/HRh552ViJldI7dSRC9C1ex4C46feq6pTR35Eg+M
cPwj+N7suwPpDrrp0vNKt7wh41QwvnXZc+PYS6clGkwjYm3uyNq95ts6nwXs/cXh
rCv26FLfU8zH6VMWbSpcQbcXHSbzg11DZrT49mK8I3BkEmA22lz5cZXiQgiGDEf2
oBiWigUINAFU/aAcqCOIaG6liSv0V1v1Nmk6TSmPPJR8zg==
-----END CERTIFICATE-----
Generated at Sat Dec 30 22:13:18 2023 by rpki-client on console-ams.rpki-client.org