Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/b41ad4-8500-4f26-9019-0f0bc9f629d3/1/2tOWPhfUKvSpLEQvBwnE422rKJ0.roa
File: 2tOWPhfUKvSpLEQvBwnE422rKJ0.roa (raw, json)
Hash identifier: Vpv+c2aUd192wOC3pyF9FbOwJ1hTkP6BK2XvjXYyTV0=
Subject key identifier: DA:D3:96:3E:17:D4:2A:F4:A9:2C:44:2F:07:09:C4:E3:6D:AB:28:9D
Certificate issuer: /CN=07217c0634c102c71ba3e444f0688abdd1af4ce8
Certificate serial: 0188B90D18EB8251D5067043377BC12C798C
Authority key identifier: 07:21:7C:06:34:C1:02:C7:1B:A3:E4:44:F0:68:8A:BD:D1:AF:4C:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ByF8BjTBAscbo-RE8GiKvdGvTOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/b41ad4-8500-4f26-9019-0f0bc9f629d3/1/2tOWPhfUKvSpLEQvBwnE422rKJ0.roa
Signing time: Wed 14 Jun 2023 08:37:03 +0000
ROA not before: Wed 14 Jun 2023 08:37:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28788
IP address blocks: 2a03:71e0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b9:0d:18:eb:82:51:d5:06:70:43:37:7b:c1:2c:79:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07217c0634c102c71ba3e444f0688abdd1af4ce8
Validity
Not Before: Jun 14 08:37:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dad3963e17d42af4a92c442f0709c4e36dab289d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:89:cb:8c:a5:03:5f:ff:cb:bb:6d:46:db:69:
ec:c9:9e:5e:d6:ea:a6:d9:ed:59:f4:32:9f:7a:46:
63:43:0e:eb:0d:8a:f6:17:06:56:69:ab:42:81:50:
0f:62:e5:e5:d4:9b:66:10:8d:2f:db:29:03:b2:a1:
04:de:37:3f:c1:54:49:7c:b3:81:81:54:ef:a5:72:
97:4f:25:83:4c:81:16:ad:bf:d2:01:0c:a4:47:4c:
ed:9d:9a:c3:44:aa:da:5e:cd:27:f8:63:a6:03:ad:
84:6e:cf:72:6c:1d:14:ff:c4:4b:5d:c1:95:3a:f1:
a2:b0:a7:5b:7d:2e:c5:ba:ab:6a:e6:3d:f7:4b:78:
b3:f5:b8:55:2b:8a:a5:54:70:f2:37:6a:b9:19:e5:
6d:37:5d:12:f2:27:6b:cc:e9:83:8c:24:10:e3:e3:
5d:f8:e0:26:72:40:35:e8:20:50:12:4f:6b:40:1d:
19:47:70:7d:43:6d:07:61:32:8c:fd:11:2f:4c:d2:
1e:44:56:61:2a:c8:39:05:54:43:72:4f:9c:75:d5:
45:d3:ba:fc:4c:c3:c9:76:ae:e3:92:2b:f6:ee:c2:
6b:e6:7c:5e:c5:e5:ef:19:66:00:a3:d5:28:b1:a8:
64:5c:39:0b:ad:7a:65:01:50:2d:b5:52:4a:3b:25:
8d:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:D3:96:3E:17:D4:2A:F4:A9:2C:44:2F:07:09:C4:E3:6D:AB:28:9D
X509v3 Authority Key Identifier:
keyid:07:21:7C:06:34:C1:02:C7:1B:A3:E4:44:F0:68:8A:BD:D1:AF:4C:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ByF8BjTBAscbo-RE8GiKvdGvTOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/b41ad4-8500-4f26-9019-0f0bc9f629d3/1/2tOWPhfUKvSpLEQvBwnE422rKJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/b41ad4-8500-4f26-9019-0f0bc9f629d3/1/ByF8BjTBAscbo-RE8GiKvdGvTOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:71e0::/32
Signature Algorithm: sha256WithRSAEncryption
59:cf:bc:f7:bc:6a:0e:66:b3:4d:aa:6b:6d:ef:61:79:08:8b:
0e:a0:96:62:27:62:a7:68:03:a4:16:73:8a:bd:13:3e:26:76:
24:84:9e:29:b8:87:7c:da:4b:34:98:4f:51:aa:a7:df:a1:74:
82:e4:13:68:ce:8e:62:1c:66:ec:39:2e:70:d2:f4:ae:89:fc:
99:ed:0d:15:36:30:ca:cf:d2:ad:5b:41:d6:40:83:1e:12:5e:
35:05:ba:4c:90:68:1d:36:d2:04:49:c7:c3:7f:e5:29:2a:14:
d8:f8:6e:5b:79:3b:31:aa:6b:32:85:82:a7:6a:13:4c:bd:ea:
fd:fe:cb:4a:39:96:51:9f:fb:b1:37:0a:a0:06:73:5a:03:a4:
47:68:15:a1:e2:19:74:77:b0:e3:0c:67:fd:12:8a:4c:d8:41:
c8:e2:b4:be:ba:b0:13:b0:1f:3d:d9:97:06:8f:db:e2:a0:8a:
a0:0a:4d:e1:27:f2:ec:10:12:9e:d6:44:37:5f:2d:15:ae:58:
03:aa:da:34:1e:79:2a:4a:29:da:c9:79:0e:bd:e9:66:12:f5:
14:c2:20:3e:8f:f3:f3:f9:0f:81:e8:77:20:0d:75:77:37:13:
e0:e7:a2:a6:33:02:5b:f3:88:41:d0:af:3e:16:02:99:90:e2:
88:b5:6a:28
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYi5DRjrglHVBnBDN3vBLHmMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3MjE3YzA2MzRjMTAyYzcxYmEzZTQ0NGYwNjg4YWJkZDFh
ZjRjZTgwHhcNMjMwNjE0MDgzNzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWQzOTYzZTE3ZDQyYWY0YTkyYzQ0MmYwNzA5YzRlMzZkYWIyODlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4nLjKUDX//Lu21G22nsyZ5e1uqm
2e1Z9DKfekZjQw7rDYr2FwZWaatCgVAPYuXl1JtmEI0v2ykDsqEE3jc/wVRJfLOB
gVTvpXKXTyWDTIEWrb/SAQykR0ztnZrDRKraXs0n+GOmA62Ebs9ybB0U/8RLXcGV
OvGisKdbfS7Fuqtq5j33S3iz9bhVK4qlVHDyN2q5GeVtN10S8idrzOmDjCQQ4+Nd
+OAmckA16CBQEk9rQB0ZR3B9Q20HYTKM/REvTNIeRFZhKsg5BVRDck+cddVF07r8
TMPJdq7jkiv27sJr5nxexeXvGWYAo9UosahkXDkLrXplAVAttVJKOyWNFQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNrTlj4X1Cr0qSxELwcJxONtqyidMB8GA1UdIwQY
MBaAFAchfAY0wQLHG6PkRPBoir3Rr0zoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnlGOEJqVEJBc2Niby1SRThHaUt2ZEd2VE9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9iNDFhZDQtODUwMC00ZjI2LTkwMTkt
MGYwYmM5ZjYyOWQzLzEvMnRPV1BoZlVLdlNwTEVRdkJ3bkU0MjJyS0owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9iNDFhZDQtODUwMC00ZjI2LTkwMTktMGYwYmM5ZjYyOWQz
LzEvQnlGOEJqVEJBc2Niby1SRThHaUt2ZEd2VE9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgNx4DAN
BgkqhkiG9w0BAQsFAAOCAQEAWc+897xqDmazTaprbe9heQiLDqCWYidip2gDpBZz
ir0TPiZ2JISeKbiHfNpLNJhPUaqn36F0guQTaM6OYhxm7DkucNL0ron8me0NFTYw
ys/SrVtB1kCDHhJeNQW6TJBoHTbSBEnHw3/lKSoU2PhuW3k7MaprMoWCp2oTTL3q
/f7LSjmWUZ/7sTcKoAZzWgOkR2gVoeIZdHew4wxn/RKKTNhByOK0vrqwE7AfPdmX
Bo/b4qCKoApN4Sfy7BASntZEN18tFa5YA6raNB55Kkop2sl5Dr3pZhL1FMIgPo/z
8/kPgeh3IA11dzcT4OeipjMCW/OIQdCvPhYCmZDiiLVqKA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:45 2024 by rpki-client on console-fra.rpki-client.org