Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/sPkhD6LPtx2jQBV2NQS3_KRJMKk.roa
File: sPkhD6LPtx2jQBV2NQS3_KRJMKk.roa (raw, json)
Hash identifier: vWvWFPf2ds/wQdo4Kp/vK6dlxKK1gDmwgJU09hXVw6U=
Subject key identifier: B0:F9:21:0F:A2:CF:B7:1D:A3:40:15:76:35:04:B7:FC:A4:49:30:A9
Certificate issuer: /CN=e7d799ae0efdd986dde77fb35ad0a10823cb972f
Certificate serial: 018570A72C5A2B2ED29E9480DC3CEA0857D7
Authority key identifier: E7:D7:99:AE:0E:FD:D9:86:DD:E7:7F:B3:5A:D0:A1:08:23:CB:97:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/59eZrg792Ybd53-zWtChCCPLly8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/sPkhD6LPtx2jQBV2NQS3_KRJMKk.roa
Signing time: Mon 02 Jan 2023 04:04:42 +0000
ROA not before: Mon 02 Jan 2023 04:04:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3261
IP address blocks: 2a02:300::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:a7:2c:5a:2b:2e:d2:9e:94:80:dc:3c:ea:08:57:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7d799ae0efdd986dde77fb35ad0a10823cb972f
Validity
Not Before: Jan 2 04:04:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0f9210fa2cfb71da34015763504b7fca44930a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8b:e3:9b:ec:57:95:3b:b8:70:12:7f:c6:76:
96:d2:89:72:e7:2c:11:3c:f7:0a:c4:b1:d2:63:18:
e3:8d:07:76:b9:ff:93:30:3d:00:2d:91:a9:dd:53:
5d:00:cd:aa:b9:10:e7:13:84:16:eb:a5:9f:fc:f6:
22:33:37:7a:f8:f1:b0:70:68:7f:a7:3a:0b:b5:9a:
4d:2c:2b:3d:c5:55:33:2b:45:da:05:50:46:10:e6:
41:6a:58:8e:4e:8a:a3:cd:59:66:18:e8:e1:2d:9c:
59:23:d0:30:c0:3f:f4:aa:43:52:9f:74:cd:82:bf:
f8:42:af:53:c5:f4:f9:e7:73:c3:88:4b:98:11:6d:
37:62:c5:b4:5d:7a:d2:b7:0c:39:64:d1:18:0e:72:
ad:c3:ee:90:02:d4:82:51:45:74:6b:56:56:98:84:
c8:70:22:34:c0:d1:5f:e1:75:81:7c:e1:d8:05:4c:
b5:e9:07:8f:08:2b:3a:3b:3b:87:47:d3:8f:33:dc:
90:f5:ab:85:b9:4a:83:29:b0:b6:88:03:ca:f4:8d:
7a:12:f7:31:76:a6:17:71:73:97:d2:96:2f:cb:7d:
82:80:52:45:c0:a4:be:3e:df:c5:ea:2f:77:ea:00:
df:23:f3:27:08:9a:4f:04:0c:9a:bd:16:77:70:b4:
ed:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:F9:21:0F:A2:CF:B7:1D:A3:40:15:76:35:04:B7:FC:A4:49:30:A9
X509v3 Authority Key Identifier:
keyid:E7:D7:99:AE:0E:FD:D9:86:DD:E7:7F:B3:5A:D0:A1:08:23:CB:97:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/59eZrg792Ybd53-zWtChCCPLly8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/sPkhD6LPtx2jQBV2NQS3_KRJMKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/59eZrg792Ybd53-zWtChCCPLly8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:300::/32
Signature Algorithm: sha256WithRSAEncryption
74:84:8a:0b:b0:8b:b7:f2:ef:1d:53:3e:1c:e7:ac:d3:b0:6e:
2c:04:de:2f:a0:29:ae:b4:6c:72:32:e7:77:71:ed:af:7d:55:
a0:5e:bf:97:60:dd:7f:e6:b5:a5:47:06:ec:de:d2:a8:49:75:
5c:f7:c2:59:44:54:c2:fc:6f:a8:c1:da:41:f6:f2:0b:e0:a6:
e2:82:30:c8:7b:28:53:52:9e:0f:e7:0b:f7:6f:b9:fd:8d:28:
55:50:e4:76:d6:db:e0:b7:cc:48:19:20:b2:74:a8:92:a4:93:
b9:fe:9e:48:3a:d3:38:ac:95:81:df:4d:67:17:8f:03:85:f6:
d9:db:09:37:73:28:04:f0:86:ba:51:09:f8:98:92:00:9c:06:
30:7e:88:57:8b:b9:93:02:cf:15:19:81:3f:9d:30:76:9f:15:
72:48:e7:50:c4:a7:31:38:db:1c:be:4d:0b:15:1c:8a:67:f5:
8e:73:ac:c5:61:f9:03:2f:0a:10:b8:7b:ce:88:20:44:fa:6e:
6d:cd:25:01:7e:74:d3:f3:9b:1d:ff:79:b7:7e:23:60:08:70:
b5:39:c4:b7:85:3a:45:35:ba:96:2a:b8:e9:04:27:69:32:0a:
70:0d:f5:b8:94:33:fb:5b:ca:e0:e5:e4:d2:a2:00:38:9f:84:
4e:a8:1a:47
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVwpyxaKy7SnpSA3DzqCFfXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZDc5OWFlMGVmZGQ5ODZkZGU3N2ZiMzVhZDBhMTA4MjNj
Yjk3MmYwHhcNMjMwMTAyMDQwNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGY5MjEwZmEyY2ZiNzFkYTM0MDE1NzYzNTA0YjdmY2E0NDkzMGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4vjm+xXlTu4cBJ/xnaW0oly5ywR
PPcKxLHSYxjjjQd2uf+TMD0ALZGp3VNdAM2quRDnE4QW66Wf/PYiMzd6+PGwcGh/
pzoLtZpNLCs9xVUzK0XaBVBGEOZBaliOToqjzVlmGOjhLZxZI9AwwD/0qkNSn3TN
gr/4Qq9TxfT553PDiEuYEW03YsW0XXrStww5ZNEYDnKtw+6QAtSCUUV0a1ZWmITI
cCI0wNFf4XWBfOHYBUy16QePCCs6OzuHR9OPM9yQ9auFuUqDKbC2iAPK9I16Evcx
dqYXcXOX0pYvy32CgFJFwKS+Pt/F6i936gDfI/MnCJpPBAyavRZ3cLTtjQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLD5IQ+iz7cdo0AVdjUEt/ykSTCpMB8GA1UdIwQY
MBaAFOfXma4O/dmG3ed/s1rQoQgjy5cvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTllWnJnNzkyWWJkNTMteld0Q2hDQ1BMbHk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8xMTA4MWItNGVmOS00ZTJmLTgxNTMt
Mjg3OTM3OTQwZDdiLzEvc1BraEQ2TFB0eDJqUUJWMk5RUzNfS1JKTUtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8xMTA4MWItNGVmOS00ZTJmLTgxNTMtMjg3OTM3OTQwZDdi
LzEvNTllWnJnNzkyWWJkNTMteld0Q2hDQ1BMbHk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgIDADAN
BgkqhkiG9w0BAQsFAAOCAQEAdISKC7CLt/LvHVM+HOes07BuLATeL6AprrRscjLn
d3Htr31VoF6/l2Ddf+a1pUcG7N7SqEl1XPfCWURUwvxvqMHaQfbyC+Cm4oIwyHso
U1KeD+cL92+5/Y0oVVDkdtbb4LfMSBkgsnSokqSTuf6eSDrTOKyVgd9NZxePA4X2
2dsJN3MoBPCGulEJ+JiSAJwGMH6IV4u5kwLPFRmBP50wdp8VckjnUMSnMTjbHL5N
CxUcimf1jnOsxWH5Ay8KELh7zoggRPpubc0lAX500/ObHf95t34jYAhwtTnEt4U6
RTW6liq46QQnaTIKcA31uJQz+1vK4OXk0qIAOJ+ETqgaRw==
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:35:13 2024 by rpki-client on console-ams.rpki-client.org