Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/6e5f4c-2eae-48a0-8550-29ac45e2ecff/1/9gyx2rXFBAkkC5g8jp0FNIUTM1Q.roa
File: 9gyx2rXFBAkkC5g8jp0FNIUTM1Q.roa (raw, json)
Hash identifier: TbpBw/C89mAW+htayxiwt8sru3mKWZi+RrDWt7V3dIo=
Subject key identifier: F6:0C:B1:DA:B5:C5:04:09:24:0B:98:3C:8E:9D:05:34:85:13:33:54
Certificate issuer: /CN=40f75d327761b90c0899638f430eb614c87c3106
Certificate serial: 01856E0AFC39A1D3BE14B28BA24B04AB9B5C
Authority key identifier: 40:F7:5D:32:77:61:B9:0C:08:99:63:8F:43:0E:B6:14:C8:7C:31:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QPddMndhuQwImWOPQw62FMh8MQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/6e5f4c-2eae-48a0-8550-29ac45e2ecff/1/9gyx2rXFBAkkC5g8jp0FNIUTM1Q.roa
Signing time: Sun 01 Jan 2023 15:54:51 +0000
ROA not before: Sun 01 Jan 2023 15:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 2001:678:2cc::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:0a:fc:39:a1:d3:be:14:b2:8b:a2:4b:04:ab:9b:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40f75d327761b90c0899638f430eb614c87c3106
Validity
Not Before: Jan 1 15:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f60cb1dab5c50409240b983c8e9d053485133354
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:22:45:8c:a1:06:b4:3b:d9:2c:5e:86:5a:3f:
c4:ff:4a:ab:d6:9d:fe:bc:ab:84:62:29:86:26:d7:
4a:5c:4b:37:5f:87:c3:7c:e2:76:32:7e:3b:b4:00:
ab:6a:46:e3:58:2d:d1:3c:a9:0b:76:e7:5d:68:de:
e0:99:11:c6:27:c7:9a:bb:91:30:44:53:d5:a0:38:
e8:6f:09:38:20:d7:b7:e1:32:41:fb:9d:ad:40:87:
e8:07:7d:e6:35:bd:62:e3:9e:61:e9:22:69:e1:62:
9c:80:2d:ff:db:62:3b:15:d8:bc:31:1e:20:2e:e8:
90:f7:9c:95:17:84:22:89:c7:62:b8:98:68:76:fe:
22:4f:c0:93:41:eb:d5:2a:2d:f9:8f:ac:0c:38:6b:
6b:4c:50:57:99:23:a8:45:98:40:51:da:5a:e8:c8:
ae:32:4d:de:1f:76:09:80:a6:00:14:82:be:f7:e4:
6b:08:9a:86:d9:8c:a4:a3:80:72:64:47:fa:bc:cb:
e2:b5:16:81:ee:3f:2d:5d:40:33:4b:50:01:6b:e3:
c5:6d:79:6b:59:3b:b2:f8:22:01:eb:91:84:27:73:
73:6e:7a:6d:94:47:c4:5f:79:84:d4:17:a2:bb:b1:
1f:6c:87:f6:f3:ee:c7:6f:da:73:d4:d5:d9:42:52:
22:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:0C:B1:DA:B5:C5:04:09:24:0B:98:3C:8E:9D:05:34:85:13:33:54
X509v3 Authority Key Identifier:
keyid:40:F7:5D:32:77:61:B9:0C:08:99:63:8F:43:0E:B6:14:C8:7C:31:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QPddMndhuQwImWOPQw62FMh8MQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/6e5f4c-2eae-48a0-8550-29ac45e2ecff/1/9gyx2rXFBAkkC5g8jp0FNIUTM1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/6e5f4c-2eae-48a0-8550-29ac45e2ecff/1/QPddMndhuQwImWOPQw62FMh8MQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:2cc::/48
Signature Algorithm: sha256WithRSAEncryption
0d:0c:d0:17:26:d8:66:41:a1:f7:f8:33:d5:dd:f0:2f:57:7b:
a0:a3:6a:02:8f:02:48:61:35:bc:a1:c7:35:44:d6:bd:5d:76:
63:1a:07:92:bf:f0:f9:da:59:01:d6:ab:0f:1f:9b:c7:60:30:
d9:52:20:c4:d6:ef:af:15:eb:0e:07:20:c3:6d:43:7e:ea:9c:
48:03:39:33:27:1c:74:9a:62:e3:f3:39:0f:b8:4b:ae:f6:d8:
8c:99:0f:64:dd:8b:65:45:34:68:50:5a:92:75:85:43:8a:77:
5a:74:5b:f9:be:24:7c:dc:e3:c8:60:ab:ca:a1:bc:98:16:1a:
9b:2a:44:13:d4:27:bb:d7:9f:a1:71:b7:15:c9:24:42:ab:6f:
91:86:a7:5d:da:5f:74:02:e6:4d:13:3d:b2:7e:45:3f:b4:d4:
2a:45:63:85:cf:12:72:60:c5:dc:a3:23:bf:eb:e2:2b:92:81:
4b:9e:2d:5d:6e:f7:31:d1:34:3b:25:e9:5c:55:65:b6:3a:9c:
c3:b4:98:5f:67:68:48:7e:87:44:15:7f:75:85:6e:b5:9b:6c:
9f:83:9a:01:49:d7:58:fc:d8:a8:20:32:97:35:5f:76:bb:f8:
86:07:fd:c1:47:36:3f:f3:37:b7:02:b1:27:92:97:ed:16:5e:
49:c6:60:08
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVuCvw5odO+FLKLoksEq5tcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZjc1ZDMyNzc2MWI5MGMwODk5NjM4ZjQzMGViNjE0Yzg3
YzMxMDYwHhcNMjMwMTAxMTU1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjBjYjFkYWI1YzUwNDA5MjQwYjk4M2M4ZTlkMDUzNDg1MTMzMzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSJFjKEGtDvZLF6GWj/E/0qr1p3+
vKuEYimGJtdKXEs3X4fDfOJ2Mn47tACrakbjWC3RPKkLduddaN7gmRHGJ8eau5Ew
RFPVoDjobwk4INe34TJB+52tQIfoB33mNb1i455h6SJp4WKcgC3/22I7Fdi8MR4g
LuiQ95yVF4QiicdiuJhodv4iT8CTQevVKi35j6wMOGtrTFBXmSOoRZhAUdpa6Miu
Mk3eH3YJgKYAFIK+9+RrCJqG2Yyko4ByZEf6vMvitRaB7j8tXUAzS1ABa+PFbXlr
WTuy+CIB65GEJ3NzbnptlEfEX3mE1Beiu7EfbIf28+7Hb9pz1NXZQlIiiQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPYMsdq1xQQJJAuYPI6dBTSFEzNUMB8GA1UdIwQY
MBaAFED3XTJ3YbkMCJljj0MOthTIfDEGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVBkZE1uZGh1UXdJbVdPUFF3NjJGTWg4TVFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS82ZTVmNGMtMmVhZS00OGEwLTg1NTAt
MjlhYzQ1ZTJlY2ZmLzEvOWd5eDJyWEZCQWtrQzVnOGpwMEZOSVVUTTFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS82ZTVmNGMtMmVhZS00OGEwLTg1NTAtMjlhYzQ1ZTJlY2Zm
LzEvUVBkZE1uZGh1UXdJbVdPUFF3NjJGTWg4TVFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeALM
MA0GCSqGSIb3DQEBCwUAA4IBAQANDNAXJthmQaH3+DPV3fAvV3ugo2oCjwJIYTW8
occ1RNa9XXZjGgeSv/D52lkB1qsPH5vHYDDZUiDE1u+vFesOByDDbUN+6pxIAzkz
Jxx0mmLj8zkPuEuu9tiMmQ9k3YtlRTRoUFqSdYVDindadFv5viR83OPIYKvKobyY
FhqbKkQT1Ce715+hcbcVySRCq2+Rhqdd2l90AuZNEz2yfkU/tNQqRWOFzxJyYMXc
oyO/6+IrkoFLni1dbvcx0TQ7JelcVWW2OpzDtJhfZ2hIfodEFX91hW61m2yfg5oB
SddY/NioIDKXNV92u/iGB/3BRzY/8ze3ArEnkpftFl5JxmAI
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:36 2024 by rpki-client on console-ams.rpki-client.org