Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/L20gsbrtQaBvvR70hLBmdjyKtdY.roa
File: L20gsbrtQaBvvR70hLBmdjyKtdY.roa (raw, json)
Hash identifier: fTiSuxI8619SXPCTTmnayYamTmmCxltd33E3FU8/uRM=
Subject key identifier: 2F:6D:20:B1:BA:ED:41:A0:6F:BD:1E:F4:84:B0:66:76:3C:8A:B5:D6
Certificate issuer: /CN=34b419fa4a0a1605188318cdf4a2044992853b95
Certificate serial: 01857115436CC5AD082F6726B869B077F0BC
Authority key identifier: 34:B4:19:FA:4A:0A:16:05:18:83:18:CD:F4:A2:04:49:92:85:3B:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NLQZ-koKFgUYgxjN9KIESZKFO5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/L20gsbrtQaBvvR70hLBmdjyKtdY.roa
Signing time: Mon 02 Jan 2023 06:04:56 +0000
ROA not before: Mon 02 Jan 2023 06:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13030
IP address blocks: 2a00:adc0:1a00::/40 maxlen: 40
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:43:6c:c5:ad:08:2f:67:26:b8:69:b0:77:f0:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34b419fa4a0a1605188318cdf4a2044992853b95
Validity
Not Before: Jan 2 06:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f6d20b1baed41a06fbd1ef484b066763c8ab5d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:df:57:4c:f3:6b:d1:80:2c:af:c6:a8:29:e3:
1f:35:7b:4b:fa:46:df:74:d7:65:62:3b:1e:01:b9:
08:22:72:b7:57:b1:71:5e:00:c2:d1:af:d7:97:3b:
e7:28:27:9d:0f:ec:17:b7:54:17:90:93:b3:60:35:
1e:6c:36:42:69:16:54:32:0f:e9:24:16:34:8d:99:
ab:80:ee:f9:8a:e2:cc:62:94:09:d1:46:03:ae:79:
b8:5a:9e:ee:eb:7e:fa:77:2c:ed:57:aa:5f:ee:59:
d1:cc:ac:89:37:a2:f6:5a:33:04:43:9d:d0:26:f7:
9c:45:d0:39:a4:7a:82:70:9a:9f:78:2b:8a:25:b3:
1d:1c:79:14:47:6f:d1:d4:69:6d:6b:d2:da:6f:a6:
94:2c:ea:56:1d:1b:5d:31:0e:5d:58:e8:88:d6:01:
6e:0b:91:98:56:1f:02:e8:b1:80:a5:5c:85:9d:fa:
11:b3:7f:57:76:e9:43:d7:cf:c9:b1:f2:d0:0b:50:
70:43:3d:f8:cc:51:23:94:2e:4c:04:05:90:e6:fb:
dc:a2:2e:af:55:98:b4:35:e3:34:67:cb:09:c2:9f:
f9:a2:ec:3c:c6:73:ac:cb:7b:8b:ac:f8:e3:3a:d5:
e2:0c:d8:2a:70:26:0e:cc:7c:0e:9d:9f:a2:79:3a:
42:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:6D:20:B1:BA:ED:41:A0:6F:BD:1E:F4:84:B0:66:76:3C:8A:B5:D6
X509v3 Authority Key Identifier:
keyid:34:B4:19:FA:4A:0A:16:05:18:83:18:CD:F4:A2:04:49:92:85:3B:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NLQZ-koKFgUYgxjN9KIESZKFO5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/L20gsbrtQaBvvR70hLBmdjyKtdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/NLQZ-koKFgUYgxjN9KIESZKFO5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:adc0:1a00::/40
Signature Algorithm: sha256WithRSAEncryption
2c:f2:0c:39:67:ec:86:4a:cf:8e:e8:cb:21:6a:e1:cd:88:de:
ea:8c:81:20:78:a6:2a:92:9b:f9:e7:ac:d9:e5:53:de:c1:04:
f8:2d:2e:92:1a:74:f0:bb:59:00:a6:9b:9b:1e:18:d6:e5:b7:
94:4b:a2:5b:c0:fb:d2:b0:28:4f:65:2d:13:fe:67:0e:d1:db:
74:0e:58:59:ec:3a:59:49:de:37:ad:e3:1b:f3:1d:83:87:56:
a5:b0:11:dc:e4:ea:3f:0a:a1:74:2d:42:df:fa:a4:5c:cc:7e:
6d:94:8c:f4:ea:15:b7:54:33:a9:21:92:d3:2f:31:43:cd:c1:
b9:ee:01:15:8e:a1:90:bd:b1:fa:cd:eb:09:e0:60:0d:06:5c:
60:ce:3a:07:be:48:ad:e7:24:96:7c:8f:7f:d7:e6:63:e6:85:
7d:2f:09:de:b4:8c:b2:aa:f1:fe:64:7c:1b:72:a5:ea:71:64:
27:5e:e5:1d:fa:6e:a3:24:d5:c4:ab:43:78:5c:83:e5:f3:81:
cb:5b:f1:bc:71:d2:ee:b3:f6:09:f1:26:93:62:8c:2a:8d:44:
ce:40:a9:e5:7d:46:f3:de:79:d3:3e:6c:fe:68:5f:2f:74:9a:
80:99:67:46:3b:9d:5c:10:ba:a7:3b:a6:39:3e:d7:54:cc:8b:
72:ef:b1:8f
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVxFUNsxa0IL2cmuGmwd/C8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YjQxOWZhNGEwYTE2MDUxODgzMThjZGY0YTIwNDQ5OTI4
NTNiOTUwHhcNMjMwMTAyMDYwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjZkMjBiMWJhZWQ0MWEwNmZiZDFlZjQ4NGIwNjY3NjNjOGFiNWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgN9XTPNr0YAsr8aoKeMfNXtL+kbf
dNdlYjseAbkIInK3V7FxXgDC0a/XlzvnKCedD+wXt1QXkJOzYDUebDZCaRZUMg/p
JBY0jZmrgO75iuLMYpQJ0UYDrnm4Wp7u6376dyztV6pf7lnRzKyJN6L2WjMEQ53Q
JvecRdA5pHqCcJqfeCuKJbMdHHkUR2/R1Glta9Lab6aULOpWHRtdMQ5dWOiI1gFu
C5GYVh8C6LGApVyFnfoRs39XdulD18/JsfLQC1BwQz34zFEjlC5MBAWQ5vvcoi6v
VZi0NeM0Z8sJwp/5ouw8xnOsy3uLrPjjOtXiDNgqcCYOzHwOnZ+ieTpCkQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFC9tILG67UGgb70e9ISwZnY8irXWMB8GA1UdIwQY
MBaAFDS0GfpKChYFGIMYzfSiBEmShTuVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkxRWi1rb0tGZ1VZZ3hqTjlLSUVTWktGTzVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84Yzc5ZmItN2E1Ny00MjlkLTljMzMt
ODc3NzU0NGM5Mjc1LzEvTDIwZ3NicnRRYUJ2dlI3MGhMQm1kanlLdGRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84Yzc5ZmItN2E1Ny00MjlkLTljMzMtODc3NzU0NGM5Mjc1
LzEvTkxRWi1rb0tGZ1VZZ3hqTjlLSUVTWktGTzVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgCtwBow
DQYJKoZIhvcNAQELBQADggEBACzyDDln7IZKz47oyyFq4c2I3uqMgSB4piqSm/nn
rNnlU97BBPgtLpIadPC7WQCmm5seGNblt5RLolvA+9KwKE9lLRP+Zw7R23QOWFns
OllJ3jet4xvzHYOHVqWwEdzk6j8KoXQtQt/6pFzMfm2UjPTqFbdUM6khktMvMUPN
wbnuARWOoZC9sfrN6wngYA0GXGDOOge+SK3nJJZ8j3/X5mPmhX0vCd60jLKq8f5k
fBtypepxZCde5R36bqMk1cSrQ3hcg+Xzgctb8bxx0u6z9gnxJpNijCqNRM5AqeV9
RvPeedM+bP5oXy90moCZZ0Y7nVwQuqc7pjk+11TMi3LvsY8=
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:22 2024 by rpki-client on console-fra.rpki-client.org