Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/3n9DDyGwcpu1gV0mUCoZxMyrKPY.roa
File: 3n9DDyGwcpu1gV0mUCoZxMyrKPY.roa (raw, json)
Hash identifier: cvhC+2wANis8lTCAmi5RjESHaPLR65LUSsR9h2PfXXI=
Subject key identifier: DE:7F:43:0F:21:B0:72:9B:B5:81:5D:26:50:2A:19:C4:CC:AB:28:F6
Certificate issuer: /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial: 01856DDD732D79DDFEDEB6E16A3A027CC213
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/3n9DDyGwcpu1gV0mUCoZxMyrKPY.roa
Signing time: Sun 01 Jan 2023 15:05:07 +0000
ROA not before: Sun 01 Jan 2023 15:05:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200927
IP address blocks: 2a03:5840:f0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:73:2d:79:dd:fe:de:b6:e1:6a:3a:02:7c:c2:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Validity
Not Before: Jan 1 15:05:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de7f430f21b0729bb5815d26502a19c4ccab28f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:47:11:7b:55:09:01:81:0e:34:25:d3:5c:3b:
94:76:ea:9d:ae:d2:b6:1c:2a:6e:87:c5:73:b3:ee:
03:42:85:d6:ea:fd:7b:3c:4a:8d:70:3c:bc:9b:38:
f5:77:e8:0e:66:6e:47:1d:a5:07:bc:b0:f5:75:cd:
6b:5e:86:75:1c:2e:28:2a:b8:1f:7e:48:ff:cf:80:
df:cd:e1:eb:aa:c4:c7:39:00:5f:58:4b:9d:dd:10:
88:02:6b:7b:00:03:f2:28:8c:e5:64:41:7a:ee:a7:
78:0d:f0:47:ba:6a:d4:e8:bb:05:6c:97:47:c5:7f:
c5:a4:d9:65:f7:1b:28:f8:a3:82:6e:84:b4:3e:fc:
1e:53:ed:4a:0f:ee:a0:bf:a3:b5:7c:f8:a1:43:9d:
f5:d5:91:d3:35:39:35:bc:da:32:3d:f6:a3:11:f5:
68:e2:70:af:74:c4:5f:84:6f:39:de:c0:50:76:ec:
11:78:16:ec:7c:c5:4c:25:c0:72:36:ae:1b:a1:c2:
6d:ea:60:4c:df:a9:09:36:ca:f5:bd:a5:52:9d:ae:
8b:e8:9c:b4:44:6f:cb:08:66:bb:24:09:17:6a:38:
84:bf:76:8c:86:0d:a8:01:31:66:97:ff:da:4f:db:
ec:8e:b2:3b:3d:a3:7c:a1:52:56:d7:00:3c:a4:d7:
64:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:7F:43:0F:21:B0:72:9B:B5:81:5D:26:50:2A:19:C4:CC:AB:28:F6
X509v3 Authority Key Identifier:
keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/3n9DDyGwcpu1gV0mUCoZxMyrKPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:5840:f0::/48
Signature Algorithm: sha256WithRSAEncryption
74:25:88:7c:84:a5:c4:2b:bb:17:fe:26:4b:d6:af:8f:a0:96:
7e:73:79:f9:48:a3:da:78:a3:68:e6:aa:b3:7b:e4:ff:46:de:
78:b5:71:5d:71:2e:c0:ea:1f:14:cf:9c:85:dd:0f:7d:a6:11:
97:b9:c1:6c:0d:1d:b0:6a:db:88:a2:5f:74:09:ab:23:68:80:
8c:1a:d8:79:4d:b3:72:2b:a4:07:39:22:83:ee:bb:aa:6b:0f:
45:32:dd:20:2f:7d:e5:75:ca:f5:e6:34:bf:64:3d:3c:b3:8a:
a5:ee:4c:a7:ce:91:0e:b0:b7:08:28:f4:98:0d:6e:55:53:a2:
ee:8c:7b:cf:f8:46:df:3b:29:33:cc:08:66:16:61:95:d6:8b:
ba:50:36:8f:e8:86:37:96:34:e5:20:ca:46:66:cd:a4:41:fb:
c1:f3:5e:65:f6:e4:36:df:71:42:88:fb:a1:0c:37:1a:e9:4e:
88:9b:71:bd:93:8a:ef:41:8c:82:3d:f0:8b:19:e1:cb:4c:0e:
91:fb:78:6e:c8:f8:e1:fd:88:2b:e0:83:11:94:ef:15:14:69:
53:29:dd:84:c6:ae:bb:ad:a7:7f:da:f0:5a:c2:35:48:31:a5:
fe:48:f9:4d:1a:62:1a:71:cd:db:90:0a:b4:db:d5:6a:8e:92:
22:26:ee:18
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVt3XMted3+3rbhajoCfMITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzcwNWU4OWJiNjViNDcyZTRlMDE4NGQ2ZmU5YmZiOGM1
ODYzNWEwHhcNMjMwMTAxMTUwNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTdmNDMwZjIxYjA3MjliYjU4MTVkMjY1MDJhMTljNGNjYWIyOGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUcRe1UJAYEONCXTXDuUduqdrtK2
HCpuh8Vzs+4DQoXW6v17PEqNcDy8mzj1d+gOZm5HHaUHvLD1dc1rXoZ1HC4oKrgf
fkj/z4DfzeHrqsTHOQBfWEud3RCIAmt7AAPyKIzlZEF67qd4DfBHumrU6LsFbJdH
xX/FpNll9xso+KOCboS0PvweU+1KD+6gv6O1fPihQ5311ZHTNTk1vNoyPfajEfVo
4nCvdMRfhG853sBQduwReBbsfMVMJcByNq4bocJt6mBM36kJNsr1vaVSna6L6Jy0
RG/LCGa7JAkXajiEv3aMhg2oATFml//aT9vsjrI7PaN8oVJW1wA8pNdkLQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN5/Qw8hsHKbtYFdJlAqGcTMqyj2MB8GA1UdIwQY
MBaAFPd3BeibtltHLk4BhNb+m/uMWGNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYt
NmNiODk3OTFkN2ZkLzEvM245RER5R3djcHUxZ1YwbVVDb1p4TXlyS1BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYtNmNiODk3OTFkN2Zk
LzEvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgNYQADw
MA0GCSqGSIb3DQEBCwUAA4IBAQB0JYh8hKXEK7sX/iZL1q+PoJZ+c3n5SKPaeKNo
5qqze+T/Rt54tXFdcS7A6h8Uz5yF3Q99phGXucFsDR2watuIol90CasjaICMGth5
TbNyK6QHOSKD7ruqaw9FMt0gL33ldcr15jS/ZD08s4ql7kynzpEOsLcIKPSYDW5V
U6LujHvP+EbfOykzzAhmFmGV1ou6UDaP6IY3ljTlIMpGZs2kQfvB815l9uQ233FC
iPuhDDca6U6Im3G9k4rvQYyCPfCLGeHLTA6R+3huyPjh/Ygr4IMRlO8VFGlTKd2E
xq67rad/2vBawjVIMaX+SPlNGmIacc3bkAq029VqjpIiJu4Y
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:06 2024 by rpki-client on console-ams.rpki-client.org