Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/f0172e-69c2-422f-8296-9e80d0d87c2d/1/O5VqZ4HlYyJDMZMpgVI4yrqpO2I.roa
File: O5VqZ4HlYyJDMZMpgVI4yrqpO2I.roa (raw, json)
Hash identifier: IBh/hUEUmrKdC1frLgXRKlVfJ4d7s6J+qEkYOVk7Vw8=
Subject key identifier: 3B:95:6A:67:81:E5:63:22:43:31:93:29:81:52:38:CA:BA:A9:3B:62
Certificate issuer: /CN=73975d5da9da8a074b33fbcb5c09d503a3b443a1
Certificate serial: 01856F14D2F00882D8981FB57FE39B91F005
Authority key identifier: 73:97:5D:5D:A9:DA:8A:07:4B:33:FB:CB:5C:09:D5:03:A3:B4:43:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c5ddXanaigdLM_vLXAnVA6O0Q6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/f0172e-69c2-422f-8296-9e80d0d87c2d/1/O5VqZ4HlYyJDMZMpgVI4yrqpO2I.roa
Signing time: Sun 01 Jan 2023 20:45:13 +0000
ROA not before: Sun 01 Jan 2023 20:45:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13030
IP address blocks: 2001:67c:2648::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:d2:f0:08:82:d8:98:1f:b5:7f:e3:9b:91:f0:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73975d5da9da8a074b33fbcb5c09d503a3b443a1
Validity
Not Before: Jan 1 20:45:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b956a6781e5632243319329815238cabaa93b62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:eb:02:59:c0:00:a6:3c:fc:fa:a4:74:85:b1:
68:3a:8f:5b:df:fc:5e:0c:97:55:46:69:3f:72:83:
31:1f:4f:03:bd:04:7f:d1:f7:be:4d:f3:b3:51:4a:
d5:2a:da:8a:19:29:2a:99:7b:82:bc:3f:5f:50:8c:
ba:d6:28:8a:b3:72:b0:78:d1:a3:09:08:7c:5c:63:
7b:d1:46:98:2e:c8:03:20:99:01:3d:f8:87:74:b8:
0c:a5:a7:55:07:88:00:95:57:e4:56:a6:a5:a9:b9:
d9:30:5f:11:84:33:fb:f9:39:0f:29:e2:b2:96:e3:
3f:a2:2f:8a:44:b6:d3:f4:28:96:41:65:e3:89:2a:
d9:a5:8c:e4:8d:78:52:38:fe:6e:53:72:73:50:09:
d8:39:26:75:0b:be:a3:d4:fe:69:73:97:de:8c:03:
22:f0:6f:19:42:55:4d:f3:ba:9e:14:cd:7d:b2:83:
ee:9b:3b:82:08:dd:76:f7:76:11:3d:0b:36:a0:49:
27:e5:c2:4e:bf:8f:7f:41:e6:8a:4e:5f:5c:9e:c0:
16:21:e9:d2:f3:94:e7:7f:9a:74:e5:f0:60:e3:0d:
55:5b:8a:95:3d:42:2c:e6:ae:26:00:e8:74:38:cb:
26:19:9f:e3:b1:8d:6d:f0:07:f2:40:2b:94:c9:27:
7d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:95:6A:67:81:E5:63:22:43:31:93:29:81:52:38:CA:BA:A9:3B:62
X509v3 Authority Key Identifier:
keyid:73:97:5D:5D:A9:DA:8A:07:4B:33:FB:CB:5C:09:D5:03:A3:B4:43:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5ddXanaigdLM_vLXAnVA6O0Q6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f0172e-69c2-422f-8296-9e80d0d87c2d/1/O5VqZ4HlYyJDMZMpgVI4yrqpO2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f0172e-69c2-422f-8296-9e80d0d87c2d/1/c5ddXanaigdLM_vLXAnVA6O0Q6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2648::/48
Signature Algorithm: sha256WithRSAEncryption
c3:0c:86:12:15:56:3b:98:58:0c:87:5a:08:12:72:4a:2c:44:
a5:68:45:76:e6:56:c6:88:55:f8:d6:cd:84:74:11:80:e3:a8:
c1:05:40:a0:df:37:31:b8:3a:0a:9e:05:87:f4:b3:f0:45:d1:
b7:35:58:a8:c3:8a:86:5a:db:e6:39:bd:96:6e:95:3c:de:48:
45:34:0a:6e:18:eb:1a:7c:2f:66:c7:26:c4:c5:3d:78:03:9c:
f9:5a:8f:e8:c8:82:aa:67:6f:52:e2:2d:cb:02:8b:98:1c:e0:
50:26:57:9e:10:c7:65:ee:ee:88:41:fd:79:c1:08:25:84:15:
14:1c:b9:af:a7:d1:5a:b2:4a:b2:67:d7:e1:f2:7f:f1:5c:ea:
23:30:8b:a3:d2:d3:64:8c:ba:76:de:84:26:f7:b7:a4:d5:fb:
6b:c8:dc:c6:63:07:53:ae:d0:f8:5d:15:a7:e4:e2:c4:55:a1:
2c:79:3e:2d:ed:ce:74:77:e4:ce:d4:ae:84:04:81:5b:dc:8a:
b0:82:8a:d9:ef:69:9a:65:67:e1:7e:c4:fe:5c:80:5c:64:af:
2a:a5:a8:8a:db:91:18:53:f1:6a:d9:11:ff:75:6c:ca:4d:09:
63:98:c3:ec:7e:70:08:17:05:06:00:06:ed:8b:24:54:25:48:
d9:bb:51:b4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvFNLwCILYmB+1f+ObkfAFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczOTc1ZDVkYTlkYThhMDc0YjMzZmJjYjVjMDlkNTAzYTNi
NDQzYTEwHhcNMjMwMTAxMjA0NTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjk1NmE2NzgxZTU2MzIyNDMzMTkzMjk4MTUyMzhjYWJhYTkzYjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1OsCWcAApjz8+qR0hbFoOo9b3/xe
DJdVRmk/coMxH08DvQR/0fe+TfOzUUrVKtqKGSkqmXuCvD9fUIy61iiKs3KweNGj
CQh8XGN70UaYLsgDIJkBPfiHdLgMpadVB4gAlVfkVqalqbnZMF8RhDP7+TkPKeKy
luM/oi+KRLbT9CiWQWXjiSrZpYzkjXhSOP5uU3JzUAnYOSZ1C76j1P5pc5fejAMi
8G8ZQlVN87qeFM19soPumzuCCN1293YRPQs2oEkn5cJOv49/QeaKTl9cnsAWIenS
85Tnf5p05fBg4w1VW4qVPUIs5q4mAOh0OMsmGZ/jsY1t8AfyQCuUySd9WwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDuVameB5WMiQzGTKYFSOMq6qTtiMB8GA1UdIwQY
MBaAFHOXXV2p2ooHSzP7y1wJ1QOjtEOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzVkZFhhbmFpZ2RMTV92TFhBblZBNk8wUTZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9mMDE3MmUtNjljMi00MjJmLTgyOTYt
OWU4MGQwZDg3YzJkLzEvTzVWcVo0SGxZeUpETVpNcGdWSTR5cnFwTzJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9mMDE3MmUtNjljMi00MjJmLTgyOTYtOWU4MGQwZDg3YzJk
LzEvYzVkZFhhbmFpZ2RMTV92TFhBblZBNk8wUTZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCZI
MA0GCSqGSIb3DQEBCwUAA4IBAQDDDIYSFVY7mFgMh1oIEnJKLESlaEV25lbGiFX4
1s2EdBGA46jBBUCg3zcxuDoKngWH9LPwRdG3NViow4qGWtvmOb2WbpU83khFNApu
GOsafC9mxybExT14A5z5Wo/oyIKqZ29S4i3LAouYHOBQJleeEMdl7u6IQf15wQgl
hBUUHLmvp9FaskqyZ9fh8n/xXOojMIuj0tNkjLp23oQm97ek1ftryNzGYwdTrtD4
XRWn5OLEVaEseT4t7c50d+TO1K6EBIFb3IqwgorZ72maZWfhfsT+XIBcZK8qpaiK
25EYU/Fq2RH/dWzKTQljmMPsfnAIFwUGAAbtiyRUJUjZu1G0
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:21 2024 by rpki-client on console-ams.rpki-client.org