Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/MDV3Gr6fyrwG9lFAAvC-nxOYrlI.roa
File: MDV3Gr6fyrwG9lFAAvC-nxOYrlI.roa (raw, json)
Hash identifier: zTnqp4lrSytHnmKAT5ATocb6ejFkn/2nRdnujsfOZoY=
Subject key identifier: 30:35:77:1A:BE:9F:CA:BC:06:F6:51:40:02:F0:BE:9F:13:98:AE:52
Certificate issuer: /CN=38203463eb944b25c65135ca47bdbdab646f3984
Certificate serial: 01856E1420080A6DFBF9C8A42C2055B6B52C
Authority key identifier: 38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/MDV3Gr6fyrwG9lFAAvC-nxOYrlI.roa
Signing time: Sun 01 Jan 2023 16:04:50 +0000
ROA not before: Sun 01 Jan 2023 16:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210266
IP address blocks: 2a00:8860:700::/40 maxlen: 64
2a00:8861:700::/40 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:20:08:0a:6d:fb:f9:c8:a4:2c:20:55:b6:b5:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38203463eb944b25c65135ca47bdbdab646f3984
Validity
Not Before: Jan 1 16:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3035771abe9fcabc06f6514002f0be9f1398ae52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:da:ec:0e:ef:c5:b7:90:b3:e5:4a:57:c5:04:
53:c9:12:2a:ac:ca:21:6c:05:88:77:28:9f:d8:cd:
ba:cb:af:a4:81:c3:c7:c8:c4:a5:fa:31:af:95:c6:
d1:d8:2b:7f:fc:1b:c0:96:9e:d8:e7:50:94:00:05:
9e:8f:63:95:7f:6e:6e:c1:2d:9c:10:da:d8:6a:c7:
1a:46:da:f4:90:b6:ff:f2:f9:11:7b:02:11:0f:a8:
3a:99:b8:b4:fa:b0:ed:e4:ab:86:f4:7c:af:ca:77:
22:4d:2b:73:20:78:b2:02:3f:12:81:f0:ff:75:ae:
7b:98:c2:a9:03:18:38:93:3d:68:29:ea:7d:e4:a0:
e9:22:27:78:5e:35:11:fe:c2:ef:e2:5d:2b:0a:41:
11:65:43:d2:74:10:98:e9:25:98:4e:09:d5:fd:5d:
c2:7f:6b:9f:ce:93:7a:90:78:45:c3:98:b2:98:7d:
52:37:b5:ea:e1:e9:b8:a1:b1:1f:37:c8:b5:73:1f:
2f:c0:cd:4a:79:89:81:30:8f:88:65:dc:87:70:fb:
a8:22:f0:f9:1d:26:c3:e0:eb:0b:74:7d:bd:45:50:
38:23:8f:57:5e:d4:a5:0e:87:a0:63:d5:74:48:b2:
e5:56:a6:c7:95:14:b3:84:38:f4:bc:71:99:8e:84:
8c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:35:77:1A:BE:9F:CA:BC:06:F6:51:40:02:F0:BE:9F:13:98:AE:52
X509v3 Authority Key Identifier:
keyid:38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/MDV3Gr6fyrwG9lFAAvC-nxOYrlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:8860:700::/40
2a00:8861:700::/40
Signature Algorithm: sha256WithRSAEncryption
36:e3:65:b0:36:5d:aa:f9:81:e5:03:b6:35:33:30:e9:9b:0d:
1a:bb:e7:40:21:a6:46:d6:fc:fc:b0:10:14:b0:67:83:b1:1c:
d9:c4:04:35:92:54:4d:79:d6:49:d5:3d:af:ce:b8:97:df:95:
50:5c:66:e3:32:dd:d2:4a:84:51:0d:8e:fc:b2:39:44:16:1c:
f2:57:19:aa:47:97:e6:a3:f7:b8:51:0c:84:3f:87:17:5b:b0:
26:e3:e0:e5:d7:3b:d3:3a:bd:1f:54:e1:ed:98:5f:1d:dd:56:
8f:d9:c0:6e:60:9a:bf:fc:b7:f4:43:83:8e:6b:66:d5:55:f7:
2d:90:44:d8:c5:80:b8:46:cc:0a:dc:fa:b9:ab:5c:31:f1:c2:
92:3c:d9:12:a6:c1:53:d0:39:47:5d:c9:d8:e3:23:9f:03:c5:
a2:20:34:06:71:2d:24:ab:be:6b:3b:9e:80:d9:7e:3a:2e:f3:
24:40:64:5d:5d:41:6d:9a:91:49:6b:9a:13:fa:3a:82:08:e4:
7b:91:d5:12:15:52:aa:25:a5:4a:a6:15:35:db:83:42:b0:c6:
36:01:a6:af:41:37:f5:60:ec:0f:70:14:17:a7:0f:65:35:3b:
08:17:bd:7c:1d:ea:b9:73:5f:59:4b:c0:f1:e6:56:33:e5:ab:
ec:eb:98:d9
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYVuFCAICm37+cikLCBVtrUsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MjAzNDYzZWI5NDRiMjVjNjUxMzVjYTQ3YmRiZGFiNjQ2
ZjM5ODQwHhcNMjMwMTAxMTYwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDM1NzcxYWJlOWZjYWJjMDZmNjUxNDAwMmYwYmU5ZjEzOThhZTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltrsDu/Ft5Cz5UpXxQRTyRIqrMoh
bAWIdyif2M26y6+kgcPHyMSl+jGvlcbR2Ct//BvAlp7Y51CUAAWej2OVf25uwS2c
ENrYascaRtr0kLb/8vkRewIRD6g6mbi0+rDt5KuG9HyvynciTStzIHiyAj8SgfD/
da57mMKpAxg4kz1oKep95KDpIid4XjUR/sLv4l0rCkERZUPSdBCY6SWYTgnV/V3C
f2ufzpN6kHhFw5iymH1SN7Xq4em4obEfN8i1cx8vwM1KeYmBMI+IZdyHcPuoIvD5
HSbD4OsLdH29RVA4I49XXtSlDoegY9V0SLLlVqbHlRSzhDj0vHGZjoSM4wIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFDA1dxq+n8q8BvZRQALwvp8TmK5SMB8GA1UdIwQY
MBaAFDggNGPrlEslxlE1yke9vatkbzmEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wYTI5ODQtYTg2OS00NDBkLWI1Nzgt
NTg5MzUxNzliOTg1LzEvTURWM0dyNmZ5cndHOWxGQUF2Qy1ueE9ZcmxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8wYTI5ODQtYTg2OS00NDBkLWI1NzgtNTg5MzUxNzliOTg1
LzEvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYAKgCIYAcD
BgAqAIhhBzANBgkqhkiG9w0BAQsFAAOCAQEANuNlsDZdqvmB5QO2NTMw6ZsNGrvn
QCGmRtb8/LAQFLBng7Ec2cQENZJUTXnWSdU9r864l9+VUFxm4zLd0kqEUQ2O/LI5
RBYc8lcZqkeX5qP3uFEMhD+HF1uwJuPg5dc70zq9H1Th7ZhfHd1Wj9nAbmCav/y3
9EODjmtm1VX3LZBE2MWAuEbMCtz6uatcMfHCkjzZEqbBU9A5R13J2OMjnwPFoiA0
BnEtJKu+azuegNl+Oi7zJEBkXV1BbZqRSWuaE/o6ggjke5HVEhVSqiWlSqYVNduD
QrDGNgGmr0E39WDsD3AUF6cPZTU7CBe9fB3quXNfWUvA8eZWM+Wr7OuY2Q==
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:26 2024 by rpki-client on console-ams.rpki-client.org