Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/0NVXvJe6XoNx76nIXS-tBAw5JHI.roa
File: 0NVXvJe6XoNx76nIXS-tBAw5JHI.roa (raw, json)
Hash identifier: QpttZlrDlY/bqMF9N27lcpb5ddfB3IP6iqVsgre0OXQ=
Subject key identifier: D0:D5:57:BC:97:BA:5E:83:71:EF:A9:C8:5D:2F:AD:04:0C:39:24:72
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 01856F2FEC76FE53C45F42F8C91E5E6643D9
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/0NVXvJe6XoNx76nIXS-tBAw5JHI.roa
Signing time: Sun 01 Jan 2023 21:14:49 +0000
ROA not before: Sun 01 Jan 2023 21:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205455
IP address blocks: 2a0e:aa07:e04e::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:ec:76:fe:53:c4:5f:42:f8:c9:1e:5e:66:43:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 21:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0d557bc97ba5e8371efa9c85d2fad040c392472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:23:01:7a:37:ed:c6:e9:26:81:8a:89:db:76:
26:0b:22:4b:73:d4:7e:21:ad:3e:bc:76:9b:e8:e9:
35:77:9c:de:4c:66:54:3f:fe:60:6e:32:3e:a5:c7:
2e:18:2c:e7:55:e9:ee:e9:83:1a:c1:37:14:cd:2c:
20:6f:33:c2:5f:6c:9c:d9:ac:01:49:7e:e9:ff:da:
ff:45:08:2e:e9:48:fe:a1:23:4a:cf:51:4e:eb:af:
1d:69:4f:18:93:8c:2b:16:94:3f:c8:fb:05:43:b3:
34:1f:ea:33:68:26:3a:0d:cc:4e:da:2b:e3:0c:7a:
64:fa:da:c5:73:6d:78:80:87:95:18:6e:3e:58:3d:
82:e1:83:9d:82:ee:d3:0f:9f:cb:26:1b:42:a2:ff:
32:3f:69:05:44:b0:c1:d2:9e:92:b3:77:0e:18:c3:
48:e4:62:68:8b:6b:cc:fd:3a:f9:56:15:b2:86:39:
76:01:1c:ef:72:92:27:4f:c8:92:29:cb:4a:e7:5e:
f0:d5:32:a5:aa:57:11:3b:47:70:85:1a:ff:4a:5a:
55:ec:8e:8f:3f:a4:72:8a:49:ac:b5:cc:da:2d:2c:
52:67:f0:b8:a8:c2:cb:13:ca:a3:7f:c4:07:4a:2d:
40:2b:0a:58:42:ca:11:a2:78:96:05:f1:66:1c:e6:
94:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:D5:57:BC:97:BA:5E:83:71:EF:A9:C8:5D:2F:AD:04:0C:39:24:72
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/0NVXvJe6XoNx76nIXS-tBAw5JHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:e04e::/48
Signature Algorithm: sha256WithRSAEncryption
7e:7f:77:61:56:2d:b9:d9:c6:3f:f2:d8:db:57:35:f2:32:bc:
78:9c:a7:bc:7a:a3:94:93:fc:5d:b7:43:59:67:2e:5a:44:64:
3c:aa:c7:88:29:18:04:c6:e1:29:62:d6:a0:c3:f4:1e:41:96:
0e:3f:15:9a:9d:d7:06:fd:d1:75:b6:73:0b:ec:1e:f0:ca:2b:
ea:9b:d6:78:bd:f3:74:87:fb:5a:06:e4:be:d4:e9:a6:2d:28:
a1:fc:65:f1:27:bf:72:a4:cf:91:b6:b4:7c:c5:55:2b:b1:d3:
2a:e6:87:f4:8d:ff:00:0a:46:3c:0f:0d:6b:ed:d1:f8:8e:a3:
a0:c0:41:db:45:6a:d3:5b:d1:ef:ca:ff:76:50:23:93:58:6e:
2c:0e:38:35:57:72:d1:27:8a:a4:90:40:a2:70:d1:f3:8c:0f:
85:66:38:35:7f:4d:d6:54:fc:fb:6e:bc:18:7a:10:33:ce:81:
57:06:26:e4:45:75:52:57:6b:5c:80:11:09:a0:73:7c:03:a4:
04:40:a8:cd:cf:f2:fe:7a:b6:3c:2d:b2:21:6b:ef:1e:a3:77:
bc:fc:07:49:44:c8:40:4c:be:94:51:24:67:68:1f:71:7e:b0:
72:cb:77:1e:b5:a5:b0:c2:96:66:6c:6e:dc:0a:82:29:83:a7:
e2:09:7b:54
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvL+x2/lPEX0L4yR5eZkPZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjMwMTAxMjExNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGQ1NTdiYzk3YmE1ZTgzNzFlZmE5Yzg1ZDJmYWQwNDBjMzkyNDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyMBejftxukmgYqJ23YmCyJLc9R+
Ia0+vHab6Ok1d5zeTGZUP/5gbjI+pccuGCznVenu6YMawTcUzSwgbzPCX2yc2awB
SX7p/9r/RQgu6Uj+oSNKz1FO668daU8Yk4wrFpQ/yPsFQ7M0H+ozaCY6DcxO2ivj
DHpk+trFc214gIeVGG4+WD2C4YOdgu7TD5/LJhtCov8yP2kFRLDB0p6Ss3cOGMNI
5GJoi2vM/Tr5VhWyhjl2ARzvcpInT8iSKctK517w1TKlqlcRO0dwhRr/SlpV7I6P
P6RyikmstczaLSxSZ/C4qMLLE8qjf8QHSi1AKwpYQsoRoniWBfFmHOaU4wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNDVV7yXul6Dce+pyF0vrQQMOSRyMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvME5WWHZKZTZYb054NzZuSVhTLXRCQXc1SkhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6qB+BO
MA0GCSqGSIb3DQEBCwUAA4IBAQB+f3dhVi252cY/8tjbVzXyMrx4nKe8eqOUk/xd
t0NZZy5aRGQ8qseIKRgExuEpYtagw/QeQZYOPxWandcG/dF1tnML7B7wyivqm9Z4
vfN0h/taBuS+1OmmLSih/GXxJ79ypM+RtrR8xVUrsdMq5of0jf8ACkY8Dw1r7dH4
jqOgwEHbRWrTW9Hvyv92UCOTWG4sDjg1V3LRJ4qkkECicNHzjA+FZjg1f03WVPz7
brwYehAzzoFXBibkRXVSV2tcgBEJoHN8A6QEQKjNz/L+erY8LbIha+8eo3e8/AdJ
RMhATL6UUSRnaB9xfrByy3cetaWwwpZmbG7cCoIpg6fiCXtU
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:54:03 2024 by rpki-client on console-ams.rpki-client.org