Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/67lkUBgWWqAdyfmztr6VD1PnWvU.roa
File: 67lkUBgWWqAdyfmztr6VD1PnWvU.roa (raw, json)
Hash identifier: BBXXOQZrEiiHpXLMnjiBYwgSrA8v+xfvMZuuIOj9Elc=
Subject key identifier: EB:B9:64:50:18:16:5A:A0:1D:C9:F9:B3:B6:BE:95:0F:53:E7:5A:F5
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 01856F2FF2DA831F650782A340A7A052686F
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/67lkUBgWWqAdyfmztr6VD1PnWvU.roa
Signing time: Sun 01 Jan 2023 21:14:51 +0000
ROA not before: Sun 01 Jan 2023 21:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208577
IP address blocks: 2a0e:aa07:e03c::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:f2:da:83:1f:65:07:82:a3:40:a7:a0:52:68:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 21:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ebb9645018165aa01dc9f9b3b6be950f53e75af5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:57:1d:5d:52:87:af:45:0f:c1:58:9c:2c:f8:
1c:3d:d9:71:62:f4:6d:eb:dc:3b:c5:8c:4b:0e:55:
f1:c8:6c:dc:3c:f6:eb:f7:4d:67:0d:7b:7c:3d:53:
5f:6e:0f:dd:3b:42:c7:14:ca:f0:52:3f:e3:21:b5:
0c:a9:1e:b5:95:72:db:49:b7:17:e6:30:30:0e:4e:
28:b1:72:a2:51:1b:8d:63:bd:c8:f5:18:ec:26:da:
b5:7d:f2:60:dd:68:13:6e:7f:a7:1c:b5:bc:83:a0:
25:95:9c:43:2b:33:ad:2f:50:4a:55:69:8e:38:30:
39:93:b2:92:9f:76:7b:2d:62:2c:be:a2:f5:be:74:
f7:8a:09:4a:b4:23:07:5b:b4:c8:ad:ae:d5:af:8b:
b9:ca:e0:d3:0c:63:34:db:89:2f:e8:22:76:29:cd:
1b:40:21:82:08:8c:44:41:5e:7a:81:53:a8:af:9e:
56:d0:75:ba:00:af:1a:8b:aa:dc:b5:e0:1e:95:74:
5d:2d:bb:06:a0:cd:78:94:2e:5b:a3:fd:f5:50:5c:
c9:24:09:0c:6e:6f:bb:f0:82:5a:f9:33:69:ba:60:
05:ca:c1:5d:21:7b:b9:c4:42:7c:07:f1:3d:98:a9:
49:68:c3:d5:1d:7c:03:c0:2c:e6:24:12:04:96:4a:
89:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:B9:64:50:18:16:5A:A0:1D:C9:F9:B3:B6:BE:95:0F:53:E7:5A:F5
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/67lkUBgWWqAdyfmztr6VD1PnWvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:e03c::/48
Signature Algorithm: sha256WithRSAEncryption
07:fa:03:1f:e0:39:ed:34:73:20:24:e3:6e:11:e9:a2:d6:ba:
4d:83:0b:67:15:ea:52:e3:14:44:d2:fb:d6:a3:29:b2:9b:74:
9e:d4:e4:13:fd:63:b0:66:21:87:18:df:7c:67:7d:de:25:52:
51:95:8d:3f:46:5a:b8:89:c6:ef:ca:bb:57:3f:d5:e8:d8:ec:
36:80:8b:0f:8f:f6:cf:c3:34:3e:2b:eb:5f:23:54:97:82:ab:
f0:d5:69:47:e2:e9:45:e2:97:a1:95:45:05:32:eb:e2:64:fb:
f4:91:5b:fb:00:11:fb:b3:df:f5:ae:73:cb:a6:85:91:23:9e:
11:21:b2:7b:5f:43:bf:09:30:c4:42:b9:fc:ba:31:66:4c:30:
02:32:c5:2a:ce:53:32:cb:4c:6c:36:f0:be:9e:cf:da:4c:18:
a9:d6:4d:64:33:d4:26:ac:89:08:d8:7e:10:89:8e:2b:fd:85:
e7:82:5a:d1:47:91:7a:4b:83:70:ff:ba:cb:14:ae:21:c8:de:
07:83:5e:a4:e9:7a:97:1b:15:d4:f3:d7:1e:0a:65:ff:da:00:
45:1b:60:2e:78:63:35:f9:45:b1:53:10:29:df:99:86:8b:03:
93:8d:18:c1:13:b6:14:29:9e:4c:30:66:54:cd:27:d7:8f:c2:
54:ad:4e:94
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvL/Lagx9lB4KjQKegUmhvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjMwMTAxMjExNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmI5NjQ1MDE4MTY1YWEwMWRjOWY5YjNiNmJlOTUwZjUzZTc1YWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1cdXVKHr0UPwVicLPgcPdlxYvRt
69w7xYxLDlXxyGzcPPbr901nDXt8PVNfbg/dO0LHFMrwUj/jIbUMqR61lXLbSbcX
5jAwDk4osXKiURuNY73I9RjsJtq1ffJg3WgTbn+nHLW8g6AllZxDKzOtL1BKVWmO
ODA5k7KSn3Z7LWIsvqL1vnT3iglKtCMHW7TIra7Vr4u5yuDTDGM024kv6CJ2Kc0b
QCGCCIxEQV56gVOor55W0HW6AK8ai6rcteAelXRdLbsGoM14lC5bo/31UFzJJAkM
bm+78IJa+TNpumAFysFdIXu5xEJ8B/E9mKlJaMPVHXwDwCzmJBIElkqJRwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOu5ZFAYFlqgHcn5s7a+lQ9T51r1MB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvNjdsa1VCZ1dXcUFkeWZtenRyNlZEMVBuV3ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6qB+A8
MA0GCSqGSIb3DQEBCwUAA4IBAQAH+gMf4DntNHMgJONuEemi1rpNgwtnFepS4xRE
0vvWoymym3Se1OQT/WOwZiGHGN98Z33eJVJRlY0/Rlq4icbvyrtXP9Xo2Ow2gIsP
j/bPwzQ+K+tfI1SXgqvw1WlH4ulF4pehlUUFMuviZPv0kVv7ABH7s9/1rnPLpoWR
I54RIbJ7X0O/CTDEQrn8ujFmTDACMsUqzlMyy0xsNvC+ns/aTBip1k1kM9QmrIkI
2H4QiY4r/YXnglrRR5F6S4Nw/7rLFK4hyN4Hg16k6XqXGxXU89ceCmX/2gBFG2Au
eGM1+UWxUxAp35mGiwOTjRjBE7YUKZ5MMGZUzSfXj8JUrU6U
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:27 2024 by rpki-client on console-fra.rpki-client.org