Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/rnAJdzfTHc7w9YbKjcpasvSD7i8.roa
File: rnAJdzfTHc7w9YbKjcpasvSD7i8.roa (raw, json)
Hash identifier: D2tKf9ltKwE3I8qKbHjNuQojwz9vLMNJFV4s60YbO+0=
Subject key identifier: AE:70:09:77:37:D3:1D:CE:F0:F5:86:CA:8D:CA:5A:B2:F4:83:EE:2F
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 01856F2FE57C0705D40205092F434E179921
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/rnAJdzfTHc7w9YbKjcpasvSD7i8.roa
Signing time: Sun 01 Jan 2023 21:14:47 +0000
ROA not before: Sun 01 Jan 2023 21:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 139742
IP address blocks: 2a0e:aa07:f000::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:e5:7c:07:05:d4:02:05:09:2f:43:4e:17:99:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 21:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae70097737d31dcef0f586ca8dca5ab2f483ee2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ca:20:31:af:5e:af:1d:ae:7a:dd:c2:59:09:
2f:64:9a:d3:3e:c9:4d:63:87:7b:8b:69:c8:8b:40:
cf:7a:bb:b1:66:75:c2:9b:a0:42:72:13:09:aa:5e:
1b:fd:47:0e:8a:66:ff:e1:f5:91:20:6d:76:5b:2f:
59:1e:64:d8:2e:c2:06:80:11:7f:e7:af:08:98:1d:
d5:8a:28:c6:93:9c:e1:a4:43:56:b4:f2:a9:8f:ad:
17:91:d5:a5:f5:c0:7e:f6:42:03:8b:c3:05:d9:b9:
5a:46:48:a3:f1:d7:86:9a:23:2b:34:35:2a:e6:70:
07:72:81:ee:35:ef:2d:4f:48:e3:7c:0d:7c:24:74:
25:58:74:44:94:96:a3:58:9a:b0:c0:52:ac:e9:00:
dd:4b:24:05:8d:bf:21:fd:c9:74:26:68:56:35:54:
67:4a:8a:d4:dd:a5:cf:96:be:51:8a:d8:02:8e:fd:
ec:6f:60:e1:a8:98:8f:82:c1:6f:52:38:18:6a:74:
77:ef:50:97:16:cf:f7:48:62:b9:da:d8:07:ec:59:
d2:5c:d0:26:46:6a:de:e2:69:24:21:b5:b3:aa:55:
dc:2d:89:cf:92:8d:36:21:2c:c4:95:ac:25:53:a7:
8e:98:f3:9a:1c:13:5a:73:5d:65:bc:bd:8a:2a:58:
10:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:70:09:77:37:D3:1D:CE:F0:F5:86:CA:8D:CA:5A:B2:F4:83:EE:2F
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/rnAJdzfTHc7w9YbKjcpasvSD7i8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:f000::/44
Signature Algorithm: sha256WithRSAEncryption
b3:5f:1b:4c:f8:3b:52:0e:17:12:f1:9b:e7:61:ab:7b:df:be:
a7:f8:48:0f:83:94:6c:67:4a:07:4b:dc:c9:a3:8a:e0:b6:16:
95:00:54:e4:de:77:48:3e:8f:88:40:e2:b8:9c:56:37:c3:9d:
25:e0:bc:1e:18:ee:19:0b:d3:00:97:cb:a0:a1:2d:85:f1:c6:
c3:8c:28:5b:74:07:c3:8e:ab:f8:5c:2c:47:a4:7f:1c:bd:6e:
1a:49:4d:68:f5:03:57:2a:ab:77:ba:40:64:29:40:c1:72:ef:
28:04:bb:4e:d4:d4:82:57:f6:8d:c1:4b:fc:05:c5:07:d5:b4:
70:05:fd:b8:d5:c3:57:ff:2c:64:b7:97:01:9c:77:04:7d:f6:
00:e5:e8:64:a8:87:f2:16:71:b6:db:d7:3f:14:3c:cc:a9:68:
14:8f:de:f5:ee:5e:da:3f:8c:73:f2:9c:92:98:e8:d7:28:47:
15:f0:ac:3f:7c:7a:e0:9b:0d:76:b0:b7:3d:dc:e5:18:10:c2:
cd:a7:f2:06:25:a5:51:6d:ab:5f:98:59:e8:25:db:05:a9:51:
8a:a7:0a:50:d6:37:e6:3d:d8:5c:18:5a:20:f4:4a:c6:23:06:
5d:10:ae:f3:4b:e1:eb:e2:b4:22:ae:09:ee:27:07:64:c2:f8:
87:39:65:bc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvL+V8BwXUAgUJL0NOF5khMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjMwMTAxMjExNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTcwMDk3NzM3ZDMxZGNlZjBmNTg2Y2E4ZGNhNWFiMmY0ODNlZTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8ogMa9erx2uet3CWQkvZJrTPslN
Y4d7i2nIi0DPeruxZnXCm6BCchMJql4b/UcOimb/4fWRIG12Wy9ZHmTYLsIGgBF/
568ImB3ViijGk5zhpENWtPKpj60XkdWl9cB+9kIDi8MF2blaRkij8deGmiMrNDUq
5nAHcoHuNe8tT0jjfA18JHQlWHRElJajWJqwwFKs6QDdSyQFjb8h/cl0JmhWNVRn
SorU3aXPlr5RitgCjv3sb2DhqJiPgsFvUjgYanR371CXFs/3SGK52tgH7FnSXNAm
Rmre4mkkIbWzqlXcLYnPko02ISzElawlU6eOmPOaHBNac11lvL2KKlgQjwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFK5wCXc30x3O8PWGyo3KWrL0g+4vMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvcm5BSmR6ZlRIYzd3OVliS2pjcGFzdlNEN2k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6qB/AA
MA0GCSqGSIb3DQEBCwUAA4IBAQCzXxtM+DtSDhcS8ZvnYat7376n+EgPg5RsZ0oH
S9zJo4rgthaVAFTk3ndIPo+IQOK4nFY3w50l4LweGO4ZC9MAl8ugoS2F8cbDjChb
dAfDjqv4XCxHpH8cvW4aSU1o9QNXKqt3ukBkKUDBcu8oBLtO1NSCV/aNwUv8BcUH
1bRwBf241cNX/yxkt5cBnHcEffYA5ehkqIfyFnG229c/FDzMqWgUj9717l7aP4xz
8pySmOjXKEcV8Kw/fHrgmw12sLc93OUYEMLNp/IGJaVRbatfmFnoJdsFqVGKpwpQ
1jfmPdhcGFog9ErGIwZdEK7zS+Hr4rQirgnuJwdkwviHOWW8
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:54:03 2024 by rpki-client on console-ams.rpki-client.org