Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/rsfvDQpxcc_EBzty0EFo-ZopJYo.roa
File: rsfvDQpxcc_EBzty0EFo-ZopJYo.roa (raw, json)
Hash identifier: brKLVd0qqiu1Boj2aQAWyZaBBZNKrht6BECtPf9AhG4=
Subject key identifier: AE:C7:EF:0D:0A:71:71:CF:C4:07:3B:72:D0:41:68:F9:9A:29:25:8A
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 01856F300326BBD3FA280633FBA76792CDD5
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/rsfvDQpxcc_EBzty0EFo-ZopJYo.roa
Signing time: Sun 01 Jan 2023 21:14:55 +0000
ROA not before: Sun 01 Jan 2023 21:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210934
IP address blocks: 2a0e:aa07:e024::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:03:26:bb:d3:fa:28:06:33:fb:a7:67:92:cd:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 21:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aec7ef0d0a7171cfc4073b72d04168f99a29258a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ca:07:78:ee:07:b4:e7:a9:c2:b9:2f:83:1c:
3c:95:d5:d6:70:08:93:d3:b3:c9:48:28:42:fe:37:
c8:03:07:65:3f:c9:93:31:14:80:9b:eb:c0:9a:e7:
02:a3:98:10:a6:f1:44:26:d4:02:d6:85:07:2d:1a:
ec:40:54:17:a0:d0:a2:eb:c6:20:fd:a4:e8:7d:16:
c5:4d:de:23:5e:37:e3:94:97:a3:d8:89:79:28:7b:
e6:08:18:87:ae:b2:1e:3d:0e:c1:9c:f2:ec:2d:6d:
44:36:92:63:f2:e2:bd:20:c5:77:42:dd:29:e9:ed:
e1:90:a6:7c:0b:c9:fa:20:16:c7:c4:c9:a5:2f:cb:
24:a9:f8:3c:4d:c5:e3:4b:20:f1:42:a2:f3:6a:a9:
c0:03:75:0b:f0:b3:4e:06:92:19:01:ee:88:ac:64:
f4:1b:8c:91:fd:b2:3c:da:04:8f:c6:5a:29:14:97:
e3:6e:72:80:e4:d1:be:d5:be:e0:98:ed:dd:87:59:
ba:f7:0b:a1:01:c5:2b:6a:65:15:44:be:7c:ab:e8:
29:f3:62:c2:80:f8:f1:24:29:5f:56:9b:7f:26:e4:
dd:81:c6:4e:cb:5d:7d:03:a1:c8:a5:a7:9e:9a:5e:
91:34:3f:5c:64:d5:30:e0:91:6a:90:9b:dc:9b:95:
14:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:C7:EF:0D:0A:71:71:CF:C4:07:3B:72:D0:41:68:F9:9A:29:25:8A
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/rsfvDQpxcc_EBzty0EFo-ZopJYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:e024::/48
Signature Algorithm: sha256WithRSAEncryption
9f:6f:a7:1c:ba:33:f1:4e:f5:9e:b3:15:e2:56:af:9d:01:72:
5f:96:b4:c4:ac:6a:5f:ea:3a:79:8e:ff:b0:a0:cc:22:da:a3:
ce:b9:83:73:27:a6:4c:4b:86:71:b0:7e:a5:04:26:67:62:5f:
96:50:d4:69:f2:5e:1a:9f:ca:f5:96:0b:11:af:ba:52:c8:70:
24:68:de:e8:ec:9d:d0:0d:67:a6:d0:81:b1:49:90:05:1e:5a:
b1:df:14:f4:4c:a6:8f:ab:89:d2:2b:ef:91:85:97:67:d3:c9:
f8:93:a1:12:b6:67:9c:da:b3:df:7b:f2:99:64:ea:41:51:6f:
bf:6b:34:d1:ef:0f:ee:08:a0:86:56:a6:39:b6:f2:13:29:33:
07:21:e1:d3:9c:f0:4d:1b:e9:e8:b2:81:fa:e5:11:11:0b:00:
c7:5b:7b:4a:e8:15:1d:6f:f9:2a:c8:e3:45:21:9b:aa:c7:2d:
d2:1a:1d:46:27:65:57:f8:9b:af:e8:58:3c:70:5b:1c:03:39:
83:67:62:35:6e:b9:d0:bd:de:5b:b4:26:85:cd:db:da:87:17:
23:82:17:a9:4c:a9:09:48:dc:10:1c:ce:b3:7b:ae:ac:18:6b:
a3:7f:eb:19:31:d3:f3:01:7c:a1:48:fe:19:21:0f:47:72:ff:
af:d4:6e:41
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvMAMmu9P6KAYz+6dnks3VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjMwMTAxMjExNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWM3ZWYwZDBhNzE3MWNmYzQwNzNiNzJkMDQxNjhmOTlhMjkyNThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMoHeO4HtOepwrkvgxw8ldXWcAiT
07PJSChC/jfIAwdlP8mTMRSAm+vAmucCo5gQpvFEJtQC1oUHLRrsQFQXoNCi68Yg
/aTofRbFTd4jXjfjlJej2Il5KHvmCBiHrrIePQ7BnPLsLW1ENpJj8uK9IMV3Qt0p
6e3hkKZ8C8n6IBbHxMmlL8skqfg8TcXjSyDxQqLzaqnAA3UL8LNOBpIZAe6IrGT0
G4yR/bI82gSPxlopFJfjbnKA5NG+1b7gmO3dh1m69wuhAcUramUVRL58q+gp82LC
gPjxJClfVpt/JuTdgcZOy119A6HIpaeeml6RND9cZNUw4JFqkJvcm5UUZwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFK7H7w0KcXHPxAc7ctBBaPmaKSWKMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvcnNmdkRRcHhjY19FQnp0eTBFRm8tWm9wSllvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6qB+Ak
MA0GCSqGSIb3DQEBCwUAA4IBAQCfb6ccujPxTvWesxXiVq+dAXJflrTErGpf6jp5
jv+woMwi2qPOuYNzJ6ZMS4ZxsH6lBCZnYl+WUNRp8l4an8r1lgsRr7pSyHAkaN7o
7J3QDWem0IGxSZAFHlqx3xT0TKaPq4nSK++RhZdn08n4k6EStmec2rPfe/KZZOpB
UW+/azTR7w/uCKCGVqY5tvITKTMHIeHTnPBNG+nosoH65RERCwDHW3tK6BUdb/kq
yONFIZuqxy3SGh1GJ2VX+Juv6Fg8cFscAzmDZ2I1brnQvd5btCaFzdvahxcjghep
TKkJSNwQHM6ze66sGGujf+sZMdPzAXyhSP4ZIQ9Hcv+v1G5B
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:37 2024 by rpki-client on console-fra.rpki-client.org