Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/x55kDpofN7qFm5huYozJ2yFnIt8.roa
File: x55kDpofN7qFm5huYozJ2yFnIt8.roa (raw, json)
Hash identifier: 8qwUHowscNWyjr3j/NsJnjBDm8k2Nqrm95PJBGRYeVc=
Subject key identifier: C7:9E:64:0E:9A:1F:37:BA:85:9B:98:6E:62:8C:C9:DB:21:67:22:DF
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 01856F2FFF831570BB504F77BA4BF42AB91B
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/x55kDpofN7qFm5huYozJ2yFnIt8.roa
Signing time: Sun 01 Jan 2023 21:14:54 +0000
ROA not before: Sun 01 Jan 2023 21:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210338
IP address blocks: 2a0e:aa07:e400::/44 maxlen: 48
2a0e:aa07:e02d::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:ff:83:15:70:bb:50:4f:77:ba:4b:f4:2a:b9:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 21:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c79e640e9a1f37ba859b986e628cc9db216722df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:25:f3:19:b1:04:d4:e8:75:28:df:af:a5:5a:
13:47:d9:e5:dc:b2:7b:3f:42:8c:73:54:c6:71:b4:
ff:b0:3b:14:b4:dd:e5:0d:88:7e:bd:3f:87:2f:af:
6f:b4:f7:83:b5:ac:fa:2f:ec:e5:52:f2:4b:6f:40:
00:cd:89:39:85:c9:02:01:71:f1:82:92:da:d3:95:
9c:bf:cb:74:23:05:c7:38:75:29:79:21:58:40:44:
0c:bd:01:2e:1d:1e:ec:03:9b:41:bd:2b:04:ef:63:
34:74:e3:55:be:f4:b8:69:db:e5:9e:aa:ae:8c:3f:
43:37:45:89:d1:bf:33:5b:fa:58:b7:4a:ed:48:ba:
d9:70:2a:b7:7d:47:21:92:f7:d9:c7:a0:d3:9d:eb:
83:f0:95:a8:31:05:6c:06:5b:93:82:2b:db:fb:b0:
0f:15:73:b8:d1:f5:49:f2:c8:99:ba:5a:85:52:e3:
76:df:5c:41:05:78:c8:ba:53:40:3b:dc:17:e8:7b:
79:05:62:29:45:45:1d:33:40:69:8b:9d:ec:be:fc:
04:0b:f0:60:71:95:d2:fa:8f:c6:26:53:27:ff:3e:
36:db:75:e9:7f:db:96:0f:f0:2b:aa:fd:ec:25:9c:
09:a1:70:14:5d:d7:55:dc:3b:2d:5b:92:7c:74:d2:
85:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:9E:64:0E:9A:1F:37:BA:85:9B:98:6E:62:8C:C9:DB:21:67:22:DF
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/x55kDpofN7qFm5huYozJ2yFnIt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:e02d::/48
2a0e:aa07:e400::/44
Signature Algorithm: sha256WithRSAEncryption
a2:df:7d:11:a7:d8:45:e9:14:87:45:58:61:35:96:95:d2:12:
89:23:ca:2e:35:0f:72:b7:6f:62:7e:d6:f5:26:aa:86:d3:5d:
14:d5:0e:24:45:d0:00:1e:26:b5:7e:40:f1:26:d9:7f:0a:3e:
d6:98:cd:1c:24:23:c7:10:ec:b4:15:e8:b3:27:52:dd:84:8a:
21:c9:0c:07:4c:5f:25:36:b4:da:c1:a5:94:ce:e3:c9:68:1c:
44:3b:90:d1:a7:e2:56:fa:66:5c:32:d5:75:89:59:c5:8a:e9:
73:66:60:b4:1a:ed:d9:45:e7:95:e1:63:f5:65:06:8e:3c:3a:
2f:e7:8c:52:dd:7b:ef:2b:db:5d:cf:d1:90:1c:90:e3:71:02:
69:a5:7d:07:09:6f:c8:a8:2b:dc:8c:46:ff:f3:6d:58:6a:78:
57:a6:00:5d:12:59:a1:34:05:58:2b:5b:84:b8:45:64:c8:1f:
ca:2d:bc:21:c7:2e:af:3d:cc:6b:fa:5e:df:43:87:e0:f4:7b:
c4:be:0d:e9:46:75:66:4b:e0:f5:df:61:86:ed:51:c1:0b:25:
96:86:64:90:f8:92:4e:d7:ea:8d:b3:7d:7b:fd:ae:e8:ac:86:
8d:23:de:a4:42:8b:9b:4e:4e:41:75:fa:b6:fd:34:43:5c:b9:
b9:3b:44:d2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvL/+DFXC7UE93ukv0KrkbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjMwMTAxMjExNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzllNjQwZTlhMWYzN2JhODU5Yjk4NmU2MjhjYzlkYjIxNjcyMmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCXzGbEE1Oh1KN+vpVoTR9nl3LJ7
P0KMc1TGcbT/sDsUtN3lDYh+vT+HL69vtPeDtaz6L+zlUvJLb0AAzYk5hckCAXHx
gpLa05Wcv8t0IwXHOHUpeSFYQEQMvQEuHR7sA5tBvSsE72M0dONVvvS4advlnqqu
jD9DN0WJ0b8zW/pYt0rtSLrZcCq3fUchkvfZx6DTneuD8JWoMQVsBluTgivb+7AP
FXO40fVJ8siZulqFUuN231xBBXjIulNAO9wX6Ht5BWIpRUUdM0Bpi53svvwEC/Bg
cZXS+o/GJlMn/z4223Xpf9uWD/Arqv3sJZwJoXAUXddV3DstW5J8dNKFdQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMeeZA6aHze6hZuYbmKMydshZyLfMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEveDU1a0Rwb2ZON3FGbTVodVlvekoyeUZuSXQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6qB+At
AwcEKg6qB+QAMA0GCSqGSIb3DQEBCwUAA4IBAQCi330Rp9hF6RSHRVhhNZaV0hKJ
I8ouNQ9yt29iftb1JqqG010U1Q4kRdAAHia1fkDxJtl/Cj7WmM0cJCPHEOy0Feiz
J1LdhIohyQwHTF8lNrTawaWUzuPJaBxEO5DRp+JW+mZcMtV1iVnFiulzZmC0Gu3Z
ReeV4WP1ZQaOPDov54xS3XvvK9tdz9GQHJDjcQJppX0HCW/IqCvcjEb/821YanhX
pgBdElmhNAVYK1uEuEVkyB/KLbwhxy6vPcxr+l7fQ4fg9HvEvg3pRnVmS+D132GG
7VHBCyWWhmSQ+JJO1+qNs317/a7orIaNI96kQoubTk5Bdfq2/TRDXLm5O0TS
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:27 2024 by rpki-client on console-fra.rpki-client.org