Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/xPFhAsWsvU7jrYPS9g7A82qVOkg.roa
File: xPFhAsWsvU7jrYPS9g7A82qVOkg.roa (raw, json)
Hash identifier: o6VRLTPxXuRtqTyACG1iqvmYBj4/4S0uVNK7IlWnPcw=
Subject key identifier: C4:F1:61:02:C5:AC:BD:4E:E3:AD:83:D2:F6:0E:C0:F3:6A:95:3A:48
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 01856F300640CA189510DD55C10E24F1493D
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/xPFhAsWsvU7jrYPS9g7A82qVOkg.roa
Signing time: Sun 01 Jan 2023 21:14:56 +0000
ROA not before: Sun 01 Jan 2023 21:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211176
IP address blocks: 2a0e:aa07:e020::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:06:40:ca:18:95:10:dd:55:c1:0e:24:f1:49:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 21:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4f16102c5acbd4ee3ad83d2f60ec0f36a953a48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:c9:b8:44:ae:7c:b8:83:a4:1e:2c:32:cc:89:
b5:a7:f2:17:91:87:91:99:b1:53:4c:10:54:5e:3e:
f2:48:20:02:55:81:cd:13:20:59:69:f8:b1:29:07:
21:9b:97:72:fd:aa:d1:7e:67:70:3c:60:d4:fd:8d:
8c:cb:c5:b0:67:d1:a7:95:27:70:66:08:8b:93:c7:
77:9d:50:5c:79:a8:c9:e1:bd:b5:0d:a4:43:9f:34:
79:1e:8d:5c:65:a8:b0:d1:c1:68:3c:ef:a0:25:e2:
e5:e3:1b:91:dd:72:d4:60:95:42:44:c2:6c:0c:e6:
c7:a1:6d:89:87:d3:3c:e4:4e:c9:20:be:77:68:62:
aa:63:92:20:60:46:bd:51:99:1e:c4:4b:27:6c:51:
38:e5:9a:a2:fc:4b:e8:60:aa:6a:aa:96:c0:da:27:
d2:43:fc:6d:c7:fd:5a:a4:36:17:bc:c0:fa:e9:c6:
ea:83:00:93:fa:35:46:67:ed:75:2c:f8:4d:df:c9:
a3:09:d9:ae:29:bc:29:00:43:a1:03:76:77:2a:b1:
0c:b4:96:f5:86:1c:3f:d0:88:8d:a2:b0:5e:66:5b:
29:d4:f8:16:2f:6d:4b:ee:17:eb:01:99:46:84:21:
d2:43:6c:d2:d8:83:09:5e:27:32:f3:01:81:54:e4:
d7:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:F1:61:02:C5:AC:BD:4E:E3:AD:83:D2:F6:0E:C0:F3:6A:95:3A:48
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/xPFhAsWsvU7jrYPS9g7A82qVOkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:e020::/48
Signature Algorithm: sha256WithRSAEncryption
80:68:56:d9:0c:73:2e:a3:51:c1:16:58:93:94:cd:7e:25:89:
5d:f0:5c:44:dc:e0:f1:e3:0e:b6:57:2d:44:28:6c:4e:75:86:
d7:27:f0:4b:03:11:e7:5e:15:b2:5a:d9:65:d0:51:78:a1:b1:
33:f8:d3:06:23:9e:c7:eb:20:6d:55:b9:67:80:8b:55:c4:33:
e3:70:48:7a:b2:1c:44:9f:41:6a:67:be:0f:c8:c2:b1:fc:a1:
8b:a3:32:ff:a2:da:ea:ed:51:71:cf:d4:3a:a5:1b:9c:8e:64:
ae:dd:08:47:97:cd:83:6b:07:b0:3e:88:68:68:b6:42:28:5d:
9d:c1:48:8a:66:29:e8:47:23:34:a7:e6:a4:e1:d3:23:e3:a8:
a0:7c:94:32:36:d5:e6:b5:f5:cb:3c:bf:2d:d7:6a:68:00:38:
36:4c:07:81:12:d1:aa:25:f7:b0:c5:a4:3d:ed:88:f9:80:83:
22:6e:2c:e4:14:d6:a9:14:e5:15:43:be:8e:40:71:84:ca:7a:
b7:99:17:34:e7:fb:74:60:03:9f:7f:bd:73:fe:95:51:60:a2:
48:40:e3:98:d2:2c:66:3e:92:4f:c3:c5:37:5a:9d:e0:b4:39:
98:ac:25:b0:af:e1:10:18:14:71:f1:5c:fb:2a:ba:89:2d:19:
0e:77:1a:fd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvMAZAyhiVEN1VwQ4k8Uk9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjMwMTAxMjExNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGYxNjEwMmM1YWNiZDRlZTNhZDgzZDJmNjBlYzBmMzZhOTUzYTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Mm4RK58uIOkHiwyzIm1p/IXkYeR
mbFTTBBUXj7ySCACVYHNEyBZafixKQchm5dy/arRfmdwPGDU/Y2My8WwZ9GnlSdw
ZgiLk8d3nVBceajJ4b21DaRDnzR5Ho1cZaiw0cFoPO+gJeLl4xuR3XLUYJVCRMJs
DObHoW2Jh9M85E7JIL53aGKqY5IgYEa9UZkexEsnbFE45Zqi/EvoYKpqqpbA2ifS
Q/xtx/1apDYXvMD66cbqgwCT+jVGZ+11LPhN38mjCdmuKbwpAEOhA3Z3KrEMtJb1
hhw/0IiNorBeZlsp1PgWL21L7hfrAZlGhCHSQ2zS2IMJXicy8wGBVOTXFQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMTxYQLFrL1O462D0vYOwPNqlTpIMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEveFBGaEFzV3N2VTdqcllQUzlnN0E4MnFWT2tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6qB+Ag
MA0GCSqGSIb3DQEBCwUAA4IBAQCAaFbZDHMuo1HBFliTlM1+JYld8FxE3ODx4w62
Vy1EKGxOdYbXJ/BLAxHnXhWyWtll0FF4obEz+NMGI57H6yBtVblngItVxDPjcEh6
shxEn0FqZ74PyMKx/KGLozL/otrq7VFxz9Q6pRucjmSu3QhHl82DawewPohoaLZC
KF2dwUiKZinoRyM0p+ak4dMj46igfJQyNtXmtfXLPL8t12poADg2TAeBEtGqJfew
xaQ97Yj5gIMibizkFNapFOUVQ76OQHGEynq3mRc05/t0YAOff71z/pVRYKJIQOOY
0ixmPpJPw8U3Wp3gtDmYrCWwr+EQGBRx8Vz7KrqJLRkOdxr9
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:54:03 2024 by rpki-client on console-ams.rpki-client.org