Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/4WGDLYt0jOr5ODST5VUqWJnf1Pw.roa
File: 4WGDLYt0jOr5ODST5VUqWJnf1Pw.roa (raw, json)
Hash identifier: 0lAhG+ZZSZsGYqNvLLYah7jGTb63otabYrfgcPtXMsw=
Subject key identifier: E1:61:83:2D:8B:74:8C:EA:F9:38:34:93:E5:55:2A:58:99:DF:D4:FC
Certificate issuer: /CN=ee31367df6d1861071c92bae726523326f45ba2a
Certificate serial: 01856FA71851CD4F50DB3A1B07A01A83E700
Authority key identifier: EE:31:36:7D:F6:D1:86:10:71:C9:2B:AE:72:65:23:32:6F:45:BA:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7jE2ffbRhhBxySuucmUjMm9Fuio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/4WGDLYt0jOr5ODST5VUqWJnf1Pw.roa
Signing time: Sun 01 Jan 2023 23:24:59 +0000
ROA not before: Sun 01 Jan 2023 23:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133480
IP address blocks: 2a0e:1cc0:2::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a7:18:51:cd:4f:50:db:3a:1b:07:a0:1a:83:e7:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee31367df6d1861071c92bae726523326f45ba2a
Validity
Not Before: Jan 1 23:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e161832d8b748ceaf9383493e5552a5899dfd4fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:bc:27:f8:51:d3:b3:29:08:33:29:5a:b6:c7:
dc:f1:ea:de:f9:c7:a6:2c:75:eb:1b:c4:f8:0d:31:
29:f5:8b:ad:f9:14:5f:8f:6e:db:b6:8f:c0:db:d9:
b9:bb:0b:61:07:81:ee:0b:6d:98:c2:e1:45:48:ce:
91:d0:15:d9:78:c2:e4:6f:29:25:98:69:97:01:99:
1f:ab:d7:97:57:76:59:08:8f:3e:ad:19:93:f4:6a:
54:7a:84:b8:09:ea:30:1a:6f:cd:68:8f:7f:50:a8:
64:1a:d6:2b:3a:9c:77:70:d7:d4:a3:14:3c:84:d8:
f5:71:c5:18:36:be:04:b8:0b:96:23:0e:9c:5f:59:
b0:d1:93:4c:01:a1:95:71:cf:26:a2:d6:33:a8:d5:
a9:b9:39:6d:e1:17:7c:b0:b4:41:c1:c6:75:cb:20:
c9:15:d2:4f:81:06:9a:35:67:df:bc:b2:a0:21:8f:
4d:c1:aa:ae:26:24:af:c2:a8:76:d4:b3:fb:d5:2a:
a7:37:1e:63:12:11:e8:6e:62:cc:9b:1a:ca:e9:38:
ad:be:52:2f:b2:77:84:26:93:b3:d8:72:29:6f:42:
05:02:73:a1:7e:c6:5f:0a:54:fc:be:75:a9:90:ae:
56:0d:6c:93:96:20:ea:0f:61:f3:1b:07:33:3f:06:
62:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:61:83:2D:8B:74:8C:EA:F9:38:34:93:E5:55:2A:58:99:DF:D4:FC
X509v3 Authority Key Identifier:
keyid:EE:31:36:7D:F6:D1:86:10:71:C9:2B:AE:72:65:23:32:6F:45:BA:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7jE2ffbRhhBxySuucmUjMm9Fuio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/4WGDLYt0jOr5ODST5VUqWJnf1Pw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/7jE2ffbRhhBxySuucmUjMm9Fuio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1cc0:2::/48
Signature Algorithm: sha256WithRSAEncryption
95:e5:20:a7:73:f9:f4:7d:11:76:e5:bc:a8:27:db:43:99:ff:
8f:cd:7c:78:b0:e6:6a:d1:19:a3:f5:d6:30:4b:4d:b5:f3:de:
30:7a:74:cc:d5:58:36:50:ce:67:b6:c9:10:9a:ed:ea:90:d7:
e2:50:64:63:53:11:9a:42:e6:a6:19:58:f9:eb:77:9a:3e:2e:
16:87:62:93:66:03:f3:2b:fb:56:55:56:36:d6:c5:6d:73:b3:
1a:94:75:dd:19:38:e8:7c:6f:69:7d:94:49:32:0f:9d:8f:87:
8c:31:6d:d4:74:fa:50:40:c0:d6:7e:30:70:64:0a:6e:13:31:
22:39:88:d0:61:39:49:42:dd:62:7e:b9:15:a5:e4:64:bf:84:
6b:b8:c8:a5:2e:1c:06:43:56:72:b7:ff:30:b7:35:74:1b:eb:
06:f0:aa:25:16:4e:cb:8a:53:80:76:0a:95:e4:8b:5d:33:73:
9a:72:93:43:38:03:65:a9:ab:1e:dc:89:2d:40:40:17:ee:74:
77:68:54:42:75:21:57:b2:54:ee:af:3c:4f:f4:74:ca:3d:1f:
d6:2d:84:d4:28:41:ad:60:e6:ec:b3:d0:a8:36:f3:e2:1f:44:
10:3f:1f:50:16:4b:3e:7c:62:a0:e4:14:0d:db:01:94:6d:a3:
89:e2:ed:31
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvpxhRzU9Q2zobB6Aag+cAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMzEzNjdkZjZkMTg2MTA3MWM5MmJhZTcyNjUyMzMyNmY0
NWJhMmEwHhcNMjMwMTAxMjMyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTYxODMyZDhiNzQ4Y2VhZjkzODM0OTNlNTU1MmE1ODk5ZGZkNGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2rwn+FHTsykIMylatsfc8ere+cem
LHXrG8T4DTEp9Yut+RRfj27bto/A29m5uwthB4HuC22YwuFFSM6R0BXZeMLkbykl
mGmXAZkfq9eXV3ZZCI8+rRmT9GpUeoS4CeowGm/NaI9/UKhkGtYrOpx3cNfUoxQ8
hNj1ccUYNr4EuAuWIw6cX1mw0ZNMAaGVcc8motYzqNWpuTlt4Rd8sLRBwcZ1yyDJ
FdJPgQaaNWffvLKgIY9NwaquJiSvwqh21LP71SqnNx5jEhHobmLMmxrK6TitvlIv
sneEJpOz2HIpb0IFAnOhfsZfClT8vnWpkK5WDWyTliDqD2HzGwczPwZiGwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOFhgy2LdIzq+Tg0k+VVKliZ39T8MB8GA1UdIwQY
MBaAFO4xNn320YYQcckrrnJlIzJvRboqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2pFMmZmYlJoaEJ4eVN1dWNtVWpNbTlGdWlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8xYmI0ZGQtZTljNC00ZDNkLTlhM2It
MTE1OWRiZmJlZDU0LzEvNFdHRExZdDBqT3I1T0RTVDVWVXFXSm5mMVB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8xYmI0ZGQtZTljNC00ZDNkLTlhM2ItMTE1OWRiZmJlZDU0
LzEvN2pFMmZmYlJoaEJ4eVN1dWNtVWpNbTlGdWlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg4cwAAC
MA0GCSqGSIb3DQEBCwUAA4IBAQCV5SCnc/n0fRF25byoJ9tDmf+PzXx4sOZq0Rmj
9dYwS021894wenTM1Vg2UM5ntskQmu3qkNfiUGRjUxGaQuamGVj563eaPi4Wh2KT
ZgPzK/tWVVY21sVtc7MalHXdGTjofG9pfZRJMg+dj4eMMW3UdPpQQMDWfjBwZApu
EzEiOYjQYTlJQt1ifrkVpeRkv4RruMilLhwGQ1Zyt/8wtzV0G+sG8KolFk7LilOA
dgqV5ItdM3OacpNDOANlqase3IktQEAX7nR3aFRCdSFXslTurzxP9HTKPR/WLYTU
KEGtYObss9CoNvPiH0QQPx9QFks+fGKg5BQN2wGUbaOJ4u0x
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:28 2024 by rpki-client on console-fra.rpki-client.org