Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/wBHGSy6o9pWs0JT7nAj5ouniy08.roa
File: wBHGSy6o9pWs0JT7nAj5ouniy08.roa (raw, json)
Hash identifier: M9EmZzhaHRKDTbZjfZ9jlaxyY6KWa8CvP0WdCqgZmgk=
Subject key identifier: C0:11:C6:4B:2E:A8:F6:95:AC:D0:94:FB:9C:08:F9:A2:E9:E2:CB:4F
Certificate issuer: /CN=3c177b528043a85953fc250f991d9d8020e2810d
Certificate serial: 01856D8AEA823D5B546E8B8163A48F274E0E
Authority key identifier: 3C:17:7B:52:80:43:A8:59:53:FC:25:0F:99:1D:9D:80:20:E2:81:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PBd7UoBDqFlT_CUPmR2dgCDigQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/wBHGSy6o9pWs0JT7nAj5ouniy08.roa
Signing time: Sun 01 Jan 2023 13:34:58 +0000
ROA not before: Sun 01 Jan 2023 13:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20853
IP address blocks: 2a0a:2307:f000::/46 maxlen: 48
2a0a:2307::/47 maxlen: 48
2a0a:2306:f000::/45 maxlen: 48
2a0a:2306:e000::/45 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:ea:82:3d:5b:54:6e:8b:81:63:a4:8f:27:4e:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c177b528043a85953fc250f991d9d8020e2810d
Validity
Not Before: Jan 1 13:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c011c64b2ea8f695acd094fb9c08f9a2e9e2cb4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a2:ca:fd:e0:20:bb:b3:e7:d3:7b:7b:ce:f3:
0f:4a:f9:30:09:cc:d5:fe:26:61:6f:27:7b:02:fb:
41:72:14:e7:c2:96:7b:2c:38:d2:31:08:f5:d1:53:
d2:b0:ab:1d:23:15:24:dc:24:e8:8d:19:b1:e4:f5:
37:ed:49:29:5a:86:1c:49:84:7f:96:58:43:35:2b:
31:c1:12:5c:ee:ab:5d:e8:93:94:5a:07:a6:f5:38:
de:07:f8:96:39:5e:ae:65:e9:d2:81:fb:bc:c7:88:
1a:23:09:0d:1d:83:a9:74:ed:39:2f:20:6a:94:e2:
54:d2:6d:9b:17:2e:36:fc:3c:c0:91:92:17:a8:5a:
01:98:25:a7:57:bb:95:e0:25:ad:05:e3:3a:ba:4d:
c3:3a:76:98:c2:21:81:bd:eb:bb:de:cc:ee:1a:74:
de:2c:fb:f5:d6:dc:e3:71:30:cd:c2:6b:6e:d7:3b:
fe:d9:2d:44:81:de:9a:e9:c9:e5:9b:3b:9e:d0:f4:
6d:95:2c:27:26:d9:5b:76:8e:db:1c:e9:f8:46:b1:
67:f9:6e:66:38:bd:9b:c6:b0:bb:f9:da:d2:ae:df:
ea:fc:e6:87:c1:85:a6:e5:45:38:14:f3:6c:e2:8d:
11:1f:29:41:17:80:3a:2a:3c:9a:aa:ea:7f:8e:5f:
44:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:11:C6:4B:2E:A8:F6:95:AC:D0:94:FB:9C:08:F9:A2:E9:E2:CB:4F
X509v3 Authority Key Identifier:
keyid:3C:17:7B:52:80:43:A8:59:53:FC:25:0F:99:1D:9D:80:20:E2:81:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PBd7UoBDqFlT_CUPmR2dgCDigQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/wBHGSy6o9pWs0JT7nAj5ouniy08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/PBd7UoBDqFlT_CUPmR2dgCDigQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2306:e000::/45
2a0a:2306:f000::/45
2a0a:2307::/47
2a0a:2307:f000::/46
Signature Algorithm: sha256WithRSAEncryption
b8:a8:7c:d3:bb:0a:12:7a:ea:44:96:18:4d:c2:66:25:df:7e:
e0:6b:af:87:fa:a6:1a:b3:2a:ac:fd:5f:42:e5:89:05:4c:22:
a4:2e:88:fc:56:e4:ab:d8:a6:b7:b4:c9:ef:cb:bf:d1:36:4b:
62:b1:0e:3a:db:13:20:5f:d9:47:50:f3:e7:c7:12:d8:7a:89:
99:39:5b:83:6a:69:7b:32:c9:c2:3d:cc:cf:d6:ec:2f:4f:25:
3a:14:ed:62:c8:06:33:d3:01:de:8e:01:f9:61:d9:c6:05:c0:
09:e2:a8:80:e4:b6:b6:ab:cd:04:13:b7:1b:37:a6:51:25:24:
89:dc:31:e3:86:48:aa:7b:2d:14:9e:63:91:b2:88:b3:f0:6b:
6f:12:f9:c7:32:8e:a5:43:9a:f6:0e:e9:2d:72:5b:fc:5b:89:
ae:23:8a:e4:52:8f:fe:12:aa:ab:d5:0c:92:ba:8e:b1:57:41:
cd:2b:47:69:aa:68:c0:62:17:fa:58:db:a7:1e:da:53:0b:c2:
f3:32:a3:f4:d6:02:3d:68:cd:f6:4e:cb:9a:f1:be:3c:9f:70:
0a:43:22:bc:03:2a:53:ae:3c:83:e3:63:2e:ab:b5:9d:f8:6a:
c7:59:3a:eb:54:1e:be:27:0f:e2:41:0e:d3:23:d3:f7:36:6d:
48:35:a9:95
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVtiuqCPVtUbouBY6SPJ04OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMTc3YjUyODA0M2E4NTk1M2ZjMjUwZjk5MWQ5ZDgwMjBl
MjgxMGQwHhcNMjMwMTAxMTMzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDExYzY0YjJlYThmNjk1YWNkMDk0ZmI5YzA4ZjlhMmU5ZTJjYjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6LK/eAgu7Pn03t7zvMPSvkwCczV
/iZhbyd7AvtBchTnwpZ7LDjSMQj10VPSsKsdIxUk3CTojRmx5PU37UkpWoYcSYR/
llhDNSsxwRJc7qtd6JOUWgem9TjeB/iWOV6uZenSgfu8x4gaIwkNHYOpdO05LyBq
lOJU0m2bFy42/DzAkZIXqFoBmCWnV7uV4CWtBeM6uk3DOnaYwiGBveu73szuGnTe
LPv11tzjcTDNwmtu1zv+2S1Egd6a6cnlmzue0PRtlSwnJtlbdo7bHOn4RrFn+W5m
OL2bxrC7+drSrt/q/OaHwYWm5UU4FPNs4o0RHylBF4A6Kjyaqup/jl9ESwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMARxksuqPaVrNCU+5wI+aLp4stPMB8GA1UdIwQY
MBaAFDwXe1KAQ6hZU/wlD5kdnYAg4oENMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEJkN1VvQkRxRmxUX0NVUG1SMmRnQ0RpZ1EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81ZWQ1MjUtM2YzNy00YzcwLWEyZWMt
YTQxNTFiNWUyZmNmLzEvd0JIR1N5Nm85cFdzMEpUN25BajVvdW5peTA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81ZWQ1MjUtM2YzNy00YzcwLWEyZWMtYTQxNTFiNWUyZmNm
LzEvUEJkN1VvQkRxRmxUX0NVUG1SMmRnQ0RpZ1EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcDKgojBuAA
AwcDKgojBvAAAwcBKgojBwAAAwcCKgojB/AAMA0GCSqGSIb3DQEBCwUAA4IBAQC4
qHzTuwoSeupElhhNwmYl337ga6+H+qYasyqs/V9C5YkFTCKkLoj8VuSr2Ka3tMnv
y7/RNktisQ462xMgX9lHUPPnxxLYeomZOVuDaml7MsnCPczP1uwvTyU6FO1iyAYz
0wHejgH5YdnGBcAJ4qiA5La2q80EE7cbN6ZRJSSJ3DHjhkiqey0UnmORsoiz8Gtv
EvnHMo6lQ5r2Duktclv8W4muI4rkUo/+Eqqr1QySuo6xV0HNK0dpqmjAYhf6WNun
HtpTC8LzMqP01gI9aM32Tsua8b48n3AKQyK8AypTrjyD42Muq7Wd+GrHWTrrVB6+
Jw/iQQ7TI9P3Nm1INamV
-----END CERTIFICATE-----
Generated at Tue Jul 25 11:08:53 2023 by rpki-client on console-fra.rpki-client.org