Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/twT7M0nC_rERoC1S5o9kRdoL4Zw.roa
File: twT7M0nC_rERoC1S5o9kRdoL4Zw.roa (raw, json)
Hash identifier: LGlyzkXIh18ux5INKUe5kandxgSrwrtywv+pJNkgx24=
Subject key identifier: B7:04:FB:33:49:C2:FE:B1:11:A0:2D:52:E6:8F:64:45:DA:0B:E1:9C
Certificate issuer: /CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Certificate serial: 01856F26DA1BF6F793C8D7BFE4BC07A841C2
Authority key identifier: 0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/twT7M0nC_rERoC1S5o9kRdoL4Zw.roa
Signing time: Sun 01 Jan 2023 21:04:55 +0000
ROA not before: Sun 01 Jan 2023 21:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44050
IP address blocks: 2a02:c6c1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:da:1b:f6:f7:93:c8:d7:bf:e4:bc:07:a8:41:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Validity
Not Before: Jan 1 21:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b704fb3349c2feb111a02d52e68f6445da0be19c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:48:c1:12:ab:11:8d:b9:34:cd:36:59:2f:9b:
fd:c3:78:2f:8e:65:9b:04:a5:93:37:79:08:60:bb:
b0:8f:bb:11:71:9a:04:d3:93:bd:f8:01:03:9b:ac:
c0:0c:bb:89:5b:04:85:09:d1:b2:34:b9:d8:8d:3f:
92:6c:37:ed:d5:b7:c9:8a:68:63:0d:26:0a:d4:81:
d2:e4:b1:c7:d6:0a:98:16:d4:39:5b:cc:ec:f8:09:
ee:59:9e:4f:23:ce:88:89:33:77:ff:67:01:d0:dc:
e9:21:19:0c:70:f5:43:6c:16:bd:c5:28:c0:16:6b:
32:2c:cb:3d:20:f2:eb:92:24:b9:60:63:32:87:48:
47:3a:52:2c:f9:52:3a:e4:a1:24:44:81:b0:ec:f6:
a0:e7:a5:01:b6:7c:7d:bb:c1:7f:97:21:31:9d:13:
db:cd:9f:51:4e:b1:d9:35:ff:3f:07:01:70:b0:00:
eb:7d:87:47:53:4d:d6:4f:72:e1:55:ee:aa:20:61:
c9:03:45:91:95:3b:e2:b1:24:f2:26:12:63:27:2f:
da:74:c0:c0:32:db:97:17:c9:2a:16:15:f8:39:d7:
9d:6e:16:38:ad:17:44:78:71:6f:3d:0c:e8:da:25:
c3:54:e5:98:df:88:dd:f8:d0:55:d3:cb:99:c9:73:
4d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:04:FB:33:49:C2:FE:B1:11:A0:2D:52:E6:8F:64:45:DA:0B:E1:9C
X509v3 Authority Key Identifier:
keyid:0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/twT7M0nC_rERoC1S5o9kRdoL4Zw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:c6c1::/48
Signature Algorithm: sha256WithRSAEncryption
7d:db:e3:7b:36:90:64:4e:7b:49:be:cd:13:62:31:65:d5:cb:
25:01:2f:ef:34:e9:09:6c:b8:1d:a7:2f:47:46:35:97:79:23:
99:3d:b1:35:51:9e:14:1e:83:c3:7f:ec:87:ae:5f:e0:4a:37:
c3:e8:87:bb:eb:30:07:36:3e:52:fc:b5:b7:18:58:5d:39:ec:
19:e1:f2:5b:14:e8:bb:a9:56:09:35:7c:a5:2f:57:f0:36:20:
44:d3:00:65:b9:9a:0c:63:d4:2e:fe:da:36:02:8f:f9:03:e9:
5a:31:3d:f0:95:ad:82:08:c8:de:11:db:2e:2e:26:b7:dc:85:
74:e9:16:82:46:65:73:2a:33:03:40:0a:b9:56:58:cb:cc:f3:
fa:94:c8:49:e6:72:24:d0:22:58:b3:dd:cc:e1:61:0e:1e:c2:
68:42:dd:a6:5d:01:86:be:f1:ff:a1:57:4e:2f:10:46:3e:b2:
34:e8:10:c9:2f:cb:56:aa:55:6f:9c:63:ca:b0:94:25:13:b7:
85:0a:40:5e:4d:0b:06:6b:74:53:5b:45:f8:d5:4e:ca:c9:7a:
ca:3c:9f:a9:d5:73:b0:f8:bb:5e:0c:47:ce:79:59:65:77:a2:
0e:be:ac:44:89:11:ec:aa:7d:64:21:fb:11:3a:fa:53:f1:13:
ed:ee:88:e7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvJtob9veTyNe/5LwHqEHCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjVjYjJmNTkwZDA0MTY1NGY0ZGZkYjYwYTI4ZjlhMTU0
NGY0NDQwHhcNMjMwMTAxMjEwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzA0ZmIzMzQ5YzJmZWIxMTFhMDJkNTJlNjhmNjQ0NWRhMGJlMTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0jBEqsRjbk0zTZZL5v9w3gvjmWb
BKWTN3kIYLuwj7sRcZoE05O9+AEDm6zADLuJWwSFCdGyNLnYjT+SbDft1bfJimhj
DSYK1IHS5LHH1gqYFtQ5W8zs+AnuWZ5PI86IiTN3/2cB0NzpIRkMcPVDbBa9xSjA
FmsyLMs9IPLrkiS5YGMyh0hHOlIs+VI65KEkRIGw7Pag56UBtnx9u8F/lyExnRPb
zZ9RTrHZNf8/BwFwsADrfYdHU03WT3LhVe6qIGHJA0WRlTvisSTyJhJjJy/adMDA
MtuXF8kqFhX4OdedbhY4rRdEeHFvPQzo2iXDVOWY34jd+NBV08uZyXNN6wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLcE+zNJwv6xEaAtUuaPZEXaC+GcMB8GA1UdIwQY
MBaAFA71yy9ZDQQWVPTf22Cij5oVRPREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmIt
ZWU0MzVkM2NkNTg1LzEvdHdUN00wbkNfckVSb0MxUzVvOWtSZG9MNFp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmItZWU0MzVkM2NkNTg1
LzEvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgLGwQAA
MA0GCSqGSIb3DQEBCwUAA4IBAQB92+N7NpBkTntJvs0TYjFl1cslAS/vNOkJbLgd
py9HRjWXeSOZPbE1UZ4UHoPDf+yHrl/gSjfD6Ie76zAHNj5S/LW3GFhdOewZ4fJb
FOi7qVYJNXylL1fwNiBE0wBluZoMY9Qu/to2Ao/5A+laMT3wla2CCMjeEdsuLia3
3IV06RaCRmVzKjMDQAq5VljLzPP6lMhJ5nIk0CJYs93M4WEOHsJoQt2mXQGGvvH/
oVdOLxBGPrI06BDJL8tWqlVvnGPKsJQlE7eFCkBeTQsGa3RTW0X41U7KyXrKPJ+p
1XOw+LteDEfOeVlld6IOvqxEiRHsqn1kIfsROvpT8RPt7ojn
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:10:11 2024 by rpki-client on console-ams.rpki-client.org