Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/8e9855-5989-486e-9436-50a7c92591d0/1/ix6lUsquNmFi3yh4bP-hhrGAa7w.roa
File: ix6lUsquNmFi3yh4bP-hhrGAa7w.roa (raw, json)
Hash identifier: BnODzwU5rmsHw8cTf+l+20opbR3wpTWNXifd7gybWu8=
Subject key identifier: 8B:1E:A5:52:CA:AE:36:61:62:DF:28:78:6C:FF:A1:86:B1:80:6B:BC
Certificate issuer: /CN=20c8d5c373a6bf3bab229394360b86d0096aecbd
Certificate serial: 01856CCABE146DDF95423190845F1847BE71
Authority key identifier: 20:C8:D5:C3:73:A6:BF:3B:AB:22:93:94:36:0B:86:D0:09:6A:EC:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IMjVw3OmvzurIpOUNguG0Alq7L0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/8e9855-5989-486e-9436-50a7c92591d0/1/ix6lUsquNmFi3yh4bP-hhrGAa7w.roa
Signing time: Sun 01 Jan 2023 10:05:04 +0000
ROA not before: Sun 01 Jan 2023 10:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211742
IP address blocks: 2001:67c:293c::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:be:14:6d:df:95:42:31:90:84:5f:18:47:be:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20c8d5c373a6bf3bab229394360b86d0096aecbd
Validity
Not Before: Jan 1 10:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b1ea552caae366162df28786cffa186b1806bbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:01:38:07:c6:95:55:3e:25:f2:0a:f6:ad:f9:
ed:85:43:0f:a7:69:fe:7d:f1:ad:c9:fc:f2:19:9a:
1f:0b:15:19:9c:f1:43:a8:ac:1c:88:29:16:c7:e4:
46:3e:f5:6c:ed:ce:4b:dc:f1:35:e1:74:1e:ec:32:
83:d5:e8:35:0c:74:fe:59:1a:54:05:a0:ad:9d:bf:
12:19:e7:28:31:05:27:a2:0e:11:ce:ae:30:a8:90:
5d:9b:8e:0a:5d:11:af:8c:15:ca:81:1b:81:4d:7e:
f0:b2:1b:6a:14:7c:6d:28:fd:89:4c:7c:06:44:a0:
f0:77:a0:3a:a3:1d:92:0d:ac:b6:5c:72:2f:22:a6:
63:41:66:95:a9:cd:ad:e2:b5:dd:91:86:f3:3e:3a:
32:aa:02:12:96:c0:f2:5a:78:f6:4d:66:25:6d:5a:
5b:e4:17:9a:9a:c6:2a:9a:28:3d:f5:d0:14:ca:52:
d9:86:51:5f:31:64:3e:94:05:be:17:a1:5e:d1:62:
f4:a1:44:13:f0:d2:d6:4c:25:f5:1c:2e:18:09:14:
40:1d:28:ab:ba:de:75:19:4d:a2:e7:7b:34:9d:c8:
63:4b:27:9c:eb:4f:9a:c2:1c:b7:08:62:39:cd:0a:
b7:c8:78:ae:48:c9:52:af:b2:42:02:db:02:61:fc:
c8:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:1E:A5:52:CA:AE:36:61:62:DF:28:78:6C:FF:A1:86:B1:80:6B:BC
X509v3 Authority Key Identifier:
keyid:20:C8:D5:C3:73:A6:BF:3B:AB:22:93:94:36:0B:86:D0:09:6A:EC:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IMjVw3OmvzurIpOUNguG0Alq7L0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/8e9855-5989-486e-9436-50a7c92591d0/1/ix6lUsquNmFi3yh4bP-hhrGAa7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/8e9855-5989-486e-9436-50a7c92591d0/1/IMjVw3OmvzurIpOUNguG0Alq7L0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:293c::/48
Signature Algorithm: sha256WithRSAEncryption
bb:b0:3c:70:ac:a7:ce:f6:62:88:00:99:b5:fd:15:c2:12:b9:
d8:ef:65:cd:99:a6:7a:a1:47:f3:d7:3c:b4:13:b2:dc:0a:fa:
b1:a7:90:91:16:77:62:65:54:65:d4:b3:b2:bf:08:47:1b:cb:
82:d5:b4:41:08:04:68:6b:43:51:e2:17:11:6a:ae:8a:9d:5b:
cf:92:58:e0:00:a1:f9:36:d4:14:75:8f:6a:4c:94:4b:3c:34:
50:6a:13:b7:bc:79:5d:89:97:7c:be:18:03:85:67:b5:12:47:
32:b8:7b:30:ea:c0:5b:d5:5a:0c:f9:d3:64:c4:6d:67:14:b6:
80:01:a3:8b:82:e1:2f:81:87:a5:3b:95:c4:59:89:64:59:be:
79:db:b1:7d:a1:f2:69:e7:a2:7c:f7:ed:6b:56:18:3c:5b:5a:
56:1d:04:36:be:a3:21:8a:30:c4:83:c2:ea:1a:3c:be:0f:d5:
dc:04:af:12:4e:cd:96:a6:04:61:10:ef:14:8a:c2:bd:d8:7b:
40:98:c3:bd:c0:ba:fe:d3:9b:8b:4e:fa:45:35:30:19:f1:3e:
8c:c1:40:c3:19:7c:f3:7a:85:7b:7f:86:17:ec:14:c7:82:ba:
78:90:1b:97:07:2f:1b:92:c1:a8:1d:61:de:46:85:d4:ad:44:
95:b0:59:2d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVsyr4Ubd+VQjGQhF8YR75xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYzhkNWMzNzNhNmJmM2JhYjIyOTM5NDM2MGI4NmQwMDk2
YWVjYmQwHhcNMjMwMTAxMTAwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjFlYTU1MmNhYWUzNjYxNjJkZjI4Nzg2Y2ZmYTE4NmIxODA2YmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugE4B8aVVT4l8gr2rfnthUMPp2n+
ffGtyfzyGZofCxUZnPFDqKwciCkWx+RGPvVs7c5L3PE14XQe7DKD1eg1DHT+WRpU
BaCtnb8SGecoMQUnog4Rzq4wqJBdm44KXRGvjBXKgRuBTX7wshtqFHxtKP2JTHwG
RKDwd6A6ox2SDay2XHIvIqZjQWaVqc2t4rXdkYbzPjoyqgISlsDyWnj2TWYlbVpb
5BeamsYqmig99dAUylLZhlFfMWQ+lAW+F6Fe0WL0oUQT8NLWTCX1HC4YCRRAHSir
ut51GU2i53s0nchjSyec60+awhy3CGI5zQq3yHiuSMlSr7JCAtsCYfzIkQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIsepVLKrjZhYt8oeGz/oYaxgGu8MB8GA1UdIwQY
MBaAFCDI1cNzpr87qyKTlDYLhtAJauy9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU1qVnczT212enVySXBPVU5ndUcwQWxxN0wwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy84ZTk4NTUtNTk4OS00ODZlLTk0MzYt
NTBhN2M5MjU5MWQwLzEvaXg2bFVzcXVObUZpM3loNGJQLWhockdBYTd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy84ZTk4NTUtNTk4OS00ODZlLTk0MzYtNTBhN2M5MjU5MWQw
LzEvSU1qVnczT212enVySXBPVU5ndUcwQWxxN0wwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCk8
MA0GCSqGSIb3DQEBCwUAA4IBAQC7sDxwrKfO9mKIAJm1/RXCErnY72XNmaZ6oUfz
1zy0E7LcCvqxp5CRFndiZVRl1LOyvwhHG8uC1bRBCARoa0NR4hcRaq6KnVvPkljg
AKH5NtQUdY9qTJRLPDRQahO3vHldiZd8vhgDhWe1EkcyuHsw6sBb1VoM+dNkxG1n
FLaAAaOLguEvgYelO5XEWYlkWb5527F9ofJp56J89+1rVhg8W1pWHQQ2vqMhijDE
g8LqGjy+D9XcBK8STs2WpgRhEO8UisK92HtAmMO9wLr+05uLTvpFNTAZ8T6MwUDD
GXzzeoV7f4YX7BTHgrp4kBuXBy8bksGoHWHeRoXUrUSVsFkt
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:42 2024 by rpki-client on console-ams.rpki-client.org