Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/72e3a1-906c-448b-98da-5a206e8b1369/1/vdLOhWaz-0AKR0Xgz0f8ugQjF4E.roa
File: vdLOhWaz-0AKR0Xgz0f8ugQjF4E.roa (raw, json)
Hash identifier: +2DPCynxP4QTYTjKLcylqdoNDP7PIR5/be66ZeMoASE=
Subject key identifier: BD:D2:CE:85:66:B3:FB:40:0A:47:45:E0:CF:47:FC:BA:04:23:17:81
Certificate issuer: /CN=09fecd7071b727db3d12f09efbb454e04d4f743d
Certificate serial: 018CC5DC3C4C50F2411A568F47F538A97B4D
Authority key identifier: 09:FE:CD:70:71:B7:27:DB:3D:12:F0:9E:FB:B4:54:E0:4D:4F:74:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cf7NcHG3J9s9EvCe-7RU4E1PdD0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/72e3a1-906c-448b-98da-5a206e8b1369/1/vdLOhWaz-0AKR0Xgz0f8ugQjF4E.roa
Signing time: Mon 01 Jan 2024 16:29:54 +0000
ROA not before: Mon 01 Jan 2024 16:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 2a0f:d840::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:3c:4c:50:f2:41:1a:56:8f:47:f5:38:a9:7b:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09fecd7071b727db3d12f09efbb454e04d4f743d
Validity
Not Before: Jan 1 16:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bdd2ce8566b3fb400a4745e0cf47fcba04231781
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f2:0d:11:81:1f:43:09:db:cb:6c:90:00:95:
39:c8:1e:44:db:b5:d8:41:02:21:17:0d:57:1e:b1:
b1:e9:67:b5:e5:1a:aa:fe:30:4b:88:f5:23:f8:5c:
2d:54:31:52:40:b9:6b:fe:5a:03:2c:43:bb:e8:06:
74:5e:56:9d:74:ee:7a:d7:c2:d0:25:97:52:68:85:
bd:db:44:2e:fb:42:80:98:74:8d:78:80:27:aa:ca:
a0:fa:e7:e2:41:50:04:e6:d7:4e:01:44:03:fb:8c:
56:f2:20:79:8b:a9:f8:d6:85:78:f0:92:e4:4c:50:
ad:9a:9c:52:34:92:0f:18:28:7f:74:bf:ca:3a:83:
8e:88:47:e7:37:b6:40:bc:c8:ac:58:17:8f:fa:a8:
e9:51:2a:3f:2e:99:ab:6e:25:8e:14:8a:d5:7f:60:
09:a0:e1:87:76:4e:de:7e:62:80:4b:c7:38:ae:39:
06:76:b0:94:d7:cf:e3:c8:43:98:18:13:2d:eb:c9:
9e:f0:4c:b0:53:1a:90:af:df:5d:16:12:e6:e7:71:
c5:5d:14:e1:0e:30:fe:b1:e5:f1:2e:e5:a2:d9:07:
5e:aa:0a:2b:2d:52:cb:47:a1:d6:0c:31:f9:d3:de:
59:e4:d0:ce:a2:dd:4b:69:5e:55:11:02:38:c4:31:
49:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:D2:CE:85:66:B3:FB:40:0A:47:45:E0:CF:47:FC:BA:04:23:17:81
X509v3 Authority Key Identifier:
keyid:09:FE:CD:70:71:B7:27:DB:3D:12:F0:9E:FB:B4:54:E0:4D:4F:74:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cf7NcHG3J9s9EvCe-7RU4E1PdD0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/72e3a1-906c-448b-98da-5a206e8b1369/1/vdLOhWaz-0AKR0Xgz0f8ugQjF4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/72e3a1-906c-448b-98da-5a206e8b1369/1/Cf7NcHG3J9s9EvCe-7RU4E1PdD0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:d840::/29
Signature Algorithm: sha256WithRSAEncryption
34:76:22:53:f6:4f:d4:ef:e1:14:4d:57:5a:e4:a2:90:26:1e:
05:ca:e9:b9:fb:7f:6a:5d:2c:ef:08:c1:2d:0a:8e:69:b9:8f:
4e:21:40:78:c6:41:ad:66:10:9c:95:ce:14:68:c3:d4:62:5d:
a2:14:9c:92:91:8b:7e:62:ef:ab:21:7c:9d:22:6e:c3:bf:3f:
c9:c2:40:38:cb:6c:98:2f:41:a8:63:7a:08:50:e5:b3:d2:be:
07:30:72:a0:05:5a:39:08:98:e4:cc:ec:de:d9:18:c3:7f:bb:
5c:11:c3:7d:0e:8e:d0:7c:15:8c:51:70:07:59:f3:67:cc:b9:
c6:97:9e:1f:6e:81:18:45:45:ad:e0:ca:53:18:ed:cc:8d:98:
c5:bc:8b:ed:7d:91:86:cf:e7:19:0a:39:5b:2d:a2:62:93:fb:
42:c1:cd:24:5f:ba:cd:16:bd:40:56:b3:7c:78:a9:38:73:07:
c6:d9:22:43:aa:ba:63:d9:0d:85:58:33:1a:1c:dc:d2:b6:7d:
66:89:68:95:39:6a:e6:0d:4a:a9:a7:6a:48:06:a8:1c:0e:02:
b0:57:08:c9:cf:08:ae:42:fd:dc:4d:fe:fc:04:c5:1a:07:27:
70:f2:ee:a9:17:90:4b:68:41:8e:c8:ac:a5:1b:eb:83:a5:84:
62:f3:db:71
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzF3DxMUPJBGlaPR/U4qXtNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZmVjZDcwNzFiNzI3ZGIzZDEyZjA5ZWZiYjQ1NGUwNGQ0
Zjc0M2QwHhcNMjQwMTAxMTYyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGQyY2U4NTY2YjNmYjQwMGE0NzQ1ZTBjZjQ3ZmNiYTA0MjMxNzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPINEYEfQwnby2yQAJU5yB5E27XY
QQIhFw1XHrGx6We15Rqq/jBLiPUj+FwtVDFSQLlr/loDLEO76AZ0XladdO5618LQ
JZdSaIW920Qu+0KAmHSNeIAnqsqg+ufiQVAE5tdOAUQD+4xW8iB5i6n41oV48JLk
TFCtmpxSNJIPGCh/dL/KOoOOiEfnN7ZAvMisWBeP+qjpUSo/LpmrbiWOFIrVf2AJ
oOGHdk7efmKAS8c4rjkGdrCU18/jyEOYGBMt68me8EywUxqQr99dFhLm53HFXRTh
DjD+seXxLuWi2QdeqgorLVLLR6HWDDH5095Z5NDOot1LaV5VEQI4xDFJ0QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFL3SzoVms/tACkdF4M9H/LoEIxeBMB8GA1UdIwQY
MBaAFAn+zXBxtyfbPRLwnvu0VOBNT3Q9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2Y3TmNIRzNKOXM5RXZDZS03UlU0RTFQZEQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS83MmUzYTEtOTA2Yy00NDhiLTk4ZGEt
NWEyMDZlOGIxMzY5LzEvdmRMT2hXYXotMEFLUjBYZ3owZjh1Z1FqRjRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS83MmUzYTEtOTA2Yy00NDhiLTk4ZGEtNWEyMDZlOGIxMzY5
LzEvQ2Y3TmNIRzNKOXM5RXZDZS03UlU0RTFQZEQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg/YQDAN
BgkqhkiG9w0BAQsFAAOCAQEANHYiU/ZP1O/hFE1XWuSikCYeBcrpuft/al0s7wjB
LQqOabmPTiFAeMZBrWYQnJXOFGjD1GJdohSckpGLfmLvqyF8nSJuw78/ycJAOMts
mC9BqGN6CFDls9K+BzByoAVaOQiY5Mzs3tkYw3+7XBHDfQ6O0HwVjFFwB1nzZ8y5
xpeeH26BGEVFreDKUxjtzI2YxbyL7X2Rhs/nGQo5Wy2iYpP7QsHNJF+6zRa9QFaz
fHipOHMHxtkiQ6q6Y9kNhVgzGhzc0rZ9ZololTlq5g1KqadqSAaoHA4CsFcIyc8I
rkL93E3+/ATFGgcncPLuqReQS2hBjsispRvrg6WEYvPbcQ==
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:35:23 2024 by rpki-client on console-ams.rpki-client.org