Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/e76701-9873-4fe0-9b71-f89bcff6959f/1/j8O5rMNG60qBy23N5D1mdoqiV8E.roa
File: j8O5rMNG60qBy23N5D1mdoqiV8E.roa (raw, json)
Hash identifier: r+luHdH8ECmt5SNZhJa41YP8lsvSU4pKKXbmzd8SyL4=
Subject key identifier: 8F:C3:B9:AC:C3:46:EB:4A:81:CB:6D:CD:E4:3D:66:76:8A:A2:57:C1
Certificate issuer: /CN=e738a5f93064239ab4ff793df8a879e1baa8e1c7
Certificate serial: 01856F9DE9E09327C19E86E0BB2024323D8D
Authority key identifier: E7:38:A5:F9:30:64:23:9A:B4:FF:79:3D:F8:A8:79:E1:BA:A8:E1:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5zil-TBkI5q0_3k9-Kh54bqo4cc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/e76701-9873-4fe0-9b71-f89bcff6959f/1/j8O5rMNG60qBy23N5D1mdoqiV8E.roa
Signing time: Sun 01 Jan 2023 23:14:58 +0000
ROA not before: Sun 01 Jan 2023 23:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212596
IP address blocks: 2001:678:e60::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:e9:e0:93:27:c1:9e:86:e0:bb:20:24:32:3d:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e738a5f93064239ab4ff793df8a879e1baa8e1c7
Validity
Not Before: Jan 1 23:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8fc3b9acc346eb4a81cb6dcde43d66768aa257c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:4d:80:39:4a:c9:8f:5a:f7:9b:dd:fc:fd:36:
87:3f:ea:90:17:ea:8d:2a:8d:4c:af:fc:6e:99:12:
49:d7:72:0c:f9:a0:f1:08:68:4f:ec:b6:de:6d:e3:
e0:05:0c:db:83:ab:d6:24:42:3a:01:8f:00:21:b8:
18:7d:3f:d9:80:80:d9:f0:5e:e8:fa:d8:51:3e:89:
da:3d:a7:99:dc:03:d6:84:ff:97:d6:99:59:f8:dd:
e6:fb:81:9a:a9:7f:59:ab:cb:b9:f0:ad:e0:2e:3d:
27:cf:07:7d:81:ae:e4:bd:53:a0:43:db:dc:63:f9:
02:25:b4:44:55:00:4a:86:a4:a7:14:d0:e8:6b:52:
23:45:29:16:b1:2c:97:b4:87:af:03:6e:53:8e:71:
25:86:0e:4d:80:da:6a:fa:fa:b9:44:af:7b:07:01:
8e:b1:a7:7b:57:81:55:a3:ce:30:38:d6:0a:c1:12:
b6:cc:5b:d5:54:58:d3:6b:fe:0b:ce:74:d7:2c:61:
be:6b:27:f7:8f:c0:3d:d0:91:2c:9d:b7:d0:d1:72:
fb:a6:30:2c:0b:8c:8a:a2:79:bf:e4:a3:6f:c3:b5:
ef:d1:d9:3a:cb:ed:7d:11:b6:56:e8:fa:d3:82:bc:
19:39:06:2a:07:04:a6:50:2f:22:d4:5d:82:6b:54:
85:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:C3:B9:AC:C3:46:EB:4A:81:CB:6D:CD:E4:3D:66:76:8A:A2:57:C1
X509v3 Authority Key Identifier:
keyid:E7:38:A5:F9:30:64:23:9A:B4:FF:79:3D:F8:A8:79:E1:BA:A8:E1:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5zil-TBkI5q0_3k9-Kh54bqo4cc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/e76701-9873-4fe0-9b71-f89bcff6959f/1/j8O5rMNG60qBy23N5D1mdoqiV8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/e76701-9873-4fe0-9b71-f89bcff6959f/1/5zil-TBkI5q0_3k9-Kh54bqo4cc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:e60::/48
Signature Algorithm: sha256WithRSAEncryption
00:41:4e:e3:ef:8e:ca:87:8e:13:a2:5c:d2:19:07:39:b5:16:
f0:31:c5:d1:e4:f0:6c:eb:02:eb:9b:00:c0:ff:3b:2d:a5:00:
11:76:9a:ec:61:03:73:43:9e:45:b7:f7:72:5f:2a:d6:04:58:
31:e6:55:ee:df:53:94:76:fc:19:61:ce:79:22:2d:dc:30:a4:
c8:6b:11:53:67:a4:8d:19:68:84:2f:1f:9f:0e:22:f7:d9:d1:
76:5b:d7:42:1e:4f:39:03:44:90:2c:34:5f:35:27:ef:0a:db:
e9:8e:5c:74:cd:6c:b0:70:fa:03:ca:ff:76:c8:e4:99:22:68:
6c:91:a6:80:39:32:34:37:b6:2a:3b:72:ed:ae:b2:1d:95:1f:
67:ed:60:b3:3b:12:e3:f1:2c:5c:04:36:ea:5a:d6:85:ed:d0:
f2:a1:e0:1c:45:0d:0e:94:ad:da:08:aa:87:15:12:df:62:f8:
4b:91:72:66:b9:89:0a:ce:54:1b:cc:7d:57:d2:98:ae:a7:10:
9c:b4:5d:0a:db:72:db:1f:ef:91:b8:f4:e9:2a:89:08:cb:97:
40:d0:ed:81:3a:03:7f:e2:7d:3a:9d:d9:9c:b2:2e:97:2d:ba:
1b:b8:8a:0f:3f:f8:ab:80:6c:f9:82:78:12:eb:d2:6c:cf:dc:
bf:b2:bb:0a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvnengkyfBnobguyAkMj2NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3MzhhNWY5MzA2NDIzOWFiNGZmNzkzZGY4YTg3OWUxYmFh
OGUxYzcwHhcNMjMwMTAxMjMxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmMzYjlhY2MzNDZlYjRhODFjYjZkY2RlNDNkNjY3NjhhYTI1N2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxE2AOUrJj1r3m938/TaHP+qQF+qN
Ko1Mr/xumRJJ13IM+aDxCGhP7LbebePgBQzbg6vWJEI6AY8AIbgYfT/ZgIDZ8F7o
+thRPonaPaeZ3APWhP+X1plZ+N3m+4GaqX9Zq8u58K3gLj0nzwd9ga7kvVOgQ9vc
Y/kCJbREVQBKhqSnFNDoa1IjRSkWsSyXtIevA25TjnElhg5NgNpq+vq5RK97BwGO
sad7V4FVo84wONYKwRK2zFvVVFjTa/4LznTXLGG+ayf3j8A90JEsnbfQ0XL7pjAs
C4yKonm/5KNvw7Xv0dk6y+19EbZW6PrTgrwZOQYqBwSmUC8i1F2Ca1SFrQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFI/DuazDRutKgcttzeQ9ZnaKolfBMB8GA1UdIwQY
MBaAFOc4pfkwZCOatP95PfioeeG6qOHHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXppbC1UQmtJNXEwXzNrOS1LaDU0YnFvNGNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9lNzY3MDEtOTg3My00ZmUwLTliNzEt
Zjg5YmNmZjY5NTlmLzEvajhPNXJNTkc2MHFCeTIzTjVEMW1kb3FpVjhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9lNzY3MDEtOTg3My00ZmUwLTliNzEtZjg5YmNmZjY5NTlm
LzEvNXppbC1UQmtJNXEwXzNrOS1LaDU0YnFvNGNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA5g
MA0GCSqGSIb3DQEBCwUAA4IBAQAAQU7j747Kh44TolzSGQc5tRbwMcXR5PBs6wLr
mwDA/zstpQARdprsYQNzQ55Ft/dyXyrWBFgx5lXu31OUdvwZYc55Ii3cMKTIaxFT
Z6SNGWiELx+fDiL32dF2W9dCHk85A0SQLDRfNSfvCtvpjlx0zWywcPoDyv92yOSZ
ImhskaaAOTI0N7YqO3LtrrIdlR9n7WCzOxLj8SxcBDbqWtaF7dDyoeAcRQ0OlK3a
CKqHFRLfYvhLkXJmuYkKzlQbzH1X0piupxCctF0K23LbH++RuPTpKokIy5dA0O2B
OgN/4n06ndmcsi6XLbobuIoPP/irgGz5gngS69Jsz9y/srsK
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:10:01 2024 by rpki-client on console-fra.rpki-client.org