Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/5678cd-d77b-4563-afe3-b40527dd43fc/1/fXFK3DL7op8CoNNXAyBF1BBZlAI.roa
File: fXFK3DL7op8CoNNXAyBF1BBZlAI.roa (raw, json)
Hash identifier: sdCyGUpLeZJGATgmcVl19PP0QvMFDjQeYpV2lr/WATM=
Subject key identifier: 7D:71:4A:DC:32:FB:A2:9F:02:A0:D3:57:03:20:45:D4:10:59:94:02
Certificate issuer: /CN=d34403a30b313759af9626afd8d3d23805fcc80e
Certificate serial: 018ABC638143FDFE6EE3216E5B54495C85EC
Authority key identifier: D3:44:03:A3:0B:31:37:59:AF:96:26:AF:D8:D3:D2:38:05:FC:C8:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/00QDowsxN1mvliav2NPSOAX8yA4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/5678cd-d77b-4563-afe3-b40527dd43fc/1/fXFK3DL7op8CoNNXAyBF1BBZlAI.roa
Signing time: Fri 22 Sep 2023 10:15:52 +0000
ROA not before: Fri 22 Sep 2023 10:15:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57454
IP address blocks: 2a0c:cd40::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bc:63:81:43:fd:fe:6e:e3:21:6e:5b:54:49:5c:85:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d34403a30b313759af9626afd8d3d23805fcc80e
Validity
Not Before: Sep 22 10:15:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d714adc32fba29f02a0d357032045d410599402
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d1:98:8b:1e:25:17:24:c9:aa:6b:5b:f3:ab:
b0:25:01:db:73:1c:22:04:6f:f9:06:0a:84:b7:da:
b4:00:1f:be:9c:d8:78:c1:04:9f:6f:68:83:95:cb:
8f:54:14:4a:29:20:7c:68:9b:77:90:26:60:98:77:
63:35:df:df:60:b4:aa:8e:e6:3a:6d:3c:56:cf:bb:
76:73:e0:8e:0b:31:a3:ef:b3:f1:24:f3:58:d0:24:
c9:42:e9:56:52:d7:b0:db:3c:7e:af:3f:31:99:f0:
c2:c4:9d:22:52:e7:66:fa:4c:72:07:5f:a9:f2:fa:
61:8f:4c:ff:68:6e:16:f6:51:10:c4:a5:aa:a7:57:
18:0a:a9:b6:86:c2:4f:3f:2e:a5:0f:58:98:e9:5c:
12:7b:46:a2:24:fd:d3:71:d5:3b:79:14:be:b0:25:
bb:dc:58:e7:22:31:dc:a8:8a:29:74:80:d9:b1:c1:
8f:f4:31:1f:6b:30:47:e0:83:1f:4f:4f:1f:ae:20:
a1:2e:51:3e:fe:31:45:fc:9f:7c:47:9c:42:a7:7f:
0a:2b:ed:35:86:aa:ef:2a:a2:f3:c2:b2:18:77:95:
79:3d:b2:96:e8:7f:bf:97:63:31:c3:bd:32:dd:2b:
a5:14:13:03:b8:18:8b:82:db:b7:86:fd:76:5c:9f:
73:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:71:4A:DC:32:FB:A2:9F:02:A0:D3:57:03:20:45:D4:10:59:94:02
X509v3 Authority Key Identifier:
keyid:D3:44:03:A3:0B:31:37:59:AF:96:26:AF:D8:D3:D2:38:05:FC:C8:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/00QDowsxN1mvliav2NPSOAX8yA4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/5678cd-d77b-4563-afe3-b40527dd43fc/1/fXFK3DL7op8CoNNXAyBF1BBZlAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/5678cd-d77b-4563-afe3-b40527dd43fc/1/00QDowsxN1mvliav2NPSOAX8yA4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:cd40::/29
Signature Algorithm: sha256WithRSAEncryption
a2:6a:ef:66:ce:5b:3c:06:60:8b:3f:0a:da:4e:c5:1e:25:ff:
65:20:3c:e0:91:fe:ab:88:53:8d:cb:80:d5:ee:61:1a:85:39:
69:cd:05:bb:e9:18:67:76:8b:db:4b:47:40:05:a4:89:ea:ac:
c9:d6:f4:15:93:f3:55:e7:0d:82:d2:bd:94:f8:52:c4:e9:4c:
b4:e5:a6:86:e2:37:68:2b:68:05:be:02:65:bd:8c:5d:98:38:
d1:ba:5d:a0:d5:84:05:dc:c9:4b:62:e2:e7:85:d3:9d:0a:9a:
22:c7:4b:63:45:ba:f2:ea:62:21:9a:76:50:9e:b2:a5:63:ef:
c1:d8:88:0d:28:45:a6:c2:79:59:33:4f:76:3a:69:0d:cd:d2:
84:d9:86:f1:3c:ec:47:09:0f:9f:d2:b7:2c:bc:56:4c:dc:11:
1f:fa:7e:d7:2e:a2:8a:c5:cb:6f:f1:dd:fe:8a:f7:b1:e0:07:
51:77:f0:77:dc:2b:62:1c:8f:8b:ad:c5:9b:d0:86:67:76:b4:
33:0d:2c:ba:c8:8a:2e:14:8e:be:32:d4:87:d5:60:17:69:47:
0a:9d:ef:e6:4a:f4:3f:6f:a9:ff:c3:2f:56:27:2e:71:b3:93:
38:ef:df:6e:28:ab:a7:00:18:d9:8b:bf:5e:8a:96:c1:14:66:
01:c1:e0:8e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYq8Y4FD/f5u4yFuW1RJXIXsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNDQwM2EzMGIzMTM3NTlhZjk2MjZhZmQ4ZDNkMjM4MDVm
Y2M4MGUwHhcNMjMwOTIyMTAxNTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDcxNGFkYzMyZmJhMjlmMDJhMGQzNTcwMzIwNDVkNDEwNTk5NDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9GYix4lFyTJqmtb86uwJQHbcxwi
BG/5BgqEt9q0AB++nNh4wQSfb2iDlcuPVBRKKSB8aJt3kCZgmHdjNd/fYLSqjuY6
bTxWz7t2c+COCzGj77PxJPNY0CTJQulWUtew2zx+rz8xmfDCxJ0iUudm+kxyB1+p
8vphj0z/aG4W9lEQxKWqp1cYCqm2hsJPPy6lD1iY6VwSe0aiJP3TcdU7eRS+sCW7
3FjnIjHcqIopdIDZscGP9DEfazBH4IMfT08friChLlE+/jFF/J98R5xCp38KK+01
hqrvKqLzwrIYd5V5PbKW6H+/l2Mxw70y3SulFBMDuBiLgtu3hv12XJ9z4QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFH1xStwy+6KfAqDTVwMgRdQQWZQCMB8GA1UdIwQY
MBaAFNNEA6MLMTdZr5Ymr9jT0jgF/MgOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDBRRG93c3hOMW12bGlhdjJOUFNPQVg4eUE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My81Njc4Y2QtZDc3Yi00NTYzLWFmZTMt
YjQwNTI3ZGQ0M2ZjLzEvZlhGSzNETDdvcDhDb05OWEF5QkYxQkJabEFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My81Njc4Y2QtZDc3Yi00NTYzLWFmZTMtYjQwNTI3ZGQ0M2Zj
LzEvMDBRRG93c3hOMW12bGlhdjJOUFNPQVg4eUE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgzNQDAN
BgkqhkiG9w0BAQsFAAOCAQEAomrvZs5bPAZgiz8K2k7FHiX/ZSA84JH+q4hTjcuA
1e5hGoU5ac0Fu+kYZ3aL20tHQAWkieqsydb0FZPzVecNgtK9lPhSxOlMtOWmhuI3
aCtoBb4CZb2MXZg40bpdoNWEBdzJS2Li54XTnQqaIsdLY0W68upiIZp2UJ6ypWPv
wdiIDShFpsJ5WTNPdjppDc3ShNmG8TzsRwkPn9K3LLxWTNwRH/p+1y6iisXLb/Hd
/or3seAHUXfwd9wrYhyPi63Fm9CGZ3a0Mw0susiKLhSOvjLUh9VgF2lHCp3v5kr0
P2+p/8MvVicucbOTOO/fbiirpwAY2Yu/XoqWwRRmAcHgjg==
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:26:07 2024 by rpki-client on console-fra.rpki-client.org