Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/09cafd-68bc-41a2-8bab-80b84e4f20c9/1/AZG68fIaIzfzH-Q_KkWVsjT9hNw.roa
File: AZG68fIaIzfzH-Q_KkWVsjT9hNw.roa (raw, json)
Hash identifier: izZ2NJSVQ30b/Vx/McozzJlG6lM+G54aEd/xlbK+4gc=
Subject key identifier: 01:91:BA:F1:F2:1A:23:37:F3:1F:E4:3F:2A:45:95:B2:34:FD:84:DC
Certificate issuer: /CN=10773f32d3cb4e13e43f10a3dc422f1f3271bfba
Certificate serial: 01856FA70F472E8A1AD535972B3B89A582D7
Authority key identifier: 10:77:3F:32:D3:CB:4E:13:E4:3F:10:A3:DC:42:2F:1F:32:71:BF:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EHc_MtPLThPkPxCj3EIvHzJxv7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/09cafd-68bc-41a2-8bab-80b84e4f20c9/1/AZG68fIaIzfzH-Q_KkWVsjT9hNw.roa
Signing time: Sun 01 Jan 2023 23:24:57 +0000
ROA not before: Sun 01 Jan 2023 23:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200280
IP address blocks: 2a0a:4a40:2270::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a7:0f:47:2e:8a:1a:d5:35:97:2b:3b:89:a5:82:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10773f32d3cb4e13e43f10a3dc422f1f3271bfba
Validity
Not Before: Jan 1 23:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0191baf1f21a2337f31fe43f2a4595b234fd84dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b2:75:38:6b:02:37:d9:4c:d5:46:cc:9c:15:
4e:58:f0:e2:7c:8c:42:f0:a4:c9:95:33:a5:00:2f:
84:5f:9f:e9:c8:a9:0d:a3:dc:8d:45:c5:ab:96:4d:
2f:c9:07:7a:30:9a:55:22:3a:8e:f2:ed:3f:5d:78:
05:4a:ff:0d:dd:f0:e2:7e:b8:99:38:65:2a:d6:c6:
50:b8:9f:08:03:76:7a:fa:59:95:4e:b8:14:4f:fa:
9d:55:b4:fe:52:90:fe:f1:e6:b0:d1:33:a7:20:78:
d3:aa:c8:91:b9:79:e2:68:f6:74:c4:db:0a:21:77:
66:9e:e6:35:a7:16:a4:c3:48:e6:df:59:53:06:ce:
ec:28:3a:41:7d:f0:60:91:c0:38:d3:67:0c:e8:32:
7f:55:e4:f1:f9:7c:91:45:4a:af:a3:d3:a1:6a:a0:
03:0a:dc:c9:ed:87:e7:17:22:5b:e1:f9:93:9f:41:
71:96:10:c8:d3:14:98:73:8c:0e:96:f6:29:05:f4:
53:c6:e8:a8:14:ba:38:7a:49:a7:19:79:52:1b:72:
7f:22:f3:5c:a0:43:c2:68:1c:36:23:68:5c:b6:fb:
b5:1f:e5:ff:00:09:22:04:49:b2:9a:79:c3:4f:d1:
80:ca:d9:21:45:68:4e:8c:81:6d:65:71:0c:69:67:
80:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:91:BA:F1:F2:1A:23:37:F3:1F:E4:3F:2A:45:95:B2:34:FD:84:DC
X509v3 Authority Key Identifier:
keyid:10:77:3F:32:D3:CB:4E:13:E4:3F:10:A3:DC:42:2F:1F:32:71:BF:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHc_MtPLThPkPxCj3EIvHzJxv7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/09cafd-68bc-41a2-8bab-80b84e4f20c9/1/AZG68fIaIzfzH-Q_KkWVsjT9hNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/09cafd-68bc-41a2-8bab-80b84e4f20c9/1/EHc_MtPLThPkPxCj3EIvHzJxv7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:4a40:2270::/44
Signature Algorithm: sha256WithRSAEncryption
da:15:d8:d5:c6:aa:16:1a:87:f7:d1:97:24:41:00:d2:8f:16:
13:1a:93:68:a6:ed:fe:16:84:d7:3a:dd:d5:26:8d:da:2c:ba:
2e:c4:d9:7a:c7:1e:50:df:c1:88:1d:6f:f2:02:9d:a4:b1:0a:
63:96:dc:47:a8:f5:02:25:5f:a1:33:b5:40:b1:af:af:b1:30:
42:7b:0e:aa:e9:4e:0b:87:9e:80:42:9a:53:fe:e6:87:c7:69:
cd:13:be:09:b5:16:fd:72:bb:2b:44:e6:15:dc:df:96:6b:08:
e7:84:4c:01:b8:48:10:ee:9b:c0:bd:5a:58:3e:45:25:8f:4b:
98:70:79:1b:a1:a9:b4:27:d4:19:ba:b1:c5:be:3d:a8:cd:93:
2f:29:17:66:00:12:ea:23:e2:72:05:2d:9c:e6:ca:1e:0f:fb:
15:ba:bd:72:b2:73:d2:44:e1:66:b3:d5:24:ae:ad:a9:e6:0e:
4f:db:c8:7f:59:74:52:f0:76:74:75:a5:6a:7d:f2:52:61:a6:
a8:6e:65:46:89:4a:8d:36:2c:b5:10:80:e4:e6:61:52:1b:a6:
f1:de:0a:d7:cb:34:00:63:04:6c:4a:8a:d5:f2:d4:2f:78:c5:
40:7b:3e:d2:5e:04:89:8b:05:4c:08:98:f9:84:e7:e3:f5:d3:
15:5d:c9:a4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvpw9HLooa1TWXKzuJpYLXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzczZjMyZDNjYjRlMTNlNDNmMTBhM2RjNDIyZjFmMzI3
MWJmYmEwHhcNMjMwMTAxMjMyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTkxYmFmMWYyMWEyMzM3ZjMxZmU0M2YyYTQ1OTViMjM0ZmQ4NGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbJ1OGsCN9lM1UbMnBVOWPDifIxC
8KTJlTOlAC+EX5/pyKkNo9yNRcWrlk0vyQd6MJpVIjqO8u0/XXgFSv8N3fDifriZ
OGUq1sZQuJ8IA3Z6+lmVTrgUT/qdVbT+UpD+8eaw0TOnIHjTqsiRuXniaPZ0xNsK
IXdmnuY1pxakw0jm31lTBs7sKDpBffBgkcA402cM6DJ/VeTx+XyRRUqvo9OhaqAD
CtzJ7YfnFyJb4fmTn0FxlhDI0xSYc4wOlvYpBfRTxuioFLo4ekmnGXlSG3J/IvNc
oEPCaBw2I2hctvu1H+X/AAkiBEmymnnDT9GAytkhRWhOjIFtZXEMaWeAUQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAGRuvHyGiM38x/kPypFlbI0/YTcMB8GA1UdIwQY
MBaAFBB3PzLTy04T5D8Qo9xCLx8ycb+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhjX010UExUaFBrUHhDajNFSXZIekp4djdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8wOWNhZmQtNjhiYy00MWEyLThiYWIt
ODBiODRlNGYyMGM5LzEvQVpHNjhmSWFJemZ6SC1RX0trV1ZzalQ5aE53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8wOWNhZmQtNjhiYy00MWEyLThiYWItODBiODRlNGYyMGM5
LzEvRUhjX010UExUaFBrUHhDajNFSXZIekp4djdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgpKQCJw
MA0GCSqGSIb3DQEBCwUAA4IBAQDaFdjVxqoWGof30ZckQQDSjxYTGpNopu3+FoTX
Ot3VJo3aLLouxNl6xx5Q38GIHW/yAp2ksQpjltxHqPUCJV+hM7VAsa+vsTBCew6q
6U4Lh56AQppT/uaHx2nNE74JtRb9crsrROYV3N+WawjnhEwBuEgQ7pvAvVpYPkUl
j0uYcHkboam0J9QZurHFvj2ozZMvKRdmABLqI+JyBS2c5soeD/sVur1ysnPSROFm
s9Ukrq2p5g5P28h/WXRS8HZ0daVqffJSYaaobmVGiUqNNiy1EIDk5mFSG6bx3grX
yzQAYwRsSorV8tQveMVAez7SXgSJiwVMCJj5hOfj9dMVXcmk
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:25 2024 by rpki-client on console-fra.rpki-client.org