Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/ew0y9WWcjQjFz3WBCQ1urSpvtE4.roa
File: ew0y9WWcjQjFz3WBCQ1urSpvtE4.roa (raw, json)
Hash identifier: 0ynWtS13yM1+BPUB9L+RCBMgegIPA4jJe9KaEOegFjk=
Subject key identifier: 7B:0D:32:F5:65:9C:8D:08:C5:CF:75:81:09:0D:6E:AD:2A:6F:B4:4E
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 01856FF971CDDAC443A64B4AAEB4931755F8
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/ew0y9WWcjQjFz3WBCQ1urSpvtE4.roa
Signing time: Mon 02 Jan 2023 00:54:56 +0000
ROA not before: Mon 02 Jan 2023 00:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203629
IP address blocks: 2a0f:cf84::/30 maxlen: 30
2a09:3800::/30 maxlen: 30
2a0b:ab04::/30 maxlen: 30
2a09:3b04::/30 maxlen: 30
2a0c:e8c4::/30 maxlen: 30
2a0a:2880::/30 maxlen: 30
2a09:3804::/30 maxlen: 30
2a0a:2884::/30 maxlen: 30
2a10:d8c4::/30 maxlen: 30
2a0d:2e44::/30 maxlen: 30
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:71:cd:da:c4:43:a6:4b:4a:ae:b4:93:17:55:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Jan 2 00:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b0d32f5659c8d08c5cf7581090d6ead2a6fb44e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f9:96:d4:05:07:c7:e4:1a:a8:24:35:2d:bd:
0b:c9:f2:0e:9f:b2:45:78:a2:f4:6b:96:14:68:5c:
c0:6b:86:80:17:9a:cc:f1:cf:97:01:23:00:82:d9:
1d:69:f9:08:84:9f:13:9a:1d:31:0d:da:50:6e:33:
23:8f:de:2b:da:c8:48:a2:e4:33:0b:ba:07:b2:11:
04:89:c4:b5:17:59:8b:b5:fc:6d:8a:cd:30:81:20:
a8:81:ef:b0:08:15:c6:75:e5:e8:a4:b4:e8:df:2b:
aa:b4:71:6d:76:63:10:e4:74:93:3c:56:32:d2:c9:
fe:a1:4d:d8:3a:3e:93:29:68:bd:21:8b:01:20:58:
f3:a5:3e:16:93:40:a6:f5:00:1f:50:b8:70:6a:7a:
05:8b:e6:71:0c:ad:49:74:84:74:b0:f3:da:87:46:
14:ae:4f:cb:66:ff:8d:86:8d:53:79:b7:8e:08:eb:
05:24:9d:9e:73:54:1a:bd:bb:ba:72:24:cf:d1:52:
a7:c6:35:56:19:13:ae:1c:13:2d:3f:8e:68:c7:dc:
23:88:ea:cd:0b:9e:b4:8b:c0:93:b8:16:cd:83:b4:
5c:ea:05:25:6a:79:36:94:a8:ca:af:77:d4:60:33:
91:31:e7:14:a3:24:b6:65:58:71:c8:27:f9:d0:4f:
c9:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:0D:32:F5:65:9C:8D:08:C5:CF:75:81:09:0D:6E:AD:2A:6F:B4:4E
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/ew0y9WWcjQjFz3WBCQ1urSpvtE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:3800::/29
2a09:3b04::/30
2a0a:2880::/29
2a0b:ab04::/30
2a0c:e8c4::/30
2a0d:2e44::/30
2a0f:cf84::/30
2a10:d8c4::/30
Signature Algorithm: sha256WithRSAEncryption
06:0a:bb:cb:26:2d:93:9f:06:e0:ac:53:17:3c:65:a8:16:0b:
ea:09:12:2c:02:cc:0a:6c:c7:7d:b7:e8:91:f2:b4:0f:71:83:
07:7e:4c:fc:32:75:a1:eb:fc:e3:be:83:cf:76:13:9c:d8:4e:
53:cc:1e:fd:41:3d:0c:f7:eb:12:cf:7c:9f:dd:0f:fe:ea:18:
53:de:69:a7:2b:c6:ab:87:b4:4c:ea:c5:fe:3a:7a:52:c9:4f:
9c:da:54:79:73:8f:45:33:43:08:07:ef:35:18:44:78:95:c3:
91:54:a7:19:bb:d1:b3:89:ca:8e:96:b6:49:85:92:6d:42:93:
c7:51:b4:da:d6:d8:96:9d:c3:0e:03:53:e0:58:2c:42:01:29:
83:a2:7c:50:b7:47:b7:72:00:74:e8:be:6f:63:cf:90:47:72:
cf:1c:8d:0d:0c:32:03:d3:80:79:ff:07:58:a0:0a:e9:32:20:
1d:54:fa:6d:d2:44:dc:76:e0:27:d4:5c:5e:77:5c:9b:81:07:
e0:9b:78:01:a6:c8:66:4b:82:7b:fb:22:4d:b8:c4:c8:db:f3:
81:ad:53:f5:08:53:92:b0:34:ba:9c:18:2a:16:9f:5f:52:57:
80:cb:a5:86:98:c0:76:42:29:45:d7:43:88:90:47:26:1b:30:
bd:3d:b4:46
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYVv+XHN2sRDpktKrrSTF1X4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMwMTAyMDA1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjBkMzJmNTY1OWM4ZDA4YzVjZjc1ODEwOTBkNmVhZDJhNmZiNDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/mW1AUHx+QaqCQ1Lb0LyfIOn7JF
eKL0a5YUaFzAa4aAF5rM8c+XASMAgtkdafkIhJ8Tmh0xDdpQbjMjj94r2shIouQz
C7oHshEEicS1F1mLtfxtis0wgSCoge+wCBXGdeXopLTo3yuqtHFtdmMQ5HSTPFYy
0sn+oU3YOj6TKWi9IYsBIFjzpT4Wk0Cm9QAfULhwanoFi+ZxDK1JdIR0sPPah0YU
rk/LZv+Nho1TebeOCOsFJJ2ec1Qavbu6ciTP0VKnxjVWGROuHBMtP45ox9wjiOrN
C560i8CTuBbNg7Rc6gUlank2lKjKr3fUYDORMecUoyS2ZVhxyCf50E/JOQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFHsNMvVlnI0Ixc91gQkNbq0qb7ROMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvZXcweTlXV2NqUWpGejNXQkNRMXVyU3B2dEU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUDKgk4AAMF
AioJOwQDBQMqCiiAAwUCKgurBAMFAioM6MQDBQIqDS5EAwUCKg/PhAMFAioQ2MQw
DQYJKoZIhvcNAQELBQADggEBAAYKu8smLZOfBuCsUxc8ZagWC+oJEiwCzApsx323
6JHytA9xgwd+TPwydaHr/OO+g892E5zYTlPMHv1BPQz36xLPfJ/dD/7qGFPeaacr
xquHtEzqxf46elLJT5zaVHlzj0UzQwgH7zUYRHiVw5FUpxm70bOJyo6WtkmFkm1C
k8dRtNrW2Jadww4DU+BYLEIBKYOifFC3R7dyAHTovm9jz5BHcs8cjQ0MMgPTgHn/
B1igCukyIB1U+m3SRNx24CfUXF53XJuBB+CbeAGmyGZLgnv7Ik24xMjb84GtU/UI
U5KwNLqcGCoWn19SV4DLpYaYwHZCKUXXQ4iQRyYbML09tEY=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:32 2023 by rpki-client on console-ams.rpki-client.org