Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/q9XqTz2M8vjCjqmD8Y5LCwdI23M.roa
File: q9XqTz2M8vjCjqmD8Y5LCwdI23M.roa (raw, json)
Hash identifier: VgT6DaBQMOpwc21mKPGxG7UADxoEA05bXUSofBNJVhc=
Subject key identifier: AB:D5:EA:4F:3D:8C:F2:F8:C2:8E:A9:83:F1:8E:4B:0B:07:48:DB:73
Certificate issuer: /CN=8133d89c06a8a1cc9dbc362201f7ec559d7fdd48
Certificate serial: 01856FD50D8AA992704DD3DF3D227DB0BAB2
Authority key identifier: 81:33:D8:9C:06:A8:A1:CC:9D:BC:36:22:01:F7:EC:55:9D:7F:DD:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gTPYnAaoocydvDYiAffsVZ1_3Ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/q9XqTz2M8vjCjqmD8Y5LCwdI23M.roa
Signing time: Mon 02 Jan 2023 00:15:11 +0000
ROA not before: Mon 02 Jan 2023 00:15:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 2a0f:3787::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:0d:8a:a9:92:70:4d:d3:df:3d:22:7d:b0:ba:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8133d89c06a8a1cc9dbc362201f7ec559d7fdd48
Validity
Not Before: Jan 2 00:15:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=abd5ea4f3d8cf2f8c28ea983f18e4b0b0748db73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:75:1d:20:b1:34:70:87:49:32:e1:59:3d:78:
6e:6c:a9:e1:f9:e5:8a:c2:d5:b6:14:b4:f8:04:d9:
af:37:38:a7:a3:28:bf:af:6e:4f:4b:cc:ca:1c:ad:
a4:8f:fa:40:02:bf:a3:e8:29:aa:71:c3:54:53:23:
3f:95:8d:27:a1:13:22:95:80:b2:a3:dd:a9:9b:26:
6b:89:d6:1c:2c:92:cd:72:5d:5f:1c:4e:80:ed:f9:
a0:83:ce:87:74:85:67:0e:40:bc:da:03:bc:eb:d7:
5b:d8:75:68:cc:53:bf:65:ba:01:ea:e3:fc:9f:67:
c2:cc:d1:08:75:a1:07:c7:41:86:b4:68:28:68:d5:
42:d7:25:cd:f5:65:d6:1c:86:db:67:12:9c:4b:cf:
ca:42:94:e9:4d:3c:aa:7e:1b:9d:64:f4:c0:43:1e:
8c:20:05:b6:4d:b0:3c:35:19:2a:3b:fb:e0:db:92:
ed:29:06:f8:7e:61:33:22:45:b7:d1:c7:bc:58:a3:
93:d6:fe:0f:53:db:e2:86:2e:b4:c3:e3:2c:9c:72:
92:7b:95:da:26:d5:6b:26:c3:67:85:01:1e:11:bb:
49:1b:22:c4:41:40:f6:35:40:94:49:17:c1:53:bd:
9e:43:aa:d4:b3:d0:b0:71:36:da:20:64:cf:87:ee:
6d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:D5:EA:4F:3D:8C:F2:F8:C2:8E:A9:83:F1:8E:4B:0B:07:48:DB:73
X509v3 Authority Key Identifier:
keyid:81:33:D8:9C:06:A8:A1:CC:9D:BC:36:22:01:F7:EC:55:9D:7F:DD:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gTPYnAaoocydvDYiAffsVZ1_3Ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/q9XqTz2M8vjCjqmD8Y5LCwdI23M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/gTPYnAaoocydvDYiAffsVZ1_3Ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:3787::/32
Signature Algorithm: sha256WithRSAEncryption
34:a8:ef:9d:a9:a9:33:55:e1:dc:7d:ac:d8:4b:9d:70:91:c1:
36:46:58:99:1b:31:db:e1:90:66:e4:73:52:82:47:fd:b0:a0:
8b:9e:34:35:a0:1e:bb:86:73:4d:2e:85:9e:a8:25:09:59:9c:
f5:2a:97:32:79:24:54:10:c5:91:4a:47:d5:b9:4c:53:ce:35:
74:08:12:6a:57:2b:b9:e0:c0:7f:04:30:b6:6f:ec:13:85:9a:
f1:9a:35:17:ad:cb:4d:99:f5:a4:7a:db:a4:18:eb:a5:af:ef:
96:2b:87:15:8d:69:c4:3b:02:5d:03:80:50:77:a1:95:80:5d:
fb:04:3c:c8:66:06:ce:1a:99:31:a8:3e:53:d0:03:05:94:e6:
90:15:c4:ae:7c:d3:c5:c8:30:96:1c:5b:35:a7:3b:91:b4:14:
0e:42:cf:02:b2:7c:84:dc:5e:da:61:79:b3:36:cb:3f:ad:21:
78:d1:bf:97:37:2e:5b:ee:41:5f:27:8f:73:e7:c4:e2:a4:11:
31:f9:9b:2f:41:18:bf:ae:f6:03:b0:4a:a2:6d:88:a8:8f:46:
f4:5b:d5:e6:ce:81:31:53:93:38:3b:bb:c2:64:27:84:7c:e9:
67:9c:de:7a:0c:a5:ee:7b:0a:df:5a:03:ec:f1:c5:af:3d:22:
6a:b3:52:89
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVv1Q2KqZJwTdPfPSJ9sLqyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxMzNkODljMDZhOGExY2M5ZGJjMzYyMjAxZjdlYzU1OWQ3
ZmRkNDgwHhcNMjMwMTAyMDAxNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmQ1ZWE0ZjNkOGNmMmY4YzI4ZWE5ODNmMThlNGIwYjA3NDhkYjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHUdILE0cIdJMuFZPXhubKnh+eWK
wtW2FLT4BNmvNzinoyi/r25PS8zKHK2kj/pAAr+j6CmqccNUUyM/lY0noRMilYCy
o92pmyZridYcLJLNcl1fHE6A7fmgg86HdIVnDkC82gO869db2HVozFO/ZboB6uP8
n2fCzNEIdaEHx0GGtGgoaNVC1yXN9WXWHIbbZxKcS8/KQpTpTTyqfhudZPTAQx6M
IAW2TbA8NRkqO/vg25LtKQb4fmEzIkW30ce8WKOT1v4PU9vihi60w+MsnHKSe5Xa
JtVrJsNnhQEeEbtJGyLEQUD2NUCUSRfBU72eQ6rUs9CwcTbaIGTPh+5tMQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKvV6k89jPL4wo6pg/GOSwsHSNtzMB8GA1UdIwQY
MBaAFIEz2JwGqKHMnbw2IgH37FWdf91IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1RQWW5BYW9vY3lkdkRZaUFmZnNWWjFfM1VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9lOTBmZjItNmM5MS00ZWI4LWE0YjEt
YzVmZWJlNDg3YzQwLzEvcTlYcVR6Mk04dmpDanFtRDhZNUxDd2RJMjNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9lOTBmZjItNmM5MS00ZWI4LWE0YjEtYzVmZWJlNDg3YzQw
LzEvZ1RQWW5BYW9vY3lkdkRZaUFmZnNWWjFfM1VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg83hzAN
BgkqhkiG9w0BAQsFAAOCAQEANKjvnampM1Xh3H2s2EudcJHBNkZYmRsx2+GQZuRz
UoJH/bCgi540NaAeu4ZzTS6FnqglCVmc9SqXMnkkVBDFkUpH1blMU841dAgSalcr
ueDAfwQwtm/sE4Wa8Zo1F63LTZn1pHrbpBjrpa/vliuHFY1pxDsCXQOAUHehlYBd
+wQ8yGYGzhqZMag+U9ADBZTmkBXErnzTxcgwlhxbNac7kbQUDkLPArJ8hNxe2mF5
szbLP60heNG/lzcuW+5BXyePc+fE4qQRMfmbL0EYv672A7BKom2IqI9G9FvV5s6B
MVOTODu7wmQnhHzpZ5zeegyl7nsK31oD7PHFrz0iarNSiQ==
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:14 2024 by rpki-client on console-fra.rpki-client.org