Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/ba66f2-de3e-4de8-bd65-22f23fe29287/1/ipExGRE4tLYZ4wgPDQCos8qoTJg.roa
File: ipExGRE4tLYZ4wgPDQCos8qoTJg.roa (raw, json)
Hash identifier: Ld4zlHckNa5e4VzhuZX63QPC2fHrgFIR5Gps/QOnAOA=
Subject key identifier: 8A:91:31:19:11:38:B4:B6:19:E3:08:0F:0D:00:A8:B3:CA:A8:4C:98
Certificate issuer: /CN=480e3cf0d122574c7e7b3bf034d0d3d013eebc15
Certificate serial: 01856E5D434F3732676E9889F52A52DD537B
Authority key identifier: 48:0E:3C:F0:D1:22:57:4C:7E:7B:3B:F0:34:D0:D3:D0:13:EE:BC:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SA488NEiV0x-ezvwNNDT0BPuvBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/ba66f2-de3e-4de8-bd65-22f23fe29287/1/ipExGRE4tLYZ4wgPDQCos8qoTJg.roa
Signing time: Sun 01 Jan 2023 17:24:43 +0000
ROA not before: Sun 01 Jan 2023 17:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 2001:67c:ac0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:43:4f:37:32:67:6e:98:89:f5:2a:52:dd:53:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=480e3cf0d122574c7e7b3bf034d0d3d013eebc15
Validity
Not Before: Jan 1 17:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a9131191138b4b619e3080f0d00a8b3caa84c98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b6:03:fe:fd:16:de:70:82:b2:68:b3:08:8e:
73:9e:e3:0a:fb:7f:61:d1:b1:73:18:0b:77:cd:3c:
88:3c:eb:a3:fe:7a:f2:3f:f0:f7:dd:84:77:40:20:
4a:cb:9a:c2:cd:fd:3c:a8:5b:a0:4e:d0:b2:b1:b2:
05:b0:97:4e:fc:7f:ac:61:a9:38:6f:30:70:f1:43:
e4:79:57:a1:b5:3f:c1:c3:a4:e5:2b:ca:e3:c4:0b:
21:71:e3:d3:0d:90:98:6e:65:e2:17:52:ec:57:94:
79:50:b3:e8:3a:1f:98:ea:25:7c:2d:6b:ea:e9:b1:
ac:e2:23:05:b0:dd:b1:50:71:d0:b4:cf:f7:b5:0d:
28:fa:78:98:cc:81:31:d8:b8:58:e2:ef:8c:60:74:
19:f3:56:90:5d:5f:ff:00:4f:ce:7e:3b:7e:f3:82:
99:b9:40:d0:f9:a3:88:7f:be:a5:0f:82:97:d0:f3:
d4:9d:30:c7:db:79:51:52:0e:88:78:96:9c:22:9f:
13:08:d4:bb:8d:0f:8c:30:d8:d7:eb:1e:f9:5a:8e:
89:c6:d6:c0:4a:6f:c4:84:82:f4:f7:92:47:f9:07:
aa:04:4c:ab:cc:f9:a7:a7:95:50:7a:9b:6b:76:6a:
fd:ca:b6:70:62:6c:45:5d:68:9b:a7:83:d8:dc:52:
45:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:91:31:19:11:38:B4:B6:19:E3:08:0F:0D:00:A8:B3:CA:A8:4C:98
X509v3 Authority Key Identifier:
keyid:48:0E:3C:F0:D1:22:57:4C:7E:7B:3B:F0:34:D0:D3:D0:13:EE:BC:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SA488NEiV0x-ezvwNNDT0BPuvBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/ba66f2-de3e-4de8-bd65-22f23fe29287/1/ipExGRE4tLYZ4wgPDQCos8qoTJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/ba66f2-de3e-4de8-bd65-22f23fe29287/1/SA488NEiV0x-ezvwNNDT0BPuvBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:ac0::/48
Signature Algorithm: sha256WithRSAEncryption
88:64:03:e0:fd:2c:39:13:79:33:b9:a0:a2:1b:2e:8d:04:0a:
bf:d8:14:19:cc:74:35:80:7d:0a:3a:c3:82:48:a0:90:5b:ad:
e0:f3:43:42:36:a8:67:3d:1e:26:4b:94:24:7b:ec:f1:ec:a9:
e1:d5:12:6b:27:81:9e:04:28:5a:66:2d:6b:88:28:9e:b3:63:
9d:2f:4f:f8:37:b3:75:c1:be:e0:0c:ea:51:22:91:cd:4a:b0:
ac:d1:a7:95:df:55:0f:60:a9:f5:0b:27:c9:78:9c:d8:b6:9e:
e4:05:48:7c:c0:37:a3:1c:ee:55:6e:ae:89:8f:4e:cb:09:ad:
3f:ae:2c:dc:af:85:8c:e9:72:29:24:8c:8a:9a:c3:ee:99:00:
b5:e5:c2:5c:e5:0e:08:08:b6:2f:a0:37:2f:ee:5c:59:ef:b5:
02:9f:eb:19:56:86:d3:79:9d:f1:87:0c:82:78:cb:0e:8c:cd:
22:9e:1d:17:ce:42:02:60:82:0b:a3:38:88:ec:60:b4:3f:50:
5b:fa:b2:bb:5c:02:c8:6b:32:08:6a:15:73:c9:2c:23:c3:fd:
6d:89:bb:ae:e0:f6:a2:f1:ae:de:3f:90:0a:ed:a9:49:0c:80:
01:55:8a:04:a0:d9:05:ac:f5:0f:58:87:f3:f9:d8:a4:6d:13:
54:f6:c9:a1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVuXUNPNzJnbpiJ9SpS3VN7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MGUzY2YwZDEyMjU3NGM3ZTdiM2JmMDM0ZDBkM2QwMTNl
ZWJjMTUwHhcNMjMwMTAxMTcyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTkxMzExOTExMzhiNGI2MTllMzA4MGYwZDAwYThiM2NhYTg0Yzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLYD/v0W3nCCsmizCI5znuMK+39h
0bFzGAt3zTyIPOuj/nryP/D33YR3QCBKy5rCzf08qFugTtCysbIFsJdO/H+sYak4
bzBw8UPkeVehtT/Bw6TlK8rjxAshcePTDZCYbmXiF1LsV5R5ULPoOh+Y6iV8LWvq
6bGs4iMFsN2xUHHQtM/3tQ0o+niYzIEx2LhY4u+MYHQZ81aQXV//AE/Ofjt+84KZ
uUDQ+aOIf76lD4KX0PPUnTDH23lRUg6IeJacIp8TCNS7jQ+MMNjX6x75Wo6JxtbA
Sm/EhIL095JH+QeqBEyrzPmnp5VQeptrdmr9yrZwYmxFXWibp4PY3FJFQwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIqRMRkROLS2GeMIDw0AqLPKqEyYMB8GA1UdIwQY
MBaAFEgOPPDRIldMfns78DTQ09AT7rwVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0E0ODhORWlWMHgtZXp2d05ORFQwQlB1dkJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9iYTY2ZjItZGUzZS00ZGU4LWJkNjUt
MjJmMjNmZTI5Mjg3LzEvaXBFeEdSRTR0TFlaNHdnUERRQ29zOHFvVEpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9iYTY2ZjItZGUzZS00ZGU4LWJkNjUtMjJmMjNmZTI5Mjg3
LzEvU0E0ODhORWlWMHgtZXp2d05ORFQwQlB1dkJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfArA
MA0GCSqGSIb3DQEBCwUAA4IBAQCIZAPg/Sw5E3kzuaCiGy6NBAq/2BQZzHQ1gH0K
OsOCSKCQW63g80NCNqhnPR4mS5Qke+zx7Knh1RJrJ4GeBChaZi1riCies2OdL0/4
N7N1wb7gDOpRIpHNSrCs0aeV31UPYKn1CyfJeJzYtp7kBUh8wDejHO5Vbq6Jj07L
Ca0/rizcr4WM6XIpJIyKmsPumQC15cJc5Q4ICLYvoDcv7lxZ77UCn+sZVobTeZ3x
hwyCeMsOjM0inh0XzkICYIILoziI7GC0P1Bb+rK7XALIazIIahVzySwjw/1tibuu
4Pai8a7eP5AK7alJDIABVYoEoNkFrPUPWIfz+dikbRNU9smh
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:38:01 2024 by rpki-client on console-fra.rpki-client.org