Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/3UM7yqSZo3UqBv9Sw-E0UUDHjYo.roa
File: 3UM7yqSZo3UqBv9Sw-E0UUDHjYo.roa (raw, json)
Hash identifier: z41ACkxpW208m87L9xcSO5PIqvdsB8gGrf6RfWgkCeY=
Subject key identifier: DD:43:3B:CA:A4:99:A3:75:2A:06:FF:52:C3:E1:34:51:40:C7:8D:8A
Certificate issuer: /CN=23d8448c5cb90398e4c285cec9c0f4766ac931df
Certificate serial: 018570B0AA22D105AFBDC691D432667DA0EA
Authority key identifier: 23:D8:44:8C:5C:B9:03:98:E4:C2:85:CE:C9:C0:F4:76:6A:C9:31:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I9hEjFy5A5jkwoXOycD0dmrJMd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/3UM7yqSZo3UqBv9Sw-E0UUDHjYo.roa
Signing time: Mon 02 Jan 2023 04:15:04 +0000
ROA not before: Mon 02 Jan 2023 04:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 760
IP address blocks: 2001:62a::/31 maxlen: 31
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:aa:22:d1:05:af:bd:c6:91:d4:32:66:7d:a0:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23d8448c5cb90398e4c285cec9c0f4766ac931df
Validity
Not Before: Jan 2 04:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd433bcaa499a3752a06ff52c3e1345140c78d8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:8a:50:52:f3:cd:80:f2:4c:93:3f:d3:7f:c5:
33:6b:68:36:c8:29:2a:c2:53:81:ce:51:00:eb:26:
0d:71:96:90:8e:9a:0d:a6:78:4b:e1:48:4e:a0:7d:
c9:d8:7f:e2:ab:b2:63:e6:87:92:18:59:9d:fc:27:
bd:78:ac:f0:f5:72:f3:07:0f:60:1a:ee:78:84:fa:
17:42:f5:c5:4f:f7:64:7f:5d:64:23:65:75:30:2a:
76:3c:be:38:14:fb:4d:b9:0e:4a:90:4d:8c:8f:c5:
86:bb:e0:76:ee:82:11:a4:16:df:fb:fe:18:09:ef:
d4:07:df:f9:c5:f7:5b:87:9b:b0:86:ad:4b:b7:6f:
33:9f:95:23:35:85:63:23:49:cc:91:ac:78:ff:c8:
bb:a7:c0:d8:75:42:aa:3a:13:c0:77:1f:3d:50:a0:
b2:70:7a:b0:0c:7c:18:08:a0:17:8a:b7:9c:cd:2f:
d1:0a:a3:e2:22:43:cb:ba:df:8b:64:ae:01:61:e9:
35:27:e6:a9:53:a8:22:d6:b5:1a:c0:52:10:db:0a:
58:d3:11:ca:5e:b9:17:0b:85:f3:73:bf:9c:37:51:
6a:55:fe:31:43:9e:b9:83:e2:84:77:01:7f:5d:38:
60:20:36:94:cf:99:09:a6:85:56:41:17:97:bb:0c:
19:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:43:3B:CA:A4:99:A3:75:2A:06:FF:52:C3:E1:34:51:40:C7:8D:8A
X509v3 Authority Key Identifier:
keyid:23:D8:44:8C:5C:B9:03:98:E4:C2:85:CE:C9:C0:F4:76:6A:C9:31:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9hEjFy5A5jkwoXOycD0dmrJMd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/3UM7yqSZo3UqBv9Sw-E0UUDHjYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/I9hEjFy5A5jkwoXOycD0dmrJMd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:62a::/31
Signature Algorithm: sha256WithRSAEncryption
04:4a:8f:91:23:d2:50:3a:91:8b:ed:76:58:b6:e2:4d:35:aa:
ed:21:4c:cc:40:0f:c3:d6:d9:f7:e9:d5:a8:f5:90:60:b1:20:
60:16:85:01:0b:d7:64:fb:3c:d1:66:6d:81:de:c7:3f:ae:a1:
66:24:7c:d2:07:b6:65:26:ad:5e:52:54:22:23:69:50:65:a6:
f8:3f:f6:f3:90:e0:3b:ed:bc:2e:45:8b:e3:67:6e:ee:07:b2:
78:53:9d:06:b1:13:40:23:08:a2:1a:a6:59:b4:28:6a:c3:34:
f3:8e:e8:1b:7b:18:10:18:ed:7f:c1:09:9d:da:bd:5e:17:d9:
b6:de:6b:f0:1d:34:ac:50:9b:64:1b:09:98:cb:f8:d0:87:05:
0d:9f:da:7c:e9:87:c3:66:6f:da:53:7b:0a:a8:fe:19:0b:12:
10:5c:7c:93:3d:03:26:fb:03:0d:d8:53:b1:55:d9:61:4a:09:
c4:b4:6c:01:14:12:3a:6a:3a:14:02:2d:6e:c7:a4:c6:1f:a5:
5b:8c:2a:12:c4:0b:a1:d9:0d:1c:a9:3a:7d:09:a1:71:6d:4d:
14:12:25:37:d3:f7:bb:ab:96:12:8c:ee:6d:18:5a:1d:3f:98:
d3:5e:d1:8b:91:c2:c2:e3:09:d5:9b:c2:d2:3c:12:bc:81:34:
4d:02:8f:2c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVwsKoi0QWvvcaR1DJmfaDqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZDg0NDhjNWNiOTAzOThlNGMyODVjZWM5YzBmNDc2NmFj
OTMxZGYwHhcNMjMwMTAyMDQxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDQzM2JjYWE0OTlhMzc1MmEwNmZmNTJjM2UxMzQ1MTQwYzc4ZDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIpQUvPNgPJMkz/Tf8Uza2g2yCkq
wlOBzlEA6yYNcZaQjpoNpnhL4UhOoH3J2H/iq7Jj5oeSGFmd/Ce9eKzw9XLzBw9g
Gu54hPoXQvXFT/dkf11kI2V1MCp2PL44FPtNuQ5KkE2Mj8WGu+B27oIRpBbf+/4Y
Ce/UB9/5xfdbh5uwhq1Lt28zn5UjNYVjI0nMkax4/8i7p8DYdUKqOhPAdx89UKCy
cHqwDHwYCKAXireczS/RCqPiIkPLut+LZK4BYek1J+apU6gi1rUawFIQ2wpY0xHK
XrkXC4Xzc7+cN1FqVf4xQ565g+KEdwF/XThgIDaUz5kJpoVWQReXuwwZIwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFN1DO8qkmaN1Kgb/UsPhNFFAx42KMB8GA1UdIwQY
MBaAFCPYRIxcuQOY5MKFzsnA9HZqyTHfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTloRWpGeTVBNWprd29YT3ljRDBkbXJKTWQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9mNGE4MGQtZjVmNy00NTIyLWI5YjUt
Zjc3MmEwMTM5MDE2LzEvM1VNN3lxU1pvM1VxQnY5U3ctRTBVVURIallvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9mNGE4MGQtZjVmNy00NTIyLWI5YjUtZjc3MmEwMTM5MDE2
LzEvSTloRWpGeTVBNWprd29YT3ljRDBkbXJKTWQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUBIAEGKjAN
BgkqhkiG9w0BAQsFAAOCAQEABEqPkSPSUDqRi+12WLbiTTWq7SFMzEAPw9bZ9+nV
qPWQYLEgYBaFAQvXZPs80WZtgd7HP66hZiR80ge2ZSatXlJUIiNpUGWm+D/285Dg
O+28LkWL42du7geyeFOdBrETQCMIohqmWbQoasM0847oG3sYEBjtf8EJndq9XhfZ
tt5r8B00rFCbZBsJmMv40IcFDZ/afOmHw2Zv2lN7Cqj+GQsSEFx8kz0DJvsDDdhT
sVXZYUoJxLRsARQSOmo6FAItbsekxh+lW4wqEsQLodkNHKk6fQmhcW1NFBIlN9P3
u6uWEozubRhaHT+Y017Ri5HCwuMJ1ZvC0jwSvIE0TQKPLA==
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:37:10 2024 by rpki-client on console-fra.rpki-client.org