Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/9Yu_FG1YboyAiDW0QcNZsGQ3QNo.roa
File: 9Yu_FG1YboyAiDW0QcNZsGQ3QNo.roa (raw, json)
Hash identifier: ifEbx4unIh8fny0XJeSAaH21P5a5VeFSxYH8LeiSIwo=
Subject key identifier: F5:8B:BF:14:6D:58:6E:8C:80:88:35:B4:41:C3:59:B0:64:37:40:DA
Certificate issuer: /CN=23d8448c5cb90398e4c285cec9c0f4766ac931df
Certificate serial: 018570B0AC75FCE034698947E353BB7E40A7
Authority key identifier: 23:D8:44:8C:5C:B9:03:98:E4:C2:85:CE:C9:C0:F4:76:6A:C9:31:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I9hEjFy5A5jkwoXOycD0dmrJMd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/9Yu_FG1YboyAiDW0QcNZsGQ3QNo.roa
Signing time: Mon 02 Jan 2023 04:15:04 +0000
ROA not before: Mon 02 Jan 2023 04:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35052
IP address blocks: 2001:67c:133c::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:ac:75:fc:e0:34:69:89:47:e3:53:bb:7e:40:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23d8448c5cb90398e4c285cec9c0f4766ac931df
Validity
Not Before: Jan 2 04:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f58bbf146d586e8c808835b441c359b0643740da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:07:d6:2c:fa:cc:0f:32:37:f1:50:7f:7e:3e:
ae:56:de:48:b3:ca:4a:0c:d0:42:7d:10:cc:8c:3d:
a3:be:36:22:a2:05:eb:5e:a9:5c:1e:7a:cb:93:84:
1e:7d:82:31:8c:67:62:b3:b4:db:cd:ad:eb:12:4d:
44:26:b5:07:25:b2:14:3e:b5:8d:48:34:bc:93:a9:
ac:33:f2:74:0b:05:8b:59:96:ef:9d:f7:e9:54:db:
3b:9d:ec:53:83:3b:df:36:a9:11:c6:bd:8a:08:fe:
85:3e:dc:25:d0:40:4f:2b:dd:7b:2c:83:2a:74:a1:
93:1a:28:01:5e:e2:f5:04:d3:2a:47:56:db:cc:01:
a8:33:ec:1f:a6:26:15:d2:77:14:8f:fc:6a:1c:18:
44:b0:71:37:0e:a2:35:ca:91:c7:3e:c6:22:39:57:
cd:29:98:cb:62:85:f3:2d:f1:04:3f:f4:5d:e5:25:
f6:65:a0:30:15:ac:fe:f7:ee:45:b5:b6:4c:94:2d:
68:c5:68:30:79:dd:a1:fb:5b:80:be:b2:00:dc:13:
73:16:ec:c3:21:0e:9f:57:73:c1:1b:54:98:07:a7:
5b:6b:2f:ee:fc:db:ae:ec:17:18:95:4f:c4:11:0b:
ba:c6:3a:2d:b5:96:79:06:1f:88:a2:b2:3f:2d:58:
66:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:8B:BF:14:6D:58:6E:8C:80:88:35:B4:41:C3:59:B0:64:37:40:DA
X509v3 Authority Key Identifier:
keyid:23:D8:44:8C:5C:B9:03:98:E4:C2:85:CE:C9:C0:F4:76:6A:C9:31:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9hEjFy5A5jkwoXOycD0dmrJMd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/9Yu_FG1YboyAiDW0QcNZsGQ3QNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/I9hEjFy5A5jkwoXOycD0dmrJMd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:133c::/48
Signature Algorithm: sha256WithRSAEncryption
8c:e2:3a:aa:e3:56:b3:b3:71:34:b2:23:52:87:3d:fe:5b:a6:
db:df:8c:4a:97:70:39:eb:72:2c:c7:f3:96:c8:76:65:c4:4d:
5e:0e:dc:9d:c5:8c:82:b7:db:b8:f7:aa:6f:e3:64:1b:44:e6:
55:b8:b6:ac:09:c1:7a:5b:7a:b7:d5:62:d0:2f:2a:2a:ef:24:
e3:96:44:9f:88:ea:60:dd:55:b3:73:c9:2e:1b:4a:42:92:60:
29:0b:a7:b3:6f:40:7a:a4:6a:66:3a:00:0a:e5:fe:b6:9d:f5:
0f:af:08:1d:bf:79:54:d6:6a:2f:b1:75:3f:85:67:88:e4:84:
97:49:96:eb:f9:01:c7:ec:a0:ab:04:12:ff:d2:cb:df:80:33:
84:34:f6:a2:76:ae:38:20:9c:66:92:fb:f9:17:33:87:22:45:
0d:f8:8c:5d:bd:33:67:f1:4e:bc:26:ff:bc:ef:9c:4d:65:ec:
c0:c1:88:05:21:88:d8:0d:45:f5:4d:be:89:73:bd:6f:e7:7b:
30:bc:77:38:d6:ff:a8:9b:81:e7:5a:fa:9d:b9:31:fe:cf:e8:
0a:ba:13:08:89:fc:3a:92:09:a5:f4:31:8a:7e:28:16:15:00:
94:0b:c6:2b:2a:dd:be:3c:68:d2:65:8f:91:a6:44:9d:2f:08:
00:1d:be:e3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVwsKx1/OA0aYlH41O7fkCnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZDg0NDhjNWNiOTAzOThlNGMyODVjZWM5YzBmNDc2NmFj
OTMxZGYwHhcNMjMwMTAyMDQxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNThiYmYxNDZkNTg2ZThjODA4ODM1YjQ0MWMzNTliMDY0Mzc0MGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAfWLPrMDzI38VB/fj6uVt5Is8pK
DNBCfRDMjD2jvjYiogXrXqlcHnrLk4QefYIxjGdis7Tbza3rEk1EJrUHJbIUPrWN
SDS8k6msM/J0CwWLWZbvnffpVNs7nexTgzvfNqkRxr2KCP6FPtwl0EBPK917LIMq
dKGTGigBXuL1BNMqR1bbzAGoM+wfpiYV0ncUj/xqHBhEsHE3DqI1ypHHPsYiOVfN
KZjLYoXzLfEEP/Rd5SX2ZaAwFaz+9+5FtbZMlC1oxWgwed2h+1uAvrIA3BNzFuzD
IQ6fV3PBG1SYB6dbay/u/Nuu7BcYlU/EEQu6xjottZZ5Bh+IorI/LVhmXQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPWLvxRtWG6MgIg1tEHDWbBkN0DaMB8GA1UdIwQY
MBaAFCPYRIxcuQOY5MKFzsnA9HZqyTHfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTloRWpGeTVBNWprd29YT3ljRDBkbXJKTWQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9mNGE4MGQtZjVmNy00NTIyLWI5YjUt
Zjc3MmEwMTM5MDE2LzEvOVl1X0ZHMVlib3lBaURXMFFjTlpzR1EzUU5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9mNGE4MGQtZjVmNy00NTIyLWI5YjUtZjc3MmEwMTM5MDE2
LzEvSTloRWpGeTVBNWprd29YT3ljRDBkbXJKTWQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBM8
MA0GCSqGSIb3DQEBCwUAA4IBAQCM4jqq41azs3E0siNShz3+W6bb34xKl3A563Is
x/OWyHZlxE1eDtydxYyCt9u496pv42QbROZVuLasCcF6W3q31WLQLyoq7yTjlkSf
iOpg3VWzc8kuG0pCkmApC6ezb0B6pGpmOgAK5f62nfUPrwgdv3lU1movsXU/hWeI
5ISXSZbr+QHH7KCrBBL/0svfgDOENPaidq44IJxmkvv5FzOHIkUN+IxdvTNn8U68
Jv+875xNZezAwYgFIYjYDUX1Tb6Jc71v53swvHc41v+om4HnWvqduTH+z+gKuhMI
ifw6kgml9DGKfigWFQCUC8YrKt2+PGjSZY+RpkSdLwgAHb7j
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:22:03 2024 by rpki-client on console-ams.rpki-client.org