Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/PJ3kp408ktdk6kC8iS-qNOWD7Xs.roa
File: PJ3kp408ktdk6kC8iS-qNOWD7Xs.roa (raw, json)
Hash identifier: zp3m05hdBlueVEDBCAsdmlGxLJz415DguMCOtD6xDzA=
Subject key identifier: 3C:9D:E4:A7:8D:3C:92:D7:64:EA:40:BC:89:2F:AA:34:E5:83:ED:7B
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 018571C329369D347026F665A0760001CB3C
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/PJ3kp408ktdk6kC8iS-qNOWD7Xs.roa
Signing time: Mon 02 Jan 2023 09:14:53 +0000
ROA not before: Mon 02 Jan 2023 09:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211230
IP address blocks: 2a06:e881:79ff::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:c3:29:36:9d:34:70:26:f6:65:a0:76:00:01:cb:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Jan 2 09:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c9de4a78d3c92d764ea40bc892faa34e583ed7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d9:f8:57:cd:a6:d9:64:14:96:76:ff:e8:c7:
58:32:39:b6:a9:68:e2:e8:4f:27:e0:45:dd:00:ba:
19:de:d1:52:dc:9a:7c:da:18:e9:26:90:a6:e8:77:
99:64:b6:07:21:6d:4d:61:fb:71:2d:a6:87:53:8a:
4b:85:ff:0c:99:c9:84:ef:3b:49:5a:d5:c1:a1:37:
3e:62:a2:4e:02:32:69:1c:87:20:b0:ea:68:cf:ad:
72:ef:3b:48:1c:3d:3b:7c:f9:b8:45:a6:c4:1d:0d:
17:9e:4d:08:3a:59:57:cc:e1:41:0f:76:26:2a:5d:
6a:d2:c6:5a:51:5b:a2:3e:b1:43:3d:4b:43:9b:7a:
26:d7:54:73:83:85:c7:17:60:95:93:d6:e5:de:0f:
c7:5c:1b:dd:a2:20:58:6f:fe:c4:68:69:9b:4d:4b:
ac:be:5f:7e:50:93:bf:73:31:c4:d8:a4:3d:e7:aa:
8a:57:42:1e:4d:97:b0:5c:b2:f3:f5:41:51:99:7c:
a5:3a:27:d9:d0:c8:95:65:60:a9:30:05:34:87:f9:
17:e1:ef:fb:89:40:d8:f8:f0:f0:76:bf:78:26:aa:
c8:e0:54:6c:44:6f:e5:2d:25:de:de:d2:11:75:63:
9b:c2:69:00:e7:f8:fb:71:2e:81:1e:6e:f0:6e:82:
fd:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:9D:E4:A7:8D:3C:92:D7:64:EA:40:BC:89:2F:AA:34:E5:83:ED:7B
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/PJ3kp408ktdk6kC8iS-qNOWD7Xs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:e881:79ff::/48
Signature Algorithm: sha256WithRSAEncryption
05:5d:ce:0a:c2:80:35:6d:67:ff:0a:1e:33:29:18:a1:08:2f:
b8:8f:13:e8:b2:db:86:c9:2f:df:a6:f9:13:16:0d:b5:5f:1e:
98:79:77:f6:23:fb:a2:61:a8:c9:7e:f8:2d:d5:9c:e7:a6:8d:
71:2f:34:1d:1e:f5:1e:80:2c:75:94:ef:a2:e0:9b:7d:49:cb:
bb:51:45:da:f9:58:2b:77:8b:1e:4c:26:08:a8:f4:12:cd:04:
9b:04:96:e8:e3:0a:1a:03:13:b1:31:48:00:c9:de:6f:be:0c:
dd:d7:7f:55:19:83:64:de:0e:03:f8:f2:06:6c:8c:8a:09:bd:
82:e2:4e:a4:b0:57:65:6e:58:cc:bc:5e:df:78:5c:a1:ad:10:
6f:7a:a1:3b:fb:be:55:aa:57:1a:92:ba:49:fb:f8:f3:2e:dc:
41:34:da:ca:71:72:01:67:99:64:c0:56:0c:c1:0a:ef:cf:c0:
26:73:6f:ef:ea:00:45:ed:36:b4:b5:d9:0f:07:84:1e:b5:b3:
fe:35:ea:88:d1:cf:72:a1:b2:40:b3:9c:5e:b7:c3:83:74:66:
b0:2c:a9:3e:b3:8e:60:05:25:bb:3d:72:e8:c7:8b:e8:26:3e:
f7:c7:e0:47:18:ff:9c:8f:dd:0b:4b:c1:08:6f:ca:bf:3a:56:
b0:af:6a:25
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxwyk2nTRwJvZloHYAAcs8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjMwMTAyMDkxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzlkZTRhNzhkM2M5MmQ3NjRlYTQwYmM4OTJmYWEzNGU1ODNlZDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdn4V82m2WQUlnb/6MdYMjm2qWji
6E8n4EXdALoZ3tFS3Jp82hjpJpCm6HeZZLYHIW1NYftxLaaHU4pLhf8MmcmE7ztJ
WtXBoTc+YqJOAjJpHIcgsOpoz61y7ztIHD07fPm4RabEHQ0Xnk0IOllXzOFBD3Ym
Kl1q0sZaUVuiPrFDPUtDm3om11Rzg4XHF2CVk9bl3g/HXBvdoiBYb/7EaGmbTUus
vl9+UJO/czHE2KQ956qKV0IeTZewXLLz9UFRmXylOifZ0MiVZWCpMAU0h/kX4e/7
iUDY+PDwdr94JqrI4FRsRG/lLSXe3tIRdWObwmkA5/j7cS6BHm7wboL94wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDyd5KeNPJLXZOpAvIkvqjTlg+17MB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvUEoza3A0MDhrdGRrNmtDOGlTLXFOT1dEN1hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgbogXn/
MA0GCSqGSIb3DQEBCwUAA4IBAQAFXc4KwoA1bWf/Ch4zKRihCC+4jxPostuGyS/f
pvkTFg21Xx6YeXf2I/uiYajJfvgt1Zznpo1xLzQdHvUegCx1lO+i4Jt9Scu7UUXa
+Vgrd4seTCYIqPQSzQSbBJbo4woaAxOxMUgAyd5vvgzd139VGYNk3g4D+PIGbIyK
Cb2C4k6ksFdlbljMvF7feFyhrRBveqE7+75VqlcakrpJ+/jzLtxBNNrKcXIBZ5lk
wFYMwQrvz8Amc2/v6gBF7Ta0tdkPB4QetbP+NeqI0c9yobJAs5xet8ODdGawLKk+
s45gBSW7PXLox4voJj73x+BHGP+cj90LS8EIb8q/Olawr2ol
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:16 2024 by rpki-client on console-fra.rpki-client.org