Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/lYj-Z2ahJkbV73NKKM_XVokpC2o.roa
File: lYj-Z2ahJkbV73NKKM_XVokpC2o.roa (raw, json)
Hash identifier: tDFr8+ooGfEurFsFzSs9ArDmiwtr3hmFFia/qkWykzQ=
Subject key identifier: 95:88:FE:67:66:A1:26:46:D5:EF:73:4A:28:CF:D7:56:89:29:0B:6A
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 018B3DC2ECC4E5E15C5C3F33DFB09BBC2D27
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/lYj-Z2ahJkbV73NKKM_XVokpC2o.roa
Signing time: Tue 17 Oct 2023 13:11:06 +0000
ROA not before: Tue 17 Oct 2023 13:11:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212786
IP address blocks: 2a10:12c0::/29 maxlen: 29
2a0e:5780::/29 maxlen: 29
2a0e:2b00::/29 maxlen: 29
2a09:e980::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3d:c2:ec:c4:e5:e1:5c:5c:3f:33:df:b0:9b:bc:2d:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Oct 17 13:11:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9588fe6766a12646d5ef734a28cfd75689290b6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:24:30:12:ba:5b:94:57:70:03:f4:9f:53:a9:
89:2a:4c:b1:f8:77:b6:55:01:0b:fd:f8:22:a4:6d:
0b:4c:b6:ca:f0:d3:c1:6e:08:03:a5:7f:07:07:31:
27:de:47:84:ba:1e:97:b9:51:08:e8:4d:89:79:cc:
ca:d5:0e:8f:18:6e:1d:cb:be:b8:0a:64:a0:e8:e2:
4b:a4:38:5b:96:ad:15:65:66:cf:b3:50:35:f9:ec:
b7:37:0b:83:08:2d:cd:f9:d3:bc:6c:d1:ab:06:b4:
76:e9:c5:9b:fd:4b:53:71:6d:ca:74:57:08:d7:33:
1a:e1:8c:23:db:c2:df:b6:35:04:a9:22:52:7f:5d:
f8:3d:ac:19:01:62:a4:00:f0:53:ad:c7:3b:af:51:
4e:1f:a3:29:56:42:3b:ad:07:f2:36:a9:5e:3c:73:
54:15:fb:4b:5a:58:d3:a9:81:05:fc:63:bc:33:d3:
1f:66:d3:20:8c:82:fa:16:03:c7:e9:46:93:18:f8:
9f:1f:bd:90:79:d0:5d:6e:9f:1d:84:1b:60:a0:4e:
9b:7c:51:54:30:26:48:ba:5f:6e:53:e5:b4:90:d1:
12:82:19:5c:1e:9b:83:aa:6d:a2:49:81:33:77:94:
d0:f3:d9:ac:31:71:71:f2:8e:07:55:7c:ba:36:81:
d3:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:88:FE:67:66:A1:26:46:D5:EF:73:4A:28:CF:D7:56:89:29:0B:6A
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/lYj-Z2ahJkbV73NKKM_XVokpC2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:e980::/29
2a0e:2b00::/29
2a0e:5780::/29
2a10:12c0::/29
Signature Algorithm: sha256WithRSAEncryption
47:2a:7b:ea:5a:57:7d:55:6c:27:0e:a2:37:49:4c:e2:f0:6b:
aa:9c:e7:20:e6:8f:f3:9b:94:7f:3d:d3:94:f4:83:3a:a0:08:
31:dc:c6:7f:96:4b:76:cf:67:e6:a3:e0:9c:42:95:7c:dc:ce:
d2:31:1a:87:f0:6e:2f:cb:46:76:ca:8b:54:76:9d:96:bd:a1:
0a:93:1d:ae:f0:d0:0b:50:8b:cc:ad:73:ca:08:bc:7c:df:ac:
98:b1:a7:0b:69:37:e2:cb:29:02:ac:a5:ff:f8:8f:e0:ce:3f:
85:55:05:3f:73:1c:18:2e:5c:7e:5a:af:df:ea:81:79:34:b1:
54:d2:26:2e:0b:32:a3:97:bb:ce:fd:cf:ac:8e:34:f2:4d:81:
5d:fb:4c:8f:6a:ca:1e:30:b6:f5:6a:92:61:33:d8:21:9e:b3:
6b:c6:66:39:94:1a:2b:c0:51:e9:43:4f:17:34:e8:61:2c:91:
29:0e:3f:3f:e3:63:ed:6b:c1:f4:0f:51:d8:62:99:2b:f3:2b:
ae:6f:7f:7b:b5:2a:79:52:26:9b:a1:4a:95:ad:54:67:dd:95:
34:61:0e:c2:ae:57:5d:aa:f1:25:f8:70:5c:72:47:90:da:ca:
ca:d3:c2:2a:76:95:ab:c8:c1:66:ef:60:58:3d:29:58:57:47:
5b:f6:18:5a
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYs9wuzE5eFcXD8z37CbvC0nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjMxMDE3MTMxMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTg4ZmU2NzY2YTEyNjQ2ZDVlZjczNGEyOGNmZDc1Njg5MjkwYjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9CQwErpblFdwA/SfU6mJKkyx+He2
VQEL/fgipG0LTLbK8NPBbggDpX8HBzEn3keEuh6XuVEI6E2JeczK1Q6PGG4dy764
CmSg6OJLpDhblq0VZWbPs1A1+ey3NwuDCC3N+dO8bNGrBrR26cWb/UtTcW3KdFcI
1zMa4Ywj28LftjUEqSJSf134PawZAWKkAPBTrcc7r1FOH6MpVkI7rQfyNqlePHNU
FftLWljTqYEF/GO8M9MfZtMgjIL6FgPH6UaTGPifH72QedBdbp8dhBtgoE6bfFFU
MCZIul9uU+W0kNESghlcHpuDqm2iSYEzd5TQ89msMXFx8o4HVXy6NoHT0QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFJWI/mdmoSZG1e9zSijP11aJKQtqMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvbFlqLVoyYWhKa2JWNzNOS0tNX1hWb2twQzJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgnpgAMF
AyoOKwADBQMqDleAAwUDKhASwDANBgkqhkiG9w0BAQsFAAOCAQEARyp76lpXfVVs
Jw6iN0lM4vBrqpznIOaP85uUfz3TlPSDOqAIMdzGf5ZLds9n5qPgnEKVfNzO0jEa
h/BuL8tGdsqLVHadlr2hCpMdrvDQC1CLzK1zygi8fN+smLGnC2k34sspAqyl//iP
4M4/hVUFP3McGC5cflqv3+qBeTSxVNImLgsyo5e7zv3PrI408k2BXftMj2rKHjC2
9WqSYTPYIZ6za8ZmOZQaK8BR6UNPFzToYSyRKQ4/P+Nj7WvB9A9R2GKZK/Mrrm9/
e7UqeVImm6FKla1UZ92VNGEOwq5XXarxJfhwXHJHkNrKytPCKnaVq8jBZu9gWD0p
WFdHW/YYWg==
-----END CERTIFICATE-----
Generated at Tue Nov 7 08:49:27 2023 by rpki-client on console-ams.rpki-client.org