Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/21ZPMgy1Tr3PIM8hdSd05AcCtbc.roa
File: 21ZPMgy1Tr3PIM8hdSd05AcCtbc.roa (raw, json)
Hash identifier: hNFEm36b3LAe/V/TjGTd3pATYGxPw7gSERTQuxraC+k=
Subject key identifier: DB:56:4F:32:0C:B5:4E:BD:CF:20:CF:21:75:27:74:E4:07:02:B5:B7
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018BD1F292CAC028A72637ACAEE5DD6E5AA5
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/21ZPMgy1Tr3PIM8hdSd05AcCtbc.roa
Signing time: Wed 15 Nov 2023 07:46:57 +0000
ROA not before: Wed 15 Nov 2023 07:46:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137409
IP address blocks: 2a0f:e383::/32 maxlen: 48
2a0f:e385::/32 maxlen: 48
2a0f:e387::/32 maxlen: 48
2a0f:e384::/32 maxlen: 48
2a0f:2740::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d1:f2:92:ca:c0:28:a7:26:37:ac:ae:e5:dd:6e:5a:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Nov 15 07:46:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db564f320cb54ebdcf20cf21752774e40702b5b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:cf:ea:a1:79:43:87:58:94:57:b4:d6:cd:39:
ab:66:7d:75:4c:30:24:cc:47:47:3d:6e:9b:e3:6a:
35:41:b7:d2:a3:c7:28:80:ce:4b:16:b5:31:d4:83:
bf:09:96:e6:1b:14:e5:9c:42:b1:01:e0:50:54:d2:
d5:cd:ad:da:59:5f:de:80:34:6e:e0:a0:52:08:45:
81:01:1c:1c:26:16:3b:68:b0:cb:09:33:37:07:77:
3a:96:a5:d4:3e:84:cc:65:5b:a1:f9:70:44:ea:61:
ff:3f:24:b4:f0:bd:b4:00:2c:2e:66:c0:67:a3:f7:
db:40:ba:bd:08:ef:10:b8:73:35:ab:80:7c:98:4b:
44:7d:f6:d0:0c:e0:4f:10:07:94:94:ab:a8:07:7c:
ba:96:54:4b:e7:d8:a4:5b:30:bc:34:df:47:51:90:
b5:db:21:84:43:3a:2a:17:a6:41:47:d4:cd:b6:4b:
de:89:70:7b:b2:64:83:da:63:9c:a7:e4:7f:1e:b8:
38:25:f9:45:3e:6b:2a:06:09:cb:5c:cf:40:b5:ca:
70:ed:67:0e:28:dd:d9:f9:90:6e:57:71:f3:56:43:
df:fb:83:04:5a:a7:56:0f:87:f6:39:62:9e:2d:d8:
48:e3:3d:2a:8e:85:4f:50:9b:e0:5a:d7:cf:1d:20:
c9:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:56:4F:32:0C:B5:4E:BD:CF:20:CF:21:75:27:74:E4:07:02:B5:B7
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/21ZPMgy1Tr3PIM8hdSd05AcCtbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:2740::/29
2a0f:e383::-2a0f:e385:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:e387::/32
Signature Algorithm: sha256WithRSAEncryption
39:d1:95:1b:4a:8f:97:58:fa:a7:ff:a6:c2:83:2b:4d:aa:49:
b4:10:13:95:a3:1e:11:54:fc:82:ea:13:78:4e:80:94:7d:14:
22:b0:55:83:36:23:66:e3:88:08:62:db:74:05:3f:70:2c:04:
00:4f:a8:ab:12:fe:c5:dd:19:d0:81:af:5d:da:71:18:2d:30:
3d:b1:1f:ac:20:14:52:c2:47:cf:16:35:7a:2c:8f:42:13:11:
05:29:24:95:4d:a4:75:3a:df:c7:c6:e6:d5:6c:dd:5a:8d:e5:
d1:76:b8:32:48:b3:c3:2d:0e:8b:d2:ba:38:37:5b:fb:fa:5a:
db:00:90:6a:47:7e:fb:ec:f9:29:00:61:ad:9f:ed:72:b7:e1:
f7:9b:c4:eb:03:07:30:04:93:4e:eb:94:ee:81:f4:3b:fe:5e:
dc:34:b3:d6:d3:de:78:44:ff:c3:ed:ff:e3:31:c9:60:82:69:
1b:14:12:6b:34:23:6a:80:13:f3:b7:71:3f:18:3b:6d:74:d6:
73:19:2d:ab:11:67:5b:13:e0:f3:d5:e9:4e:85:60:0e:cb:fb:
51:ab:e4:a6:82:2a:d5:54:e5:cc:33:79:be:5a:36:9a:24:d4:
19:a0:eb:7c:3e:67:4b:53:51:de:1c:72:58:00:dc:f8:e7:56:
6d:d9:c6:72
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYvR8pLKwCinJjesruXdblqlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMxMTE1MDc0NjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjU2NGYzMjBjYjU0ZWJkY2YyMGNmMjE3NTI3NzRlNDA3MDJiNWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAic/qoXlDh1iUV7TWzTmrZn11TDAk
zEdHPW6b42o1QbfSo8cogM5LFrUx1IO/CZbmGxTlnEKxAeBQVNLVza3aWV/egDRu
4KBSCEWBARwcJhY7aLDLCTM3B3c6lqXUPoTMZVuh+XBE6mH/PyS08L20ACwuZsBn
o/fbQLq9CO8QuHM1q4B8mEtEffbQDOBPEAeUlKuoB3y6llRL59ikWzC8NN9HUZC1
2yGEQzoqF6ZBR9TNtkveiXB7smSD2mOcp+R/Hrg4JflFPmsqBgnLXM9Atcpw7WcO
KN3Z+ZBuV3HzVkPf+4MEWqdWD4f2OWKeLdhI4z0qjoVPUJvgWtfPHSDJoQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNtWTzIMtU69zyDPIXUndOQHArW3MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvMjFaUE1neTFUcjNQSU04aGRTZDA1QWNDdGJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAAjAeAwUDKg8nQDAO
AwUAKg/jgwMFASoP44QDBQAqD+OHMA0GCSqGSIb3DQEBCwUAA4IBAQA50ZUbSo+X
WPqn/6bCgytNqkm0EBOVox4RVPyC6hN4ToCUfRQisFWDNiNm44gIYtt0BT9wLAQA
T6irEv7F3RnQga9d2nEYLTA9sR+sIBRSwkfPFjV6LI9CExEFKSSVTaR1Ot/HxubV
bN1ajeXRdrgySLPDLQ6L0ro4N1v7+lrbAJBqR3777PkpAGGtn+1yt+H3m8TrAwcw
BJNO65TugfQ7/l7cNLPW0954RP/D7f/jMclggmkbFBJrNCNqgBPzt3E/GDttdNZz
GS2rEWdbE+Dz1elOhWAOy/tRq+SmgirVVOXMM3m+WjaaJNQZoOt8PmdLU1HeHHJY
ANz451Zt2cZy
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:43 2024 by rpki-client on console-ams.rpki-client.org