Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/y8kD4Z5MvFkf0CnzNR7rjVKpu54.roa
File: y8kD4Z5MvFkf0CnzNR7rjVKpu54.roa (raw, json)
Hash identifier: TLD6/t0OLMmu2HoL3CJPVYx28ilDquc5zSZwmPd3hUo=
Subject key identifier: CB:C9:03:E1:9E:4C:BC:59:1F:D0:29:F3:35:1E:EB:8D:52:A9:BB:9E
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 018570FB90C80CC1164F2EA28C55390C16FD
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/y8kD4Z5MvFkf0CnzNR7rjVKpu54.roa
Signing time: Mon 02 Jan 2023 05:36:52 +0000
ROA not before: Mon 02 Jan 2023 05:36:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31605
IP address blocks: 2a0f:56c4::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:90:c8:0c:c1:16:4f:2e:a2:8c:55:39:0c:16:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Jan 2 05:36:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cbc903e19e4cbc591fd029f3351eeb8d52a9bb9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:9b:3c:49:37:95:63:a3:1e:63:0e:32:63:bc:
3e:85:da:c8:f2:1a:1b:cb:b5:0f:7f:00:21:de:a6:
8c:bd:43:44:ea:64:ca:0f:7f:b8:8a:91:9a:2b:53:
28:68:e7:45:e5:d6:12:c4:65:42:29:5b:db:45:11:
c6:1d:77:5a:87:55:bc:18:34:b2:ed:36:05:43:6c:
2d:62:f9:d9:8f:80:e9:7a:87:b2:68:c5:8f:6f:3e:
b0:ff:57:0e:3c:95:ad:93:af:f8:02:9b:cb:f2:d2:
56:88:5e:e2:77:12:d6:98:1f:48:da:b8:03:32:b6:
19:51:77:a8:dd:3d:46:00:db:a9:95:ed:51:88:6c:
6d:4c:bc:52:c9:d8:1c:6c:1a:ad:7b:71:26:ab:b1:
e3:8f:c9:08:67:32:24:5b:30:3b:40:d0:df:61:37:
99:76:9f:79:a6:c7:ff:c2:c4:68:50:6e:7d:ba:5c:
a0:33:3e:a6:6c:0b:d9:db:a2:ab:53:75:5c:65:6a:
fa:af:f3:e9:48:f9:f6:40:7e:2d:0c:07:f6:8e:74:
f3:a3:25:3d:5a:8f:f6:ec:3e:38:f7:d0:ef:16:e1:
17:b5:cd:90:0f:b8:27:6f:6c:48:2b:d3:fb:85:04:
7a:13:b5:e6:3a:f4:88:72:07:fd:2a:79:20:13:cb:
e7:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:C9:03:E1:9E:4C:BC:59:1F:D0:29:F3:35:1E:EB:8D:52:A9:BB:9E
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/y8kD4Z5MvFkf0CnzNR7rjVKpu54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:56c4::/48
Signature Algorithm: sha256WithRSAEncryption
05:00:c5:e7:cd:95:55:30:0e:e0:8e:96:3c:3c:64:06:96:a2:
87:26:17:49:6c:0b:5f:5d:c0:2b:85:21:3d:b7:a8:b7:c0:ec:
ae:e0:cf:a3:8b:40:95:5c:ee:48:17:cd:69:b6:eb:f2:57:25:
1d:db:a4:6c:62:2a:a1:5a:6c:37:fb:8b:13:d7:15:52:0c:b1:
3d:eb:96:59:6f:4c:7a:4a:4f:dc:3b:31:d7:c7:f9:73:71:11:
93:54:b8:ff:82:b9:dd:8e:66:03:a8:a2:13:27:90:6e:f4:a9:
ad:2e:14:4b:59:83:a6:d9:5c:34:93:2d:c8:5b:1a:23:77:f0:
02:6b:a0:f9:6b:df:0d:6c:53:92:d7:27:8f:11:a4:de:c6:15:
0a:06:d6:17:87:37:d1:92:8e:0e:5a:24:00:42:5f:af:82:ca:
af:09:28:79:57:03:47:a1:0a:89:21:c1:d3:a4:ba:15:ad:ec:
d3:54:fa:97:7f:a2:9c:d0:e6:97:6c:e2:9c:86:37:c7:6d:f1:
dd:9b:a3:ee:e8:d0:6c:3f:43:ee:34:0a:5f:e0:a7:f9:2b:89:
a1:95:cd:a1:dd:52:5b:53:86:6e:2a:5a:db:fc:6e:36:31:ed:
7f:3d:e5:4d:6d:ca:46:30:29:9c:9c:17:0d:8c:33:5d:61:25:
a1:e4:39:1e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw+5DIDMEWTy6ijFU5DBb9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjMwMTAyMDUzNjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmM5MDNlMTllNGNiYzU5MWZkMDI5ZjMzNTFlZWI4ZDUyYTliYjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5s8STeVY6MeYw4yY7w+hdrI8hob
y7UPfwAh3qaMvUNE6mTKD3+4ipGaK1MoaOdF5dYSxGVCKVvbRRHGHXdah1W8GDSy
7TYFQ2wtYvnZj4DpeoeyaMWPbz6w/1cOPJWtk6/4ApvL8tJWiF7idxLWmB9I2rgD
MrYZUXeo3T1GANuple1RiGxtTLxSydgcbBqte3Emq7Hjj8kIZzIkWzA7QNDfYTeZ
dp95psf/wsRoUG59ulygMz6mbAvZ26KrU3VcZWr6r/PpSPn2QH4tDAf2jnTzoyU9
Wo/27D4499DvFuEXtc2QD7gnb2xIK9P7hQR6E7XmOvSIcgf9KnkgE8vnTwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMvJA+GeTLxZH9Ap8zUe641SqbueMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEveThrRDRaNU12RmtmMENuek5SN3JqVktwdTU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg9WxAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAFAMXnzZVVMA7gjpY8PGQGlqKHJhdJbAtfXcAr
hSE9t6i3wOyu4M+ji0CVXO5IF81ptuvyVyUd26RsYiqhWmw3+4sT1xVSDLE965ZZ
b0x6Sk/cOzHXx/lzcRGTVLj/grndjmYDqKITJ5Bu9KmtLhRLWYOm2Vw0ky3IWxoj
d/ACa6D5a98NbFOS1yePEaTexhUKBtYXhzfRko4OWiQAQl+vgsqvCSh5VwNHoQqJ
IcHTpLoVrezTVPqXf6Kc0OaXbOKchjfHbfHdm6Pu6NBsP0PuNApf4Kf5K4mhlc2h
3VJbU4ZuKlrb/G42Me1/PeVNbcpGMCmcnBcNjDNdYSWh5Dke
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:47 2024 by rpki-client on console-ams.rpki-client.org