Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/j05WqELWI-gjiZsyVpQvZaEoGUU.roa
File: j05WqELWI-gjiZsyVpQvZaEoGUU.roa (raw, json)
Hash identifier: KPtqK8k5wbBIVZrmAGcvE6Ay8J5VgATmnguhj+btQlU=
Subject key identifier: 8F:4E:56:A8:42:D6:23:E8:23:89:9B:32:56:94:2F:65:A1:28:19:45
Certificate issuer: /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Certificate serial: 018570B081B4F017A8D59BBD0831D97F9473
Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/j05WqELWI-gjiZsyVpQvZaEoGUU.roa
Signing time: Mon 02 Jan 2023 04:14:53 +0000
ROA not before: Mon 02 Jan 2023 04:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213169
IP address blocks: 2a0e:da40:3000::/36 maxlen: 128
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:81:b4:f0:17:a8:d5:9b:bd:08:31:d9:7f:94:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Validity
Not Before: Jan 2 04:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f4e56a842d623e823899b3256942f65a1281945
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:40:e1:59:da:55:16:6c:d1:83:d5:9f:54:df:
47:05:23:e4:2c:dd:f1:73:79:98:4d:e9:06:1d:d4:
55:a8:a3:26:0c:e5:1d:db:85:a9:fc:75:3f:fb:da:
f6:e3:dd:29:f7:73:45:f9:50:42:48:4c:f3:14:a1:
61:35:80:26:2a:64:fd:6a:89:f9:93:17:a6:d7:08:
c9:c8:81:48:1d:6b:29:a8:59:39:80:1d:60:66:9e:
9f:e0:86:82:50:33:06:91:82:5a:28:59:9a:a7:3a:
34:ae:85:89:e8:4a:c2:7e:f7:1f:d2:8e:1b:0e:ba:
04:33:97:22:30:71:4d:f8:40:a1:3d:98:b3:1d:48:
59:b6:21:26:45:b2:a1:f7:85:f5:f5:dc:18:69:b9:
0a:81:51:17:31:df:cd:e7:23:a1:e7:dd:91:b5:a3:
86:02:6c:6d:84:70:39:8d:e2:2b:fb:f9:ec:50:7d:
ba:83:f1:9e:fe:ec:6a:2e:e6:f9:1e:f5:70:db:b8:
9d:7b:60:85:94:97:b6:57:72:5d:1d:45:99:4d:7f:
bf:10:9f:ad:4c:29:8a:72:a0:97:37:73:e5:66:0d:
25:c5:bf:bc:41:88:06:a5:0e:5c:bb:16:a1:a1:0a:
70:66:06:cd:62:22:2b:bb:8a:ee:3c:15:3b:c6:ea:
51:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:4E:56:A8:42:D6:23:E8:23:89:9B:32:56:94:2F:65:A1:28:19:45
X509v3 Authority Key Identifier:
keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/j05WqELWI-gjiZsyVpQvZaEoGUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:da40:3000::/36
Signature Algorithm: sha256WithRSAEncryption
83:f8:a4:8b:ac:61:dc:01:60:d9:f7:24:44:38:21:56:ec:3a:
3d:03:06:a3:ae:3f:53:24:5d:c3:07:91:18:27:df:5d:d2:42:
26:a5:34:08:4b:83:6f:de:aa:43:9d:f5:41:c1:de:86:65:12:
7b:17:9e:68:d2:36:71:ea:a9:c5:40:0d:78:55:07:fb:b8:72:
db:98:f3:9a:85:f8:67:3d:d4:9a:33:d3:9c:1e:ab:08:15:5b:
41:40:f3:c0:ca:1b:43:aa:db:cc:26:0a:d5:e4:27:38:92:f1:
2d:46:b8:2d:3c:86:a8:9b:6f:10:8f:c8:54:74:46:ca:c1:3f:
7e:a2:4a:2d:a5:70:d8:31:bc:18:bd:9a:e2:b3:96:e0:ff:85:
42:b6:e8:05:f8:df:d7:21:98:37:67:c5:00:b7:2c:8f:ac:c6:
a4:a2:34:02:f1:33:b8:82:9a:9a:5b:13:ab:6b:94:16:ad:79:
78:28:3a:52:5c:eb:01:cd:8a:5e:82:5b:cd:92:7f:ee:5a:07:
14:bd:8c:d9:78:c1:08:2e:6f:e7:18:4d:3b:2c:64:ae:ea:40:
e7:04:85:8d:e5:eb:2e:cc:94:47:ba:08:a8:2e:d1:11:3d:45:
cb:5c:27:86:fa:61:bb:e4:c0:de:eb:75:3d:27:d4:28:2f:d7:
f2:6a:04:fd
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVwsIG08Beo1Zu9CDHZf5RzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYjY3YzVjN2ZhN2ZlMjQ5MmVlYzM3Y2Y0Mjc2NDJiNzFk
NDI1YjAwHhcNMjMwMTAyMDQxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjRlNTZhODQyZDYyM2U4MjM4OTliMzI1Njk0MmY2NWExMjgxOTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2kDhWdpVFmzRg9WfVN9HBSPkLN3x
c3mYTekGHdRVqKMmDOUd24Wp/HU/+9r2490p93NF+VBCSEzzFKFhNYAmKmT9aon5
kxem1wjJyIFIHWspqFk5gB1gZp6f4IaCUDMGkYJaKFmapzo0roWJ6ErCfvcf0o4b
DroEM5ciMHFN+EChPZizHUhZtiEmRbKh94X19dwYabkKgVEXMd/N5yOh592RtaOG
AmxthHA5jeIr+/nsUH26g/Ge/uxqLub5HvVw27ide2CFlJe2V3JdHUWZTX+/EJ+t
TCmKcqCXN3PlZg0lxb+8QYgGpQ5cuxahoQpwZgbNYiIru4ruPBU7xupRMQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFI9OVqhC1iPoI4mbMlaUL2WhKBlFMB8GA1UdIwQY
MBaAFA22fFx/p/4kku7DfPQnZCtx1CWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjkt
YjAzZGY5OTZlNDgxLzEvajA1V3FFTFdJLWdqaVpzeVZwUXZaYUVvR1VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjktYjAzZGY5OTZlNDgx
LzEvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKg7aQDAw
DQYJKoZIhvcNAQELBQADggEBAIP4pIusYdwBYNn3JEQ4IVbsOj0DBqOuP1MkXcMH
kRgn313SQialNAhLg2/eqkOd9UHB3oZlEnsXnmjSNnHqqcVADXhVB/u4ctuY85qF
+Gc91Joz05weqwgVW0FA88DKG0Oq28wmCtXkJziS8S1GuC08hqibbxCPyFR0RsrB
P36iSi2lcNgxvBi9muKzluD/hUK26AX439chmDdnxQC3LI+sxqSiNALxM7iCmppb
E6trlBateXgoOlJc6wHNil6CW82Sf+5aBxS9jNl4wQgub+cYTTssZK7qQOcEhY3l
6y7MlEe6CKgu0RE9RctcJ4b6YbvkwN7rdT0n1Cgv1/JqBP0=
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:22 2024 by rpki-client on console-ams.rpki-client.org