Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/42cdab-2029-4624-9f4b-99323686216d/1/0CQ9x5zmJqF7q6qY9wwI7Hbpaa8.roa
File: 0CQ9x5zmJqF7q6qY9wwI7Hbpaa8.roa (raw, json)
Hash identifier: xHM3qIxR1w/C416NEzNsNzFL24eUmnFHZdMEXOBsymQ=
Subject key identifier: D0:24:3D:C7:9C:E6:26:A1:7B:AB:AA:98:F7:0C:08:EC:76:E9:69:AF
Certificate issuer: /CN=14a4780f5cd07e948be6fa4b4925a7313906d5eb
Certificate serial: 01856D5CF42C65227090BE44B72A161AE0D8
Authority key identifier: 14:A4:78:0F:5C:D0:7E:94:8B:E6:FA:4B:49:25:A7:31:39:06:D5:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FKR4D1zQfpSL5vpLSSWnMTkG1es.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/42cdab-2029-4624-9f4b-99323686216d/1/0CQ9x5zmJqF7q6qY9wwI7Hbpaa8.roa
Signing time: Sun 01 Jan 2023 12:44:46 +0000
ROA not before: Sun 01 Jan 2023 12:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208169
IP address blocks: 2001:678:e3c::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5c:f4:2c:65:22:70:90:be:44:b7:2a:16:1a:e0:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14a4780f5cd07e948be6fa4b4925a7313906d5eb
Validity
Not Before: Jan 1 12:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0243dc79ce626a17babaa98f70c08ec76e969af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:be:47:61:48:9a:68:be:bd:2a:d0:2e:8c:c9:
bf:4a:78:54:51:18:3a:51:86:e5:78:c2:2b:3c:44:
7a:ce:19:51:ed:41:17:2a:f3:f1:69:59:f8:04:09:
53:1a:0e:c4:08:55:b0:72:00:a0:a5:74:87:d7:88:
3d:bf:6c:e9:f8:9e:3d:95:33:b8:cd:c0:35:5a:8b:
d6:a8:06:68:e4:3b:ef:28:31:1b:ad:ff:23:d2:e1:
ea:15:19:5b:87:27:a6:8b:98:b2:78:33:31:af:0f:
bf:0c:5b:b6:98:03:bc:8f:69:c6:99:3c:b9:5b:f1:
ab:c9:d3:83:9b:a2:42:08:8b:58:1c:2c:e6:d9:d0:
9e:9b:87:44:3e:6b:9d:59:76:09:38:6f:2b:80:3f:
11:91:54:20:5d:3e:81:d2:bf:95:0b:53:d7:96:13:
96:5e:47:44:aa:93:10:80:08:7f:75:71:cf:a9:f4:
62:2f:9f:7e:e3:7f:91:27:ee:c8:d4:64:6a:ba:8f:
80:7f:06:58:f9:1b:1a:fe:d1:2e:c9:93:5f:e9:96:
74:5d:f2:bb:34:8f:75:52:fa:dc:f2:4f:d1:50:fe:
ce:11:2d:9c:a0:ef:df:f3:76:03:d3:29:35:19:27:
5e:7b:bb:b8:a3:35:23:43:d4:62:eb:4b:e7:e0:ed:
b2:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:24:3D:C7:9C:E6:26:A1:7B:AB:AA:98:F7:0C:08:EC:76:E9:69:AF
X509v3 Authority Key Identifier:
keyid:14:A4:78:0F:5C:D0:7E:94:8B:E6:FA:4B:49:25:A7:31:39:06:D5:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FKR4D1zQfpSL5vpLSSWnMTkG1es.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/42cdab-2029-4624-9f4b-99323686216d/1/0CQ9x5zmJqF7q6qY9wwI7Hbpaa8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/42cdab-2029-4624-9f4b-99323686216d/1/FKR4D1zQfpSL5vpLSSWnMTkG1es.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:e3c::/48
Signature Algorithm: sha256WithRSAEncryption
9d:2a:f6:f2:66:25:e8:b7:8f:de:a2:d4:bc:e6:64:e5:ed:ed:
79:96:e1:7c:cd:ce:e2:7f:2d:5c:82:0f:34:42:8b:77:08:81:
80:11:a5:50:04:aa:19:8f:f0:e3:99:77:48:77:99:23:d7:42:
d5:31:9f:49:05:b2:07:76:0b:dd:7d:1a:c0:a8:dd:c7:81:94:
df:ff:7c:d2:5a:db:d3:17:e3:69:d4:6e:35:7e:a1:3c:20:0f:
06:b3:de:ae:e5:f4:b8:97:50:aa:35:f5:a4:df:a1:ca:d6:0a:
45:4b:9a:fb:d6:52:a3:99:7c:5b:c4:6b:46:53:3a:13:15:e2:
c9:fa:db:24:3d:bc:5d:b0:c3:54:db:e3:79:3c:6a:e5:8f:9f:
e6:e1:0e:19:34:66:f7:31:05:c6:8d:2d:d9:d3:3a:3d:ce:72:
fe:2d:5c:e3:f4:e2:95:5b:9b:5e:23:b3:02:fa:4b:be:64:ff:
62:c0:3e:dc:08:74:ec:84:bd:0b:94:b3:f9:9c:8d:88:1a:ce:
26:3e:80:15:56:b6:d6:ae:c6:fd:be:1b:a7:40:d0:7c:78:18:
7e:bc:db:ee:89:cc:6f:a1:aa:6c:60:5c:24:12:86:b1:0d:c1:
3e:48:af:e0:a4:16:1b:00:77:50:f2:8f:c5:6c:24:e1:1f:65:
66:89:49:15
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtXPQsZSJwkL5EtyoWGuDYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YTQ3ODBmNWNkMDdlOTQ4YmU2ZmE0YjQ5MjVhNzMxMzkw
NmQ1ZWIwHhcNMjMwMTAxMTI0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDI0M2RjNzljZTYyNmExN2JhYmFhOThmNzBjMDhlYzc2ZTk2OWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqb5HYUiaaL69KtAujMm/SnhUURg6
UYbleMIrPER6zhlR7UEXKvPxaVn4BAlTGg7ECFWwcgCgpXSH14g9v2zp+J49lTO4
zcA1WovWqAZo5DvvKDEbrf8j0uHqFRlbhyemi5iyeDMxrw+/DFu2mAO8j2nGmTy5
W/GrydODm6JCCItYHCzm2dCem4dEPmudWXYJOG8rgD8RkVQgXT6B0r+VC1PXlhOW
XkdEqpMQgAh/dXHPqfRiL59+43+RJ+7I1GRquo+AfwZY+Rsa/tEuyZNf6ZZ0XfK7
NI91Uvrc8k/RUP7OES2coO/f83YD0yk1GSdee7u4ozUjQ9Ri60vn4O2yywIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNAkPcec5iahe6uqmPcMCOx26WmvMB8GA1UdIwQY
MBaAFBSkeA9c0H6Ui+b6S0klpzE5BtXrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRktSNEQxelFmcFNMNXZwTFNTV25NVGtHMWVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80MmNkYWItMjAyOS00NjI0LTlmNGIt
OTkzMjM2ODYyMTZkLzEvMENROXg1em1KcUY3cTZxWTl3d0k3SGJwYWE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS80MmNkYWItMjAyOS00NjI0LTlmNGItOTkzMjM2ODYyMTZk
LzEvRktSNEQxelFmcFNMNXZwTFNTV25NVGtHMWVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA48
MA0GCSqGSIb3DQEBCwUAA4IBAQCdKvbyZiXot4/eotS85mTl7e15luF8zc7ify1c
gg80Qot3CIGAEaVQBKoZj/DjmXdId5kj10LVMZ9JBbIHdgvdfRrAqN3HgZTf/3zS
WtvTF+Np1G41fqE8IA8Gs96u5fS4l1CqNfWk36HK1gpFS5r71lKjmXxbxGtGUzoT
FeLJ+tskPbxdsMNU2+N5PGrlj5/m4Q4ZNGb3MQXGjS3Z0zo9znL+LVzj9OKVW5te
I7MC+ku+ZP9iwD7cCHTshL0LlLP5nI2IGs4mPoAVVrbWrsb9vhunQNB8eBh+vNvu
icxvoapsYFwkEoaxDcE+SK/gpBYbAHdQ8o/FbCThH2VmiUkV
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:52:06 2024 by rpki-client on console-fra.rpki-client.org