Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/5JsCHY7N-MBxrjFyucvvQX1g9mk.roa
File: 5JsCHY7N-MBxrjFyucvvQX1g9mk.roa (raw, json)
Hash identifier: XODma+E1OqYzPn10dqONbW4isRTYLUXAs5lHy+vpjtY=
Subject key identifier: E4:9B:02:1D:8E:CD:F8:C0:71:AE:31:72:B9:CB:EF:41:7D:60:F6:69
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 01856C6EF2A70FA0006DD1DDBD9D45EA7899
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/5JsCHY7N-MBxrjFyucvvQX1g9mk.roa
Signing time: Sun 01 Jan 2023 08:24:48 +0000
ROA not before: Sun 01 Jan 2023 08:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6910
IP address blocks: 2a03:9c00:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:f2:a7:0f:a0:00:6d:d1:dd:bd:9d:45:ea:78:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Jan 1 08:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e49b021d8ecdf8c071ae3172b9cbef417d60f669
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e4:4a:7e:44:03:ff:f3:7b:a6:41:c8:d2:e0:
80:e8:4c:6d:aa:96:ec:78:c2:b1:be:ed:f7:ae:c6:
ec:f4:e4:40:c5:48:58:c0:a1:c0:c5:ab:66:87:f7:
f1:98:3c:e5:65:a8:e6:0f:a9:93:0a:75:aa:97:8d:
10:45:46:e6:10:be:bf:0e:d2:fe:02:c3:ec:c8:13:
30:ea:5b:1e:e2:60:38:4e:91:b6:c5:69:ab:dd:2a:
b8:b9:f2:d9:ae:dc:b8:ec:75:0a:72:dd:bd:23:38:
35:13:c4:8d:49:a0:68:de:95:58:55:b0:59:51:6f:
e2:2d:5b:e2:20:4e:0a:08:3b:13:9c:78:f7:a8:57:
51:cd:8e:29:25:cd:b9:0e:79:3d:29:7f:24:0f:f9:
15:71:a6:db:d0:99:b6:d9:51:3c:5d:76:4e:ea:49:
c5:23:50:85:33:d8:27:50:4c:c4:e0:91:e3:1a:a4:
5c:b1:d7:22:82:b9:83:e3:53:54:ec:ff:ab:1c:98:
d9:6b:00:5a:93:02:81:e6:5e:71:53:05:54:e2:e6:
8c:91:98:01:26:0c:78:7d:b3:5f:6e:11:7e:56:13:
f7:69:25:f5:ab:47:3a:61:29:a0:de:8d:3b:44:5d:
0c:64:63:63:cd:4f:26:0a:df:f9:e8:01:31:a5:a9:
41:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:9B:02:1D:8E:CD:F8:C0:71:AE:31:72:B9:CB:EF:41:7D:60:F6:69
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/5JsCHY7N-MBxrjFyucvvQX1g9mk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:9c00:1::/48
Signature Algorithm: sha256WithRSAEncryption
0d:c4:ac:e2:ae:bf:e6:1b:6e:0c:64:13:5c:91:31:5a:7b:e2:
0f:18:20:b7:9a:90:b5:8b:71:dd:71:9a:19:33:60:9f:29:b6:
16:c2:1e:6f:e1:31:fe:b8:97:51:77:06:4e:80:c3:9a:98:6c:
40:5d:bf:88:35:6f:66:87:32:f4:7e:43:2f:20:6c:77:42:f9:
82:28:6d:b1:37:39:eb:b6:39:d8:e0:7c:65:d9:aa:e3:aa:49:
7c:39:fd:96:a0:c5:c1:d7:4e:31:98:95:aa:a8:92:4d:b8:06:
9d:e8:20:cb:0f:5c:e6:43:a7:e3:2a:6d:42:4b:fb:f9:99:21:
57:f1:8a:e2:0e:35:69:28:60:eb:7e:2d:81:95:34:e0:e1:e8:
4a:70:52:75:67:b1:7b:70:06:bd:e6:7b:0c:55:53:40:5b:67:
62:65:f3:d0:e0:7a:66:3c:8c:06:4e:71:74:44:39:96:4d:30:
f6:d4:3d:db:ce:79:17:66:66:44:bc:70:2a:da:f4:ac:3b:b5:
85:ac:d2:4e:6a:33:1f:3d:ef:b7:35:09:30:08:f6:02:3a:bd:
4e:5f:c4:34:b4:ee:57:29:3a:9a:64:b9:b2:25:3a:00:b5:d5:
3a:86:db:59:86:4c:d8:58:5b:fa:3e:46:2f:f3:02:e8:a3:7f:
1f:4e:4c:d6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVsbvKnD6AAbdHdvZ1F6niZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjMwMTAxMDgyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDliMDIxZDhlY2RmOGMwNzFhZTMxNzJiOWNiZWY0MTdkNjBmNjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgeRKfkQD//N7pkHI0uCA6Extqpbs
eMKxvu33rsbs9ORAxUhYwKHAxatmh/fxmDzlZajmD6mTCnWql40QRUbmEL6/DtL+
AsPsyBMw6lse4mA4TpG2xWmr3Sq4ufLZrty47HUKct29Izg1E8SNSaBo3pVYVbBZ
UW/iLVviIE4KCDsTnHj3qFdRzY4pJc25Dnk9KX8kD/kVcabb0Jm22VE8XXZO6knF
I1CFM9gnUEzE4JHjGqRcsdcigrmD41NU7P+rHJjZawBakwKB5l5xUwVU4uaMkZgB
Jgx4fbNfbhF+VhP3aSX1q0c6YSmg3o07RF0MZGNjzU8mCt/56AExpalBhQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOSbAh2OzfjAca4xcrnL70F9YPZpMB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvNUpzQ0hZN04tTUJ4cmpGeXVjdnZRWDFnOW1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgOcAAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQANxKzirr/mG24MZBNckTFae+IPGCC3mpC1i3Hd
cZoZM2CfKbYWwh5v4TH+uJdRdwZOgMOamGxAXb+INW9mhzL0fkMvIGx3QvmCKG2x
NznrtjnY4Hxl2arjqkl8Of2WoMXB104xmJWqqJJNuAad6CDLD1zmQ6fjKm1CS/v5
mSFX8YriDjVpKGDrfi2BlTTg4ehKcFJ1Z7F7cAa95nsMVVNAW2diZfPQ4HpmPIwG
TnF0RDmWTTD21D3bznkXZmZEvHAq2vSsO7WFrNJOajMfPe+3NQkwCPYCOr1OX8Q0
tO5XKTqaZLmyJToAtdU6httZhkzYWFv6PkYv8wLoo38fTkzW
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:52:28 2024 by rpki-client on console-fra.rpki-client.org