Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/18d059-3cb2-46bf-a588-fe95a9af3adc/1/CKhmyhYH9XqcOeun5flgAnxz3vg.roa
File: CKhmyhYH9XqcOeun5flgAnxz3vg.roa (raw, json)
Hash identifier: 4ywoXJDp5YOYlr3a4kC24QQW04PMUcZolH3NcoUEaZ8=
Subject key identifier: 08:A8:66:CA:16:07:F5:7A:9C:39:EB:A7:E5:F9:60:02:7C:73:DE:F8
Certificate issuer: /CN=d57c7db04e78c221f3df2a2af082b518d962a8f0
Certificate serial: 01856D53EDC0A10E72FED1DDF543769119FF
Authority key identifier: D5:7C:7D:B0:4E:78:C2:21:F3:DF:2A:2A:F0:82:B5:18:D9:62:A8:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Xx9sE54wiHz3yoq8IK1GNliqPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/18d059-3cb2-46bf-a588-fe95a9af3adc/1/CKhmyhYH9XqcOeun5flgAnxz3vg.roa
Signing time: Sun 01 Jan 2023 12:34:54 +0000
ROA not before: Sun 01 Jan 2023 12:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 36040
IP address blocks: 2a0f:f4c1:2::/48 maxlen: 48
2a0f:f4c1:2::/64 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:ed:c0:a1:0e:72:fe:d1:dd:f5:43:76:91:19:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d57c7db04e78c221f3df2a2af082b518d962a8f0
Validity
Not Before: Jan 1 12:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08a866ca1607f57a9c39eba7e5f960027c73def8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e8:1a:13:34:20:63:ca:d5:fe:01:e2:5a:48:
67:25:d8:a0:f4:ea:52:4f:ac:66:cf:da:3c:1a:1a:
d9:f4:e6:11:30:70:f8:f6:7c:5f:94:c4:36:91:e0:
72:c1:a1:0a:23:a9:7b:0a:49:60:5a:10:22:25:99:
6a:fb:46:61:5b:5d:98:85:53:e6:b5:5e:99:d0:cc:
40:6a:98:5b:28:a0:4d:e1:c3:ea:b8:e7:3e:68:1a:
b5:54:52:a5:0c:35:5e:29:6e:bc:1e:f5:7c:dc:68:
2d:33:dd:71:d0:07:a2:62:c4:95:98:1f:e1:21:ac:
58:6b:d4:98:2d:4b:4d:bb:5b:94:5e:3e:12:3d:2f:
a7:4d:1b:9b:d8:84:91:e9:bb:6e:93:8a:fd:61:e5:
8b:c3:e1:49:4f:bb:d4:12:e8:d0:07:d0:2e:79:0f:
99:a7:04:59:3c:37:69:72:c4:a6:0b:2b:5d:d2:dd:
2c:b7:26:bd:58:18:eb:e2:f6:99:5c:8e:71:66:a1:
87:96:e4:99:37:2e:31:1a:9d:0f:8b:52:fd:6c:c3:
8c:75:c3:2d:07:ea:2f:3f:cf:06:5c:cc:62:99:e7:
49:41:05:56:d7:7e:06:be:32:7e:9b:86:85:cb:ad:
6b:a1:17:59:7d:fe:eb:5a:10:d6:fb:5a:93:f5:a0:
1b:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:A8:66:CA:16:07:F5:7A:9C:39:EB:A7:E5:F9:60:02:7C:73:DE:F8
X509v3 Authority Key Identifier:
keyid:D5:7C:7D:B0:4E:78:C2:21:F3:DF:2A:2A:F0:82:B5:18:D9:62:A8:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Xx9sE54wiHz3yoq8IK1GNliqPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/18d059-3cb2-46bf-a588-fe95a9af3adc/1/CKhmyhYH9XqcOeun5flgAnxz3vg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/18d059-3cb2-46bf-a588-fe95a9af3adc/1/1Xx9sE54wiHz3yoq8IK1GNliqPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:f4c1:2::/48
Signature Algorithm: sha256WithRSAEncryption
b0:86:42:33:c8:69:20:99:aa:58:04:93:65:49:d0:67:37:b4:
7b:91:c1:ea:8b:74:ed:f9:af:84:15:77:94:b8:2f:8e:86:23:
ee:96:e7:ad:b3:33:ab:0d:62:a5:46:15:f5:4a:60:91:ba:d6:
85:f5:3b:a7:07:e4:ab:b0:57:3b:67:81:d0:a7:5b:c2:7a:7e:
23:89:a8:5e:aa:8e:27:e0:65:fd:aa:75:c2:60:11:b3:ad:48:
76:9e:eb:49:ef:03:ab:45:da:b8:12:4b:76:79:26:f1:5e:02:
e5:54:a5:b0:e0:9e:56:86:ba:75:86:8a:52:56:a7:cc:a6:4b:
9d:56:13:99:71:46:24:0a:03:e7:eb:c9:9d:58:43:02:d6:f0:
bb:78:c5:30:68:fb:c3:de:ef:99:7e:6f:11:cf:00:dc:aa:6a:
a9:d4:ac:7f:21:1f:75:4b:47:99:19:5d:d1:98:23:4d:49:72:
50:6e:c9:ad:85:b5:e7:b1:93:b4:8d:9a:86:55:60:42:f9:55:
8a:c7:4b:18:b0:bf:c1:e7:18:59:8b:f9:b8:c3:b5:78:82:57:
2a:0b:53:e5:c7:08:cb:7a:16:2a:24:5a:63:db:44:c1:2d:3c:
e0:d5:9d:42:ed:83:b4:5d:08:55:16:47:c7:af:f3:f0:ef:54:
8f:c2:b7:da
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtU+3AoQ5y/tHd9UN2kRn/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1N2M3ZGIwNGU3OGMyMjFmM2RmMmEyYWYwODJiNTE4ZDk2
MmE4ZjAwHhcNMjMwMTAxMTIzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGE4NjZjYTE2MDdmNTdhOWMzOWViYTdlNWY5NjAwMjdjNzNkZWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlegaEzQgY8rV/gHiWkhnJdig9OpS
T6xmz9o8GhrZ9OYRMHD49nxflMQ2keBywaEKI6l7CklgWhAiJZlq+0ZhW12YhVPm
tV6Z0MxAaphbKKBN4cPquOc+aBq1VFKlDDVeKW68HvV83GgtM91x0AeiYsSVmB/h
IaxYa9SYLUtNu1uUXj4SPS+nTRub2ISR6btuk4r9YeWLw+FJT7vUEujQB9AueQ+Z
pwRZPDdpcsSmCytd0t0stya9WBjr4vaZXI5xZqGHluSZNy4xGp0Pi1L9bMOMdcMt
B+ovP88GXMximedJQQVW134GvjJ+m4aFy61roRdZff7rWhDW+1qT9aAbqwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAioZsoWB/V6nDnrp+X5YAJ8c974MB8GA1UdIwQY
MBaAFNV8fbBOeMIh898qKvCCtRjZYqjwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVh4OXNFNTR3aUh6M3lvcThJSzFHTmxpcVBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi8xOGQwNTktM2NiMi00NmJmLWE1ODgt
ZmU5NWE5YWYzYWRjLzEvQ0tobXloWUg5WHFjT2V1bjVmbGdBbnh6M3ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi8xOGQwNTktM2NiMi00NmJmLWE1ODgtZmU5NWE5YWYzYWRj
LzEvMVh4OXNFNTR3aUh6M3lvcThJSzFHTmxpcVBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg/0wQAC
MA0GCSqGSIb3DQEBCwUAA4IBAQCwhkIzyGkgmapYBJNlSdBnN7R7kcHqi3Tt+a+E
FXeUuC+OhiPuluetszOrDWKlRhX1SmCRutaF9TunB+SrsFc7Z4HQp1vCen4jiahe
qo4n4GX9qnXCYBGzrUh2nutJ7wOrRdq4Ekt2eSbxXgLlVKWw4J5Whrp1hopSVqfM
pkudVhOZcUYkCgPn68mdWEMC1vC7eMUwaPvD3u+Zfm8RzwDcqmqp1Kx/IR91S0eZ
GV3RmCNNSXJQbsmthbXnsZO0jZqGVWBC+VWKx0sYsL/B5xhZi/m4w7V4glcqC1Pl
xwjLehYqJFpj20TBLTzg1Z1C7YO0XQhVFkfHr/Pw71SPwrfa
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:31 2024 by rpki-client on console-fra.rpki-client.org