Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/naYCy3zNVeGmkmUc9y-7TtzuX10.roa
File: naYCy3zNVeGmkmUc9y-7TtzuX10.roa (raw, json)
Hash identifier: EjLFrdALbjqZLdWSQY4FQxAZgLKjaX4DRuLMoEkvueo=
Subject key identifier: 9D:A6:02:CB:7C:CD:55:E1:A6:92:65:1C:F7:2F:BB:4E:DC:EE:5F:5D
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 018571D7CEDC6698FAE272207F1170ADC944
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/naYCy3zNVeGmkmUc9y-7TtzuX10.roa
Signing time: Mon 02 Jan 2023 09:37:26 +0000
ROA not before: Mon 02 Jan 2023 09:37:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 55720
IP address blocks: 2a11:840:26::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:ce:dc:66:98:fa:e2:72:20:7f:11:70:ad:c9:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Jan 2 09:37:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9da602cb7ccd55e1a692651cf72fbb4edcee5f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:26:01:ed:79:f0:19:9c:12:ed:6e:4d:a1:a9:
fa:4a:0d:55:a5:40:9c:f5:63:75:3b:21:68:0e:a5:
fd:08:f8:ad:fb:6a:34:a3:23:9d:cf:a3:47:a9:d5:
10:d0:62:4d:7a:08:8b:3d:45:e1:8d:dc:ad:d2:83:
68:82:f2:ef:00:5a:3f:aa:7d:59:58:54:2f:05:fc:
1d:e0:84:a5:11:7a:a6:5c:63:b6:ec:44:ce:88:97:
b2:65:e6:78:99:2a:6d:d0:0e:45:24:3c:4b:8d:5d:
52:99:e5:02:31:2c:b7:bf:7f:4d:39:6b:9e:10:ab:
cc:1a:03:89:d4:36:d4:93:16:f3:eb:e9:72:5d:38:
d5:63:fb:bd:0c:52:0a:6f:28:be:b1:a1:b6:9b:3f:
70:e7:5e:10:b3:28:2f:0c:cc:2f:d3:67:49:42:3c:
40:d2:55:d4:b4:83:6c:b9:5a:0a:d9:d1:b3:da:29:
0e:f5:a9:e8:1d:d7:62:20:26:0e:2f:cf:d8:c8:ba:
3f:cc:f0:ab:19:ba:d5:b9:83:c6:1b:f4:d4:37:58:
13:7e:8e:34:0c:be:47:16:f9:db:6f:14:d9:fa:ad:
bf:d4:d4:47:55:71:93:4d:ed:cb:95:ce:d7:b1:18:
66:9e:f1:ba:59:3b:3b:b7:e9:fd:3b:53:0f:d5:ee:
7b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:A6:02:CB:7C:CD:55:E1:A6:92:65:1C:F7:2F:BB:4E:DC:EE:5F:5D
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/naYCy3zNVeGmkmUc9y-7TtzuX10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:840:26::/48
Signature Algorithm: sha256WithRSAEncryption
81:20:9a:96:a0:6d:8c:ac:32:11:c9:54:fb:97:ad:52:99:b1:
cb:94:db:d4:d1:d2:17:fc:cc:c3:47:80:00:6b:3b:30:59:8d:
52:74:6e:aa:12:cf:d1:f0:dc:9e:33:c2:a5:cc:c6:a6:c3:6d:
06:bb:04:fb:eb:af:d2:46:9c:ab:a3:ce:e7:e4:c4:15:00:f2:
62:e6:6d:f7:62:2f:e3:78:0c:78:e7:03:df:de:b8:ff:5d:e8:
57:13:ea:97:bd:00:fc:2b:82:df:ce:ea:4d:a7:1d:24:ca:96:
87:37:88:e7:7a:36:aa:80:c5:cb:ec:3d:06:8b:e2:92:1b:02:
87:95:90:66:49:2f:49:fc:4f:35:c1:14:b4:3c:1e:27:67:aa:
13:77:54:63:95:81:ea:a7:7d:bf:80:71:5c:b1:d4:4d:aa:39:
29:9b:d9:4b:f6:bb:32:1a:0c:96:fd:0a:83:55:16:a2:97:d0:
dc:b4:02:48:cc:c1:eb:53:aa:81:7e:f6:d3:de:f9:06:32:0d:
a5:f0:cb:0f:14:43:41:a9:f3:c3:cc:d9:65:b6:36:a5:0c:b4:
f3:dc:0d:ad:19:af:36:73:e7:f3:72:74:cf:de:79:e2:3e:73:
93:75:20:fa:7d:5e:33:fd:90:80:aa:17:95:f9:41:f5:b5:cf:
69:62:e6:c1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVx187cZpj64nIgfxFwrclEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjMwMTAyMDkzNzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGE2MDJjYjdjY2Q1NWUxYTY5MjY1MWNmNzJmYmI0ZWRjZWU1ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCYB7XnwGZwS7W5Noan6Sg1VpUCc
9WN1OyFoDqX9CPit+2o0oyOdz6NHqdUQ0GJNegiLPUXhjdyt0oNogvLvAFo/qn1Z
WFQvBfwd4ISlEXqmXGO27ETOiJeyZeZ4mSpt0A5FJDxLjV1SmeUCMSy3v39NOWue
EKvMGgOJ1DbUkxbz6+lyXTjVY/u9DFIKbyi+saG2mz9w514QsygvDMwv02dJQjxA
0lXUtINsuVoK2dGz2ikO9anoHddiICYOL8/YyLo/zPCrGbrVuYPGG/TUN1gTfo40
DL5HFvnbbxTZ+q2/1NRHVXGTTe3Llc7XsRhmnvG6WTs7t+n9O1MP1e57BQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJ2mAst8zVXhppJlHPcvu07c7l9dMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvbmFZQ3kzek5WZUdta21VYzl5LTdUdHp1WDEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhEIQAAm
MA0GCSqGSIb3DQEBCwUAA4IBAQCBIJqWoG2MrDIRyVT7l61SmbHLlNvU0dIX/MzD
R4AAazswWY1SdG6qEs/R8NyeM8KlzMamw20GuwT766/SRpyro87n5MQVAPJi5m33
Yi/jeAx45wPf3rj/XehXE+qXvQD8K4LfzupNpx0kypaHN4jnejaqgMXL7D0Gi+KS
GwKHlZBmSS9J/E81wRS0PB4nZ6oTd1RjlYHqp32/gHFcsdRNqjkpm9lL9rsyGgyW
/QqDVRail9DctAJIzMHrU6qBfvbT3vkGMg2l8MsPFENBqfPDzNlltjalDLTz3A2t
Ga82c+fzcnTP3nniPnOTdSD6fV4z/ZCAqheV+UH1tc9pYubB
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:54:12 2024 by rpki-client on console-ams.rpki-client.org