Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/RBS9la71tllfWxWEOGW2EDZoGn0.roa
File: RBS9la71tllfWxWEOGW2EDZoGn0.roa (raw, json)
Hash identifier: Z/xB5RfPETc0bZJVb+3PNE4KO7QEltYNxuvaLWs/5/s=
Subject key identifier: 44:14:BD:95:AE:F5:B6:59:5F:5B:15:84:38:65:B6:10:36:68:1A:7D
Certificate issuer: /CN=08fcaaf8d17dd1a65795f714b267f1bce21938b9
Certificate serial: 018573280DA23AF96B496766EF85AF96A9E9
Authority key identifier: 08:FC:AA:F8:D1:7D:D1:A6:57:95:F7:14:B2:67:F1:BC:E2:19:38:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPyq-NF90aZXlfcUsmfxvOIZOLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/RBS9la71tllfWxWEOGW2EDZoGn0.roa
Signing time: Mon 02 Jan 2023 15:44:42 +0000
ROA not before: Mon 02 Jan 2023 15:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205929
IP address blocks: 2a06:89c2:3000::/36 maxlen: 48
2a06:89c3:5010::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:28:0d:a2:3a:f9:6b:49:67:66:ef:85:af:96:a9:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fcaaf8d17dd1a65795f714b267f1bce21938b9
Validity
Not Before: Jan 2 15:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4414bd95aef5b6595f5b15843865b61036681a7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:fd:8c:89:55:f5:22:17:78:6d:5b:b6:58:38:
6d:91:ee:e7:1c:8d:6f:0e:03:c3:c2:8d:55:79:76:
98:05:eb:d2:e8:95:d7:0e:0d:95:a2:f0:97:fa:39:
3e:6c:cb:6d:87:b3:be:25:5a:4d:51:8a:5b:b0:99:
bb:00:bb:fc:e3:9a:43:ca:00:c7:ec:1e:8e:a1:7e:
37:b4:8a:4a:d8:bb:64:ae:f5:3b:6b:eb:c3:9d:be:
b7:56:34:15:a9:45:a5:ad:8e:f3:37:5c:88:14:30:
87:fc:a0:20:ab:9b:7c:ea:5b:f9:2f:fd:03:2a:da:
c1:9d:fa:51:e7:9b:57:1b:ee:4a:93:98:56:c0:56:
36:ee:b5:51:a0:0c:df:f9:08:3d:57:6c:62:9f:b9:
9f:d6:72:37:67:9e:d3:ec:98:98:50:dc:4a:73:10:
4b:2a:cc:a1:d5:12:dd:dc:08:63:09:08:ee:6a:df:
39:92:1e:43:c0:2c:ae:95:ba:80:3a:1f:f7:36:2a:
2d:69:c5:fa:33:34:3c:d1:7e:28:ea:13:36:0c:9c:
4c:0e:c6:1c:c4:9b:e4:9c:eb:00:35:02:8f:6b:5e:
bd:43:62:af:4e:e7:e1:e9:34:46:49:b3:1e:27:62:
a4:ae:48:7e:aa:30:2d:4c:bb:a7:2c:7f:ac:22:b3:
b9:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:14:BD:95:AE:F5:B6:59:5F:5B:15:84:38:65:B6:10:36:68:1A:7D
X509v3 Authority Key Identifier:
keyid:08:FC:AA:F8:D1:7D:D1:A6:57:95:F7:14:B2:67:F1:BC:E2:19:38:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPyq-NF90aZXlfcUsmfxvOIZOLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/RBS9la71tllfWxWEOGW2EDZoGn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/CPyq-NF90aZXlfcUsmfxvOIZOLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:89c2:3000::/36
2a06:89c3:5010::/48
Signature Algorithm: sha256WithRSAEncryption
3d:9d:cf:4f:bc:03:a2:0f:35:9a:80:dd:99:7c:b1:9e:f0:8b:
a6:a2:5a:49:17:5c:4c:12:df:23:84:29:07:1f:91:54:f9:68:
2c:2b:cb:f2:96:3a:80:18:d6:41:b6:37:c6:4e:80:ff:e8:71:
4b:eb:ec:c3:c1:b5:cf:31:8f:06:9b:84:f8:a6:6e:f0:3a:10:
d8:1f:0f:6b:6d:47:70:31:05:9e:ca:f7:52:cb:fe:e0:e2:b0:
60:1d:45:05:c8:2a:8b:e1:ea:51:e6:2d:7f:84:04:1e:e5:05:
fc:95:93:b4:f8:a0:03:b9:cf:46:f3:3c:2e:e2:96:a6:65:d5:
e6:13:4d:a2:bb:b5:bc:58:c4:27:ff:17:c2:6f:80:c5:7a:b5:
d8:d4:cf:4e:57:0c:9d:30:4b:de:04:62:30:b0:bf:d2:d0:fa:
26:3d:66:81:c7:82:42:7c:b6:59:41:0d:53:4f:95:08:b9:0a:
11:72:3e:0e:a8:6a:3b:1b:cb:cb:53:69:fd:1c:6f:96:6f:18:
4f:71:c1:6e:0a:c3:3e:99:6f:55:bc:bb:5f:98:bc:40:bf:84:
06:41:d8:23:06:0e:2e:1a:34:17:e0:16:b9:c7:f2:28:7c:af:
68:08:fa:37:29:71:01:5c:e2:ad:2e:76:52:9c:1d:c4:c0:56:
0a:e6:96:3f
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYVzKA2iOvlrSWdm74WvlqnpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZmNhYWY4ZDE3ZGQxYTY1Nzk1ZjcxNGIyNjdmMWJjZTIx
OTM4YjkwHhcNMjMwMTAyMTU0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDE0YmQ5NWFlZjViNjU5NWY1YjE1ODQzODY1YjYxMDM2NjgxYTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/2MiVX1Ihd4bVu2WDhtke7nHI1v
DgPDwo1VeXaYBevS6JXXDg2VovCX+jk+bMtth7O+JVpNUYpbsJm7ALv845pDygDH
7B6OoX43tIpK2LtkrvU7a+vDnb63VjQVqUWlrY7zN1yIFDCH/KAgq5t86lv5L/0D
KtrBnfpR55tXG+5Kk5hWwFY27rVRoAzf+Qg9V2xin7mf1nI3Z57T7JiYUNxKcxBL
Ksyh1RLd3AhjCQjuat85kh5DwCyulbqAOh/3NiotacX6MzQ80X4o6hM2DJxMDsYc
xJvknOsANQKPa169Q2KvTufh6TRGSbMeJ2Kkrkh+qjAtTLunLH+sIrO5uQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFEQUvZWu9bZZX1sVhDhlthA2aBp9MB8GA1UdIwQY
MBaAFAj8qvjRfdGmV5X3FLJn8bziGTi5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1B5cS1ORjkwYVpYbGZjVXNtZnh2T0laT0xrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8wNjgwYWUtMjJmOS00M2JlLTkwYTgt
NzdlZWVhZjcxZDA4LzEvUkJTOWxhNzF0bGxmV3hXRU9HVzJFRFpvR24wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8wNjgwYWUtMjJmOS00M2JlLTkwYTgtNzdlZWVhZjcxZDA4
LzEvQ1B5cS1ORjkwYVpYbGZjVXNtZnh2T0laT0xrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwYEKgaJwjAD
BwAqBonDUBAwDQYJKoZIhvcNAQELBQADggEBAD2dz0+8A6IPNZqA3Zl8sZ7wi6ai
WkkXXEwS3yOEKQcfkVT5aCwry/KWOoAY1kG2N8ZOgP/ocUvr7MPBtc8xjwabhPim
bvA6ENgfD2ttR3AxBZ7K91LL/uDisGAdRQXIKovh6lHmLX+EBB7lBfyVk7T4oAO5
z0bzPC7ilqZl1eYTTaK7tbxYxCf/F8JvgMV6tdjUz05XDJ0wS94EYjCwv9LQ+iY9
ZoHHgkJ8tllBDVNPlQi5ChFyPg6oajsby8tTaf0cb5ZvGE9xwW4Kwz6Zb1W8u1+Y
vEC/hAZB2CMGDi4aNBfgFrnH8ih8r2gI+jcpcQFc4q0udlKcHcTAVgrmlj8=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:58 2023 by rpki-client on console-ams.rpki-client.org