Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/y_ft7V-9G8nwDS9UynEjtRK8p6s.roa
File: y_ft7V-9G8nwDS9UynEjtRK8p6s.roa (raw, json)
Hash identifier: mPXzyUggHK+w8ZXyBkaoXxo/+FHTzeeGFuH8plfOa5Y=
Subject key identifier: CB:F7:ED:ED:5F:BD:1B:C9:F0:0D:2F:54:CA:71:23:B5:12:BC:A7:AB
Certificate issuer: /CN=08fcaaf8d17dd1a65795f714b267f1bce21938b9
Certificate serial: 0185F7FF639C4AF726E8056BDB2DCFAE4558
Authority key identifier: 08:FC:AA:F8:D1:7D:D1:A6:57:95:F7:14:B2:67:F1:BC:E2:19:38:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPyq-NF90aZXlfcUsmfxvOIZOLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/y_ft7V-9G8nwDS9UynEjtRK8p6s.roa
Signing time: Sat 28 Jan 2023 10:49:47 +0000
ROA not before: Sat 28 Jan 2023 10:49:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205929
IP address blocks: 2a06:89c4:c000::/48 maxlen: 48
2a06:89c2:3000::/36 maxlen: 48
2a06:89c3:5010::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f7:ff:63:9c:4a:f7:26:e8:05:6b:db:2d:cf:ae:45:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fcaaf8d17dd1a65795f714b267f1bce21938b9
Validity
Not Before: Jan 28 10:49:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cbf7eded5fbd1bc9f00d2f54ca7123b512bca7ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:8b:1c:33:07:9d:c1:52:bd:7a:18:f3:6a:79:
c4:9d:07:fb:96:19:ac:76:b3:56:35:82:d4:7c:f8:
10:9f:7b:24:7d:7d:6a:ad:e4:cd:d4:4a:74:7d:e0:
1f:7f:48:75:84:52:44:ed:8e:e7:f7:fa:0c:c2:11:
94:bb:ea:57:4f:50:d0:d9:17:56:c3:e5:b7:88:73:
00:40:12:cf:7a:cb:dd:e0:9b:ea:e0:c6:99:4f:2e:
6c:82:a0:95:cf:22:98:d7:95:3e:72:6b:43:e6:ad:
97:a7:de:d7:48:60:1f:38:96:41:09:80:c5:30:b5:
59:b6:52:0e:07:54:11:30:f0:54:4c:16:44:0b:23:
09:5d:59:77:f1:39:5b:9d:78:0c:23:29:83:4d:38:
ea:30:16:49:a6:61:bc:d0:1a:ed:8f:ae:e2:c2:9a:
c4:38:58:d9:9f:c1:8c:6e:15:64:5e:f9:06:e2:c2:
99:03:88:47:cd:b7:07:8d:65:d6:a3:21:17:1a:e0:
08:a2:ab:dd:ad:06:7f:47:14:2d:69:c4:7d:01:08:
dd:44:0c:0a:46:5e:e2:74:9c:56:33:84:6b:ff:c0:
e5:a9:2a:31:7b:0a:39:6e:df:b8:f8:d2:33:85:0e:
b1:74:57:27:c6:4f:59:04:1b:ad:45:a1:ee:5a:27:
62:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:F7:ED:ED:5F:BD:1B:C9:F0:0D:2F:54:CA:71:23:B5:12:BC:A7:AB
X509v3 Authority Key Identifier:
keyid:08:FC:AA:F8:D1:7D:D1:A6:57:95:F7:14:B2:67:F1:BC:E2:19:38:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPyq-NF90aZXlfcUsmfxvOIZOLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/y_ft7V-9G8nwDS9UynEjtRK8p6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/CPyq-NF90aZXlfcUsmfxvOIZOLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:89c2:3000::/36
2a06:89c3:5010::/48
2a06:89c4:c000::/48
Signature Algorithm: sha256WithRSAEncryption
17:4c:57:88:cd:f4:f1:e5:7c:33:96:dd:63:85:7f:4e:be:a7:
df:4a:82:c6:dc:10:e3:2b:18:f7:bb:04:d6:bb:73:a6:98:f5:
4a:e6:ca:90:ea:2a:42:ad:dc:ee:ca:e4:ae:7d:2e:58:6e:07:
2c:ed:7e:93:63:a4:06:e2:8f:8f:94:2f:fd:6a:b4:d5:52:9f:
ae:99:d1:7a:3f:e7:82:c3:0d:d6:97:44:c3:d5:1e:60:8c:16:
11:1a:7c:15:d2:ce:ac:71:29:d1:9d:17:85:a3:be:bd:a2:f2:
bb:85:3a:ef:fe:7f:c3:07:69:9b:92:c4:25:1e:b1:bb:f4:cd:
be:fe:dd:ba:38:93:29:3f:1d:ab:63:70:be:fb:98:d5:66:64:
16:4e:e3:9e:62:31:29:7c:53:af:e1:16:9f:af:c3:5a:46:26:
95:7d:43:f1:00:db:9f:82:d6:f6:2e:a2:ac:b9:89:54:d1:f1:
e2:6e:d3:e8:60:97:6d:4f:fe:c3:80:9a:ff:b7:f9:d0:74:8a:
83:17:4d:e5:7f:1b:47:9f:3a:9f:37:d7:d0:bb:5d:44:d6:32:
8a:a9:d8:0f:33:6e:69:87:78:40:a5:a3:35:e1:4a:d8:b4:43:
e1:1b:0a:43:bc:bb:9b:f3:85:a6:35:0f:c8:5d:47:32:06:8f:
d3:77:15:43
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYX3/2OcSvcm6AVr2y3PrkVYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZmNhYWY4ZDE3ZGQxYTY1Nzk1ZjcxNGIyNjdmMWJjZTIx
OTM4YjkwHhcNMjMwMTI4MTA0OTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmY3ZWRlZDVmYmQxYmM5ZjAwZDJmNTRjYTcxMjNiNTEyYmNhN2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIscMwedwVK9ehjzannEnQf7lhms
drNWNYLUfPgQn3skfX1qreTN1Ep0feAff0h1hFJE7Y7n9/oMwhGUu+pXT1DQ2RdW
w+W3iHMAQBLPesvd4Jvq4MaZTy5sgqCVzyKY15U+cmtD5q2Xp97XSGAfOJZBCYDF
MLVZtlIOB1QRMPBUTBZECyMJXVl38TlbnXgMIymDTTjqMBZJpmG80Brtj67iwprE
OFjZn8GMbhVkXvkG4sKZA4hHzbcHjWXWoyEXGuAIoqvdrQZ/RxQtacR9AQjdRAwK
Rl7idJxWM4Rr/8DlqSoxewo5bt+4+NIzhQ6xdFcnxk9ZBButRaHuWidisQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMv37e1fvRvJ8A0vVMpxI7USvKerMB8GA1UdIwQY
MBaAFAj8qvjRfdGmV5X3FLJn8bziGTi5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1B5cS1ORjkwYVpYbGZjVXNtZnh2T0laT0xrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8wNjgwYWUtMjJmOS00M2JlLTkwYTgt
NzdlZWVhZjcxZDA4LzEveV9mdDdWLTlHOG53RFM5VXluRWp0Uks4cDZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8wNjgwYWUtMjJmOS00M2JlLTkwYTgtNzdlZWVhZjcxZDA4
LzEvQ1B5cS1ORjkwYVpYbGZjVXNtZnh2T0laT0xrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAAjAaAwYEKgaJwjAD
BwAqBonDUBADBwAqBonEwAAwDQYJKoZIhvcNAQELBQADggEBABdMV4jN9PHlfDOW
3WOFf06+p99KgsbcEOMrGPe7BNa7c6aY9UrmypDqKkKt3O7K5K59LlhuByztfpNj
pAbij4+UL/1qtNVSn66Z0Xo/54LDDdaXRMPVHmCMFhEafBXSzqxxKdGdF4Wjvr2i
8ruFOu/+f8MHaZuSxCUesbv0zb7+3bo4kyk/HatjcL77mNVmZBZO455iMSl8U6/h
Fp+vw1pGJpV9Q/EA25+C1vYuoqy5iVTR8eJu0+hgl21P/sOAmv+3+dB0ioMXTeV/
G0efOp8319C7XUTWMoqp2A8zbmmHeEClozXhSti0Q+EbCkO8u5vzhaY1D8hdRzIG
j9N3FUM=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:04 2023 by rpki-client on console-fra.rpki-client.org