Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/R65xJXleFc3cKLHhW0V7D2btbkk.roa
File: R65xJXleFc3cKLHhW0V7D2btbkk.roa (raw, json)
Hash identifier: Orwt/Z3EQnmpaHLD0eu5TGAuXy45zZRNROB4DV7kc/k=
Subject key identifier: 47:AE:71:25:79:5E:15:CD:DC:28:B1:E1:5B:45:7B:0F:66:ED:6E:49
Certificate issuer: /CN=b9c3633acbf63c2ecb10205b9b92580abb4eb87e
Certificate serial: 018571FA201097FEC0D4E324FF83E498101D
Authority key identifier: B9:C3:63:3A:CB:F6:3C:2E:CB:10:20:5B:9B:92:58:0A:BB:4E:B8:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ucNjOsv2PC7LECBbm5JYCrtOuH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/R65xJXleFc3cKLHhW0V7D2btbkk.roa
Signing time: Mon 02 Jan 2023 10:14:55 +0000
ROA not before: Mon 02 Jan 2023 10:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1257
IP address blocks: 2a11:cd40:1000::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:20:10:97:fe:c0:d4:e3:24:ff:83:e4:98:10:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9c3633acbf63c2ecb10205b9b92580abb4eb87e
Validity
Not Before: Jan 2 10:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47ae7125795e15cddc28b1e15b457b0f66ed6e49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e1:8c:07:27:52:f3:ea:cd:85:55:19:88:d5:
4b:bc:8f:6c:7a:69:c7:0a:a1:0c:ce:ec:6f:e5:e8:
c1:37:a1:bf:cd:f8:39:8b:0a:65:82:3e:f2:2a:b5:
44:a4:55:de:f3:51:79:67:d9:1a:f4:f6:97:34:be:
25:7a:bf:0c:0c:32:ef:45:6b:11:c6:dc:fb:43:77:
7b:d5:1c:b4:c8:d8:fd:3f:ae:dc:4b:8c:c2:4d:da:
fc:52:b5:a7:b2:e4:55:a1:4b:df:12:89:84:d6:ba:
67:7b:fa:73:05:22:3e:35:6c:b7:e3:e1:b3:5f:f4:
83:da:f8:88:a5:aa:3e:0c:b2:06:8c:f7:1d:80:15:
4b:7c:ab:05:fd:4e:9f:2a:3e:90:a2:49:2f:d5:f7:
5d:fc:b7:9f:37:5a:fa:dd:0d:c5:da:c3:33:94:f4:
48:70:64:1c:9e:71:80:e0:e8:b1:b8:fe:61:88:3a:
84:37:73:94:01:95:03:23:c7:38:44:da:14:fb:65:
70:31:f9:e7:f2:5e:b4:dc:64:40:4a:0f:44:b4:5f:
44:20:59:af:4f:41:2f:6f:a7:f4:c9:49:a0:33:5c:
ca:47:4b:c2:0e:c3:f9:48:9b:97:88:0d:c4:5b:8f:
49:37:c1:c5:e2:a5:8c:34:f7:05:b9:28:47:b3:3b:
b6:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:AE:71:25:79:5E:15:CD:DC:28:B1:E1:5B:45:7B:0F:66:ED:6E:49
X509v3 Authority Key Identifier:
keyid:B9:C3:63:3A:CB:F6:3C:2E:CB:10:20:5B:9B:92:58:0A:BB:4E:B8:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ucNjOsv2PC7LECBbm5JYCrtOuH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/R65xJXleFc3cKLHhW0V7D2btbkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/ucNjOsv2PC7LECBbm5JYCrtOuH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:cd40:1000::/48
Signature Algorithm: sha256WithRSAEncryption
3d:5a:e1:75:cf:34:5f:17:72:be:6c:6d:43:4e:d6:63:0a:8c:
70:c4:5b:6a:50:80:ea:ad:24:66:aa:3c:b3:09:38:90:01:e0:
12:30:f7:a5:a0:3e:96:50:e0:1c:9a:07:67:59:11:25:a8:a1:
d4:56:11:31:a1:45:81:92:fa:08:4a:75:9e:01:28:1b:52:b7:
fe:ba:1e:62:a2:4d:a2:0e:5c:e8:e2:c5:fa:25:32:cb:4f:72:
00:63:1e:15:f5:ae:f5:71:04:f1:01:dd:54:4c:a3:d3:f4:ea:
50:1a:d8:cb:41:ed:9f:87:7b:d4:ca:97:d6:50:3b:93:a4:16:
7d:ea:28:91:d2:63:62:ee:35:fa:c1:e9:db:5c:92:e9:91:16:
28:ba:d6:94:62:66:59:95:9e:27:90:17:19:be:ab:2a:af:e5:
17:5d:9f:c4:cc:02:5a:4b:11:8f:1c:ed:fd:96:e9:4e:6e:5e:
ff:90:0d:75:d7:3f:54:cb:94:06:9d:c0:e8:b2:eb:e4:fe:63:
e3:b4:cd:a9:9a:aa:59:fd:72:65:75:5d:d7:95:e7:d3:7b:09:
ea:74:33:4d:cf:41:f1:98:08:0e:30:06:ec:b0:c7:4d:de:9d:
87:18:88:59:87:2c:ea:82:ed:91:09:83:50:29:8a:06:c6:29:
09:da:e1:b6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVx+iAQl/7A1OMk/4PkmBAdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YzM2MzNhY2JmNjNjMmVjYjEwMjA1YjliOTI1ODBhYmI0
ZWI4N2UwHhcNMjMwMTAyMTAxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2FlNzEyNTc5NWUxNWNkZGMyOGIxZTE1YjQ1N2IwZjY2ZWQ2ZTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuGMBydS8+rNhVUZiNVLvI9semnH
CqEMzuxv5ejBN6G/zfg5iwplgj7yKrVEpFXe81F5Z9ka9PaXNL4ler8MDDLvRWsR
xtz7Q3d71Ry0yNj9P67cS4zCTdr8UrWnsuRVoUvfEomE1rpne/pzBSI+NWy34+Gz
X/SD2viIpao+DLIGjPcdgBVLfKsF/U6fKj6Qokkv1fdd/LefN1r63Q3F2sMzlPRI
cGQcnnGA4OixuP5hiDqEN3OUAZUDI8c4RNoU+2VwMfnn8l603GRASg9EtF9EIFmv
T0Evb6f0yUmgM1zKR0vCDsP5SJuXiA3EW49JN8HF4qWMNPcFuShHszu2DwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEeucSV5XhXN3Cix4VtFew9m7W5JMB8GA1UdIwQY
MBaAFLnDYzrL9jwuyxAgW5uSWAq7Trh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWNOak9zdjJQQzdMRUNCYm01SllDcnRPdUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi8wY2QyZjMtMGY2YS00ZWFhLTk4NDUt
OTllY2E1NjUxMDIzLzEvUjY1eEpYbGVGYzNjS0xIaFcwVjdEMmJ0YmtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi8wY2QyZjMtMGY2YS00ZWFhLTk4NDUtOTllY2E1NjUxMDIz
LzEvdWNOak9zdjJQQzdMRUNCYm01SllDcnRPdUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhHNQBAA
MA0GCSqGSIb3DQEBCwUAA4IBAQA9WuF1zzRfF3K+bG1DTtZjCoxwxFtqUIDqrSRm
qjyzCTiQAeASMPeloD6WUOAcmgdnWRElqKHUVhExoUWBkvoISnWeASgbUrf+uh5i
ok2iDlzo4sX6JTLLT3IAYx4V9a71cQTxAd1UTKPT9OpQGtjLQe2fh3vUypfWUDuT
pBZ96iiR0mNi7jX6wenbXJLpkRYoutaUYmZZlZ4nkBcZvqsqr+UXXZ/EzAJaSxGP
HO39lulObl7/kA111z9Uy5QGncDosuvk/mPjtM2pmqpZ/XJldV3XlefTewnqdDNN
z0HxmAgOMAbssMdN3p2HGIhZhyzqgu2RCYNQKYoGxikJ2uG2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:21 2024 by rpki-client on console-fra.rpki-client.org