Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/IPN2K1xs2tv8krLrJNOAhqlYdLM.roa
File: IPN2K1xs2tv8krLrJNOAhqlYdLM.roa (raw, json)
Hash identifier: 6WOrgOgM0bm5rhcmjpttGyy8JasTrlUo7ww5MzWT8fM=
Subject key identifier: 20:F3:76:2B:5C:6C:DA:DB:FC:92:B2:EB:24:D3:80:86:A9:58:74:B3
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 01856E8B49643BF817D7DC4DE32B3FBBFF17
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/IPN2K1xs2tv8krLrJNOAhqlYdLM.roa
Signing time: Sun 01 Jan 2023 18:14:59 +0000
ROA not before: Sun 01 Jan 2023 18:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50007
IP address blocks: 2a09:f180::/48 maxlen: 48
2a09:98c0::/48 maxlen: 48
2a09:9940::/48 maxlen: 48
2a09:4040::/48 maxlen: 48
2a09:1140::/48 maxlen: 48
2a06:3b00::/48 maxlen: 48
2a09:6a80::/48 maxlen: 48
2a09:40c0::/48 maxlen: 48
2a09:9740::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:49:64:3b:f8:17:d7:dc:4d:e3:2b:3f:bb:ff:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 1 18:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20f3762b5c6cdadbfc92b2eb24d38086a95874b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:0c:00:ba:af:e6:95:af:f8:a1:03:91:fc:66:
05:02:54:57:76:31:9d:1d:15:46:f6:44:68:53:04:
8e:04:8c:11:90:1d:bf:c6:b8:21:48:32:09:83:95:
43:33:72:84:04:82:0b:2c:0b:d8:de:22:0d:aa:05:
ed:d7:e2:1a:73:69:d3:27:67:39:62:ce:1f:9f:d6:
ff:31:37:2f:a4:d4:d0:aa:47:83:8c:0c:9d:55:3b:
6d:4d:28:ad:7f:74:16:2d:14:be:5c:79:8b:23:be:
9d:07:1f:27:33:ca:05:90:9f:72:9e:dc:34:a2:92:
d8:0a:79:b4:68:e2:7f:1f:f7:c2:b1:7b:59:91:e6:
a9:45:07:fe:16:79:a0:62:dc:ec:87:94:3b:07:f7:
60:c5:8e:23:a6:67:7c:f5:79:4d:cc:82:f1:79:74:
9c:b5:19:fe:46:31:35:39:1e:b5:d6:2f:e5:63:b6:
b2:48:e1:5e:76:5e:ea:15:bf:66:7b:26:28:17:03:
62:7a:4f:ea:4d:6d:7a:09:9f:24:9f:94:ff:d5:d2:
0f:c1:04:ab:e1:e3:66:38:4d:22:0f:d1:76:b3:bf:
9f:69:52:9d:77:aa:73:3d:4a:47:8c:bb:cf:d4:f5:
18:43:77:26:59:0c:0d:d4:5d:60:56:c9:50:81:da:
0d:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:F3:76:2B:5C:6C:DA:DB:FC:92:B2:EB:24:D3:80:86:A9:58:74:B3
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/IPN2K1xs2tv8krLrJNOAhqlYdLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:3b00::/48
2a09:1140::/48
2a09:4040::/48
2a09:40c0::/48
2a09:6a80::/48
2a09:9740::/48
2a09:98c0::/48
2a09:9940::/48
2a09:f180::/48
Signature Algorithm: sha256WithRSAEncryption
c3:83:3e:6a:31:e1:61:4d:fd:6e:2a:a5:69:87:fc:d7:d8:b4:
30:8b:41:6d:43:1d:71:cc:cd:82:0d:57:aa:53:3f:fa:33:f9:
1f:82:39:3b:09:81:07:92:9e:19:96:e5:b2:e1:32:93:a3:f1:
92:0a:42:1a:fa:dd:3f:b4:b9:0b:df:4a:c3:65:00:ef:c3:56:
f3:0c:95:f5:e4:24:35:db:c0:53:ad:09:86:d4:ed:e1:42:46:
cf:5e:83:07:d8:d4:82:16:e5:98:b0:9e:3b:6e:fe:46:33:a6:
2c:17:48:79:e0:dc:7e:8a:90:96:5c:46:5f:15:cb:0e:d6:0e:
0e:fb:6c:07:c5:f2:dc:8f:2b:56:c7:f6:64:3f:56:61:7e:0d:
fb:db:4a:1a:e0:6b:2e:fa:ea:53:26:a0:ea:9c:fd:a5:45:1e:
89:f3:58:60:60:e4:c3:fb:ef:57:73:c5:82:2e:3c:56:7d:4d:
ff:71:9b:d4:f6:24:ac:b6:2e:dd:cf:c4:9f:27:dd:0b:9c:74:
64:e3:d5:b4:6b:d9:3c:93:75:30:c8:71:2a:0b:91:ef:27:f8:
1f:bb:1a:8c:1e:85:e9:cd:d0:41:49:4a:bf:8d:58:4a:02:e9:
49:50:31:b6:fd:5e:4f:e4:21:78:ae:5c:ed:ba:47:04:7b:82:
f6:b6:f4:c4
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYVui0lkO/gX19xN4ys/u/8XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwMTAxMTgxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGYzNzYyYjVjNmNkYWRiZmM5MmIyZWIyNGQzODA4NmE5NTg3NGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAwAuq/mla/4oQOR/GYFAlRXdjGd
HRVG9kRoUwSOBIwRkB2/xrghSDIJg5VDM3KEBIILLAvY3iINqgXt1+Iac2nTJ2c5
Ys4fn9b/MTcvpNTQqkeDjAydVTttTSitf3QWLRS+XHmLI76dBx8nM8oFkJ9yntw0
opLYCnm0aOJ/H/fCsXtZkeapRQf+FnmgYtzsh5Q7B/dgxY4jpmd89XlNzILxeXSc
tRn+RjE1OR611i/lY7aySOFedl7qFb9meyYoFwNiek/qTW16CZ8kn5T/1dIPwQSr
4eNmOE0iD9F2s7+faVKdd6pzPUpHjLvP1PUYQ3cmWQwN1F1gVslQgdoNYQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFCDzditcbNrb/JKy6yTTgIapWHSzMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvSVBOMksxeHMydHY4a3JMckpOT0FocWxZZExNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBXBAIAAjBRAwcAKgY7AAAA
AwcAKgkRQAAAAwcAKglAQAAAAwcAKglAwAAAAwcAKglqgAAAAwcAKgmXQAAAAwcA
KgmYwAAAAwcAKgmZQAAAAwcAKgnxgAAAMA0GCSqGSIb3DQEBCwUAA4IBAQDDgz5q
MeFhTf1uKqVph/zX2LQwi0FtQx1xzM2CDVeqUz/6M/kfgjk7CYEHkp4ZluWy4TKT
o/GSCkIa+t0/tLkL30rDZQDvw1bzDJX15CQ128BTrQmG1O3hQkbPXoMH2NSCFuWY
sJ47bv5GM6YsF0h54Nx+ipCWXEZfFcsO1g4O+2wHxfLcjytWx/ZkP1Zhfg3720oa
4Gsu+upTJqDqnP2lRR6J81hgYOTD++9Xc8WCLjxWfU3/cZvU9iSsti7dz8SfJ90L
nHRk49W0a9k8k3UwyHEqC5HvJ/gfuxqMHoXpzdBBSUq/jVhKAulJUDG2/V5P5CF4
rlztukcEe4L2tvTE
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:03 2024 by rpki-client on console-ams.rpki-client.org