Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/emG7rQNixp_Q3NBb9b-8nir2q0A.roa
File: emG7rQNixp_Q3NBb9b-8nir2q0A.roa (raw, json)
Hash identifier: XQdZEIOYfDHMhy0NEBAlTIZ8yEp5K/I7tzUg1CRGRms=
Subject key identifier: 7A:61:BB:AD:03:62:C6:9F:D0:DC:D0:5B:F5:BF:BC:9E:2A:F6:AB:40
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 01856E8B50A0A98C638BC511A43AA0CE6DD9
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/emG7rQNixp_Q3NBb9b-8nir2q0A.roa
Signing time: Sun 01 Jan 2023 18:15:02 +0000
ROA not before: Sun 01 Jan 2023 18:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209562
IP address blocks: 2a09:9ac0::/48 maxlen: 48
2a09:95c0::/48 maxlen: 48
2a09:4f40::/48 maxlen: 48
2a09:9b40::/48 maxlen: 48
2a09:4fc0::/48 maxlen: 48
2a09:13c0::/48 maxlen: 48
2a09:5040::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:50:a0:a9:8c:63:8b:c5:11:a4:3a:a0:ce:6d:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 1 18:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7a61bbad0362c69fd0dcd05bf5bfbc9e2af6ab40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:09:50:6d:0f:a5:fc:7a:fc:2c:a9:d1:fa:a1:
2e:13:60:2b:3a:9d:07:ce:52:94:06:11:88:d9:57:
ac:64:60:f5:0e:b1:45:51:a1:06:20:53:40:27:c0:
03:92:c2:b3:f1:5a:29:36:a1:18:a1:dc:56:c7:3d:
b7:fc:17:e0:75:19:15:de:a2:b2:ba:6b:13:df:e2:
37:58:1d:d1:7b:1b:e3:a8:30:53:3f:23:1b:08:5a:
51:71:79:a3:0e:b0:86:68:5b:2a:76:aa:83:1d:51:
de:03:7e:9f:9f:19:70:af:38:54:44:53:78:1f:da:
db:dd:8d:a1:cb:0f:00:e9:79:f6:5d:8d:37:52:12:
23:4d:31:11:bb:c8:85:94:56:91:58:4c:c6:7f:ba:
4c:36:5f:4e:0a:46:18:b5:ca:c2:14:c9:3a:23:4b:
56:60:c4:c1:fe:fe:13:52:3e:0b:42:dd:e4:04:39:
3a:04:8e:fd:32:7f:06:7d:65:f0:b7:37:06:42:4e:
a2:92:40:ad:6c:3d:61:5f:17:f7:14:1c:9a:cf:e0:
cb:81:22:c3:32:81:98:dc:79:ee:43:6c:dd:b7:46:
cc:e9:0a:f1:c5:d6:82:fa:76:91:cc:54:50:d4:87:
03:a1:e6:06:db:1c:c0:2d:59:1d:cf:54:b5:60:9d:
bb:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:61:BB:AD:03:62:C6:9F:D0:DC:D0:5B:F5:BF:BC:9E:2A:F6:AB:40
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/emG7rQNixp_Q3NBb9b-8nir2q0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:13c0::/48
2a09:4f40::/48
2a09:4fc0::/48
2a09:5040::/48
2a09:95c0::/48
2a09:9ac0::/48
2a09:9b40::/48
Signature Algorithm: sha256WithRSAEncryption
07:3e:5d:3c:bd:1d:f4:34:37:59:9d:7b:b1:e9:c4:ba:a4:c1:
a3:4b:30:54:e1:bf:64:06:ab:40:f7:72:34:68:47:e5:d3:d3:
c5:10:9c:5c:a3:25:aa:b8:1e:5b:ba:39:f4:d1:23:81:2d:cf:
7d:b4:5c:a0:fb:ae:11:35:22:9d:79:70:9c:3e:b0:99:79:b5:
b2:9c:57:3d:49:1e:1c:68:87:9d:09:ed:3e:f5:79:10:dd:f0:
2e:1c:c9:24:cc:83:8a:37:e4:03:81:e4:e8:14:83:e5:06:d3:
1f:cd:de:0c:47:60:00:3a:bd:71:94:8e:63:87:f1:75:53:7b:
f9:75:39:07:0c:81:55:f7:b5:3e:e0:99:fc:7a:fc:c5:51:90:
cd:bc:f2:31:22:57:87:97:0f:56:fa:b4:be:79:75:6b:05:15:
f5:63:91:41:82:56:1b:7c:e6:48:71:d8:f4:b4:1c:18:d8:8a:
fb:ee:a3:5a:07:e2:5d:34:25:a2:0f:ae:f0:c7:77:3f:9a:a3:
e3:0a:bf:24:26:07:da:68:87:b7:ed:19:8a:2a:4e:ea:3c:e8:
3e:00:1b:31:14:81:56:84:9e:b1:83:46:c5:f3:94:81:19:56:
b1:61:16:69:39:89:99:b2:df:f0:ae:5a:63:35:42:7f:f0:1c:
ac:a9:25:d3
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVui1CgqYxji8URpDqgzm3ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwMTAxMTgxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTYxYmJhZDAzNjJjNjlmZDBkY2QwNWJmNWJmYmM5ZTJhZjZhYjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQlQbQ+l/Hr8LKnR+qEuE2ArOp0H
zlKUBhGI2VesZGD1DrFFUaEGIFNAJ8ADksKz8VopNqEYodxWxz23/BfgdRkV3qKy
umsT3+I3WB3RexvjqDBTPyMbCFpRcXmjDrCGaFsqdqqDHVHeA36fnxlwrzhURFN4
H9rb3Y2hyw8A6Xn2XY03UhIjTTERu8iFlFaRWEzGf7pMNl9OCkYYtcrCFMk6I0tW
YMTB/v4TUj4LQt3kBDk6BI79Mn8GfWXwtzcGQk6ikkCtbD1hXxf3FByaz+DLgSLD
MoGY3HnuQ2zdt0bM6QrxxdaC+naRzFRQ1IcDoeYG2xzALVkdz1S1YJ27dQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFHphu60DYsaf0NzQW/W/vJ4q9qtAMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvZW1HN3JRTml4cF9RM05CYjliLThuaXIycTBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwcAKgkTwAAA
AwcAKglPQAAAAwcAKglPwAAAAwcAKglQQAAAAwcAKgmVwAAAAwcAKgmawAAAAwcA
KgmbQAAAMA0GCSqGSIb3DQEBCwUAA4IBAQAHPl08vR30NDdZnXux6cS6pMGjSzBU
4b9kBqtA93I0aEfl09PFEJxcoyWquB5bujn00SOBLc99tFyg+64RNSKdeXCcPrCZ
ebWynFc9SR4caIedCe0+9XkQ3fAuHMkkzIOKN+QDgeToFIPlBtMfzd4MR2AAOr1x
lI5jh/F1U3v5dTkHDIFV97U+4Jn8evzFUZDNvPIxIleHlw9W+rS+eXVrBRX1Y5FB
glYbfOZIcdj0tBwY2Ir77qNaB+JdNCWiD67wx3c/mqPjCr8kJgfaaIe37RmKKk7q
POg+ABsxFIFWhJ6xg0bF85SBGVaxYRZpOYmZst/wrlpjNUJ/8BysqSXT
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:20:17 2024 by rpki-client on console-fra.rpki-client.org