Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/a45e7e-5dc3-49d3-aa3f-367e170e7128/1/XwCt9orWcAnYbXZHC80x83P96-E.roa
File: XwCt9orWcAnYbXZHC80x83P96-E.roa (raw, json)
Hash identifier: WWV7jMKP7Qdo6BUvw6Zbzz5h4A4nw2fY5sxlpDB/PYs=
Subject key identifier: 5F:00:AD:F6:8A:D6:70:09:D8:6D:76:47:0B:CD:31:F3:73:FD:EB:E1
Certificate issuer: /CN=601ddc60799263ffb9bd0e5eeb0872843dee6a72
Certificate serial: 018CB11515A193337A905B54CFBA4CCBBE6F
Authority key identifier: 60:1D:DC:60:79:92:63:FF:B9:BD:0E:5E:EB:08:72:84:3D:EE:6A:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YB3cYHmSY_-5vQ5e6whyhD3uanI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/a45e7e-5dc3-49d3-aa3f-367e170e7128/1/XwCt9orWcAnYbXZHC80x83P96-E.roa
Signing time: Thu 28 Dec 2023 15:39:58 +0000
ROA not before: Thu 28 Dec 2023 15:39:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 2a09:2340::/29 maxlen: 128
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b1:15:15:a1:93:33:7a:90:5b:54:cf:ba:4c:cb:be:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=601ddc60799263ffb9bd0e5eeb0872843dee6a72
Validity
Not Before: Dec 28 15:39:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f00adf68ad67009d86d76470bcd31f373fdebe1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:67:9c:19:1b:5d:b8:90:a1:42:7c:22:12:a9:
7f:5f:5a:4c:9e:07:3e:f0:3d:1c:fd:f3:0e:02:34:
7a:74:18:ad:85:b7:b5:ba:a4:d5:a9:00:0a:f7:30:
db:c8:47:9c:7c:8f:fa:c4:c8:f9:a4:27:7b:81:e2:
8b:ff:fb:7f:92:b2:29:4d:9a:76:74:4d:19:91:f6:
fa:be:ea:ec:ad:43:5d:83:30:36:20:94:70:96:b0:
35:3d:23:99:68:64:b0:17:3f:83:a9:16:75:9e:c5:
10:a2:c7:11:c2:df:42:06:03:8b:b7:3a:e8:cd:91:
0f:08:21:8d:e4:52:33:13:55:44:41:a4:ce:70:ef:
b7:8d:3e:65:54:ae:a4:d7:7c:96:fb:9f:80:1f:a9:
56:82:e2:73:08:ff:62:b6:dd:6c:eb:bb:94:3f:72:
13:3f:84:b9:18:1a:25:c6:72:85:8a:be:04:6d:c6:
5e:5d:13:e0:fe:6c:6a:9e:df:27:16:14:61:7f:cc:
22:12:09:5e:3c:fc:de:0d:12:42:b8:48:1b:b1:4b:
a1:03:c9:e7:a2:ab:0c:6a:9d:b8:9b:fd:bf:b2:8d:
fa:cb:78:a4:f1:91:2c:2d:20:84:8e:f1:85:65:bf:
c9:8d:27:3e:a0:99:62:02:0e:95:bd:fb:2b:9e:df:
9a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:00:AD:F6:8A:D6:70:09:D8:6D:76:47:0B:CD:31:F3:73:FD:EB:E1
X509v3 Authority Key Identifier:
keyid:60:1D:DC:60:79:92:63:FF:B9:BD:0E:5E:EB:08:72:84:3D:EE:6A:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YB3cYHmSY_-5vQ5e6whyhD3uanI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/a45e7e-5dc3-49d3-aa3f-367e170e7128/1/XwCt9orWcAnYbXZHC80x83P96-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/a45e7e-5dc3-49d3-aa3f-367e170e7128/1/YB3cYHmSY_-5vQ5e6whyhD3uanI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:2340::/29
Signature Algorithm: sha256WithRSAEncryption
49:c1:b9:7f:6e:92:73:c3:11:4c:c0:69:83:99:ef:f2:12:bb:
c3:a1:cc:c7:8c:41:74:aa:f4:b8:87:f0:f3:87:83:c4:a3:e0:
67:d0:51:b5:f0:d2:e5:bc:1e:4d:6c:8f:c1:f2:a7:20:98:53:
b0:12:53:52:90:df:10:22:83:d9:4c:ac:e7:58:08:e0:86:ad:
3d:36:f9:b7:0f:dd:f8:86:7a:a4:a5:1c:cd:cd:08:c6:12:b5:
fd:42:3f:8b:12:99:1e:e2:53:6e:00:b4:ea:35:ba:83:de:95:
22:33:a5:f3:03:4f:74:a1:26:2c:e8:61:87:82:fa:79:8f:24:
7d:32:72:79:0b:03:b0:99:03:6d:6a:1f:38:8a:35:31:25:ee:
b1:57:47:f9:e9:8c:dc:89:f6:2d:b6:42:13:a0:1b:53:1f:ba:
6e:eb:07:22:00:c9:71:e2:e4:29:38:fe:19:80:14:ce:09:15:
e3:be:a6:1d:61:80:88:f3:45:1d:ba:60:d9:5f:ec:1a:7c:8e:
dc:56:d4:41:62:ff:dd:7e:20:25:ed:15:52:46:08:a2:49:52:
57:1f:4c:1e:1b:ef:91:40:f0:47:66:34:77:ec:80:1e:48:fb:
95:dd:49:56:c2:f8:92:7f:31:de:10:27:08:b6:22:42:38:d2:
a6:38:b1:53
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYyxFRWhkzN6kFtUz7pMy75vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMWRkYzYwNzk5MjYzZmZiOWJkMGU1ZWViMDg3Mjg0M2Rl
ZTZhNzIwHhcNMjMxMjI4MTUzOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjAwYWRmNjhhZDY3MDA5ZDg2ZDc2NDcwYmNkMzFmMzczZmRlYmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA82ecGRtduJChQnwiEql/X1pMngc+
8D0c/fMOAjR6dBithbe1uqTVqQAK9zDbyEecfI/6xMj5pCd7geKL//t/krIpTZp2
dE0Zkfb6vursrUNdgzA2IJRwlrA1PSOZaGSwFz+DqRZ1nsUQoscRwt9CBgOLtzro
zZEPCCGN5FIzE1VEQaTOcO+3jT5lVK6k13yW+5+AH6lWguJzCP9itt1s67uUP3IT
P4S5GBolxnKFir4EbcZeXRPg/mxqnt8nFhRhf8wiEglePPzeDRJCuEgbsUuhA8nn
oqsMap24m/2/so36y3ik8ZEsLSCEjvGFZb/JjSc+oJliAg6Vvfsrnt+aGwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFF8ArfaK1nAJ2G12RwvNMfNz/evhMB8GA1UdIwQY
MBaAFGAd3GB5kmP/ub0OXusIcoQ97mpyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUIzY1lIbVNZXy01dlE1ZTZ3aHloRDN1YW5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9hNDVlN2UtNWRjMy00OWQzLWFhM2Yt
MzY3ZTE3MGU3MTI4LzEvWHdDdDlvcldjQW5ZYlhaSEM4MHg4M1A5Ni1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9hNDVlN2UtNWRjMy00OWQzLWFhM2YtMzY3ZTE3MGU3MTI4
LzEvWUIzY1lIbVNZXy01dlE1ZTZ3aHloRDN1YW5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgkjQDAN
BgkqhkiG9w0BAQsFAAOCAQEAScG5f26Sc8MRTMBpg5nv8hK7w6HMx4xBdKr0uIfw
84eDxKPgZ9BRtfDS5bweTWyPwfKnIJhTsBJTUpDfECKD2Uys51gI4IatPTb5tw/d
+IZ6pKUczc0IxhK1/UI/ixKZHuJTbgC06jW6g96VIjOl8wNPdKEmLOhhh4L6eY8k
fTJyeQsDsJkDbWofOIo1MSXusVdH+emM3In2LbZCE6AbUx+6busHIgDJceLkKTj+
GYAUzgkV476mHWGAiPNFHbpg2V/sGnyO3FbUQWL/3X4gJe0VUkYIoklSVx9MHhvv
kUDwR2Y0d+yAHkj7ld1JVsL4kn8x3hAnCLYiQjjSpjixUw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:24 2024 by rpki-client on console-fra.rpki-client.org