Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/cd0b2c-29e2-4737-9eb7-8cd55b03d22d/1/1c3jZ3e1HfNx20iueba485UWxxI.roa
File: 1c3jZ3e1HfNx20iueba485UWxxI.roa (raw, json)
Hash identifier: BeyBoUmE57rB/4gUFsb7i95SYw+FXwbNbFNfxPHWm0U=
Subject key identifier: D5:CD:E3:67:77:B5:1D:F3:71:DB:48:AE:79:B6:B8:F3:95:16:C7:12
Certificate issuer: /CN=cfc7ef2b766594892d78928cbe781779fdce67d0
Certificate serial: 01856F5DF376B2A4010AC5D103F97ACE269F
Authority key identifier: CF:C7:EF:2B:76:65:94:89:2D:78:92:8C:BE:78:17:79:FD:CE:67:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z8fvK3ZllIkteJKMvngXef3OZ9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/cd0b2c-29e2-4737-9eb7-8cd55b03d22d/1/1c3jZ3e1HfNx20iueba485UWxxI.roa
Signing time: Sun 01 Jan 2023 22:05:06 +0000
ROA not before: Sun 01 Jan 2023 22:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3097
IP address blocks: 2a02:6a0:ffe::/48 maxlen: 48
2a02:6a0:fff::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:f3:76:b2:a4:01:0a:c5:d1:03:f9:7a:ce:26:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfc7ef2b766594892d78928cbe781779fdce67d0
Validity
Not Before: Jan 1 22:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5cde36777b51df371db48ae79b6b8f39516c712
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0d:4b:12:23:c4:9c:a7:13:b6:44:2b:61:b1:
9a:91:95:e6:40:4c:2b:a9:99:82:a3:aa:86:63:52:
a6:bc:be:e3:ae:62:4e:54:a2:ba:7e:f2:53:21:5d:
6f:cc:0e:44:b9:94:7b:7b:91:e3:8f:00:a1:c4:c7:
f6:26:db:8c:12:18:3f:2d:73:c4:3e:6b:ed:40:44:
4e:0f:d5:5c:59:99:13:42:2d:c2:c3:3a:4f:7f:85:
4a:f1:17:c2:d7:f8:22:a5:c4:42:6d:c4:fc:30:22:
98:66:e8:dc:21:05:0b:39:9d:99:56:3f:f4:00:20:
1c:4a:84:1c:b5:40:69:e0:94:20:b7:a4:19:43:f1:
da:f4:96:49:89:a7:65:c6:55:64:54:87:d3:ac:de:
17:da:c2:75:67:09:07:96:7d:6b:2f:99:cc:cb:a0:
2e:c2:a0:45:a1:62:6c:41:98:10:0a:a7:9a:80:56:
09:b9:ff:74:19:db:b4:85:e4:2e:d5:95:8f:7c:f8:
29:d5:07:f1:30:c5:fa:a5:4a:be:8a:ce:2b:a2:d9:
62:6d:67:e6:30:51:63:a1:a1:4b:a4:08:9c:67:b9:
1c:be:4e:da:ec:f0:97:d3:6b:c2:bf:44:3e:fd:94:
03:34:09:39:9a:9d:0b:c6:c6:f4:4f:6e:1e:23:72:
7d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:CD:E3:67:77:B5:1D:F3:71:DB:48:AE:79:B6:B8:F3:95:16:C7:12
X509v3 Authority Key Identifier:
keyid:CF:C7:EF:2B:76:65:94:89:2D:78:92:8C:BE:78:17:79:FD:CE:67:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z8fvK3ZllIkteJKMvngXef3OZ9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/cd0b2c-29e2-4737-9eb7-8cd55b03d22d/1/1c3jZ3e1HfNx20iueba485UWxxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/cd0b2c-29e2-4737-9eb7-8cd55b03d22d/1/z8fvK3ZllIkteJKMvngXef3OZ9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:6a0:ffe::/47
Signature Algorithm: sha256WithRSAEncryption
53:d4:b2:dd:9b:9c:89:5b:5b:ee:90:09:24:f2:17:fd:f8:26:
b9:eb:e8:75:23:dd:3f:d6:88:1c:47:67:ca:95:07:56:a5:d5:
c0:d5:ca:0c:30:84:51:fc:6d:3c:c5:80:06:2c:29:81:4b:61:
a7:1b:7f:ba:bf:2d:67:e4:d2:d3:81:f3:57:a0:a5:dc:02:7d:
db:7f:f9:7d:28:45:5c:76:67:10:f3:57:61:0c:5e:d8:1a:63:
c0:04:cf:a7:d3:67:60:cb:bc:1c:cb:d1:84:85:71:6e:4f:5e:
d8:09:fe:3d:a1:b5:46:5a:ab:f1:86:25:e6:cd:77:4c:ba:ee:
2e:dd:a4:e6:4d:bc:09:b3:a2:22:e9:93:2b:a1:90:03:78:0e:
bf:c0:85:3a:e0:81:de:5a:b8:be:b3:60:3c:69:f3:24:71:af:
57:3c:6b:f2:27:48:f9:a0:31:42:6a:83:83:9d:8c:93:48:63:
5b:3a:ba:7b:af:de:0c:69:19:d6:61:d4:c7:55:ed:cf:7d:e3:
b1:10:24:c2:16:f0:9b:76:76:49:59:d7:99:e9:48:b0:ab:b0:
3e:a5:b7:9b:63:de:01:7b:92:ab:8b:96:bc:29:4d:c6:2f:88:
94:59:16:43:83:a3:a5:b6:3a:ed:62:ac:30:f7:e9:e8:cc:0a:
ea:25:5d:13
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvXfN2sqQBCsXRA/l6ziafMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYzdlZjJiNzY2NTk0ODkyZDc4OTI4Y2JlNzgxNzc5ZmRj
ZTY3ZDAwHhcNMjMwMTAxMjIwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWNkZTM2Nzc3YjUxZGYzNzFkYjQ4YWU3OWI2YjhmMzk1MTZjNzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArA1LEiPEnKcTtkQrYbGakZXmQEwr
qZmCo6qGY1KmvL7jrmJOVKK6fvJTIV1vzA5EuZR7e5HjjwChxMf2JtuMEhg/LXPE
PmvtQEROD9VcWZkTQi3CwzpPf4VK8RfC1/gipcRCbcT8MCKYZujcIQULOZ2ZVj/0
ACAcSoQctUBp4JQgt6QZQ/Ha9JZJiadlxlVkVIfTrN4X2sJ1ZwkHln1rL5nMy6Au
wqBFoWJsQZgQCqeagFYJuf90Gdu0heQu1ZWPfPgp1QfxMMX6pUq+is4rotlibWfm
MFFjoaFLpAicZ7kcvk7a7PCX02vCv0Q+/ZQDNAk5mp0Lxsb0T24eI3J9/QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNXN42d3tR3zcdtIrnm2uPOVFscSMB8GA1UdIwQY
MBaAFM/H7yt2ZZSJLXiSjL54F3n9zmfQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejhmdkszWmxsSWt0ZUpLTXZuZ1hlZjNPWjlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9jZDBiMmMtMjllMi00NzM3LTllYjct
OGNkNTViMDNkMjJkLzEvMWMzalozZTFIZk54MjBpdWViYTQ4NVVXeHhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9jZDBiMmMtMjllMi00NzM3LTllYjctOGNkNTViMDNkMjJk
LzEvejhmdkszWmxsSWt0ZUpLTXZuZ1hlZjNPWjlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKgIGoA/+
MA0GCSqGSIb3DQEBCwUAA4IBAQBT1LLdm5yJW1vukAkk8hf9+Ca56+h1I90/1ogc
R2fKlQdWpdXA1coMMIRR/G08xYAGLCmBS2GnG3+6vy1n5NLTgfNXoKXcAn3bf/l9
KEVcdmcQ81dhDF7YGmPABM+n02dgy7wcy9GEhXFuT17YCf49obVGWqvxhiXmzXdM
uu4u3aTmTbwJs6Ii6ZMroZADeA6/wIU64IHeWri+s2A8afMkca9XPGvyJ0j5oDFC
aoODnYyTSGNbOrp7r94MaRnWYdTHVe3PfeOxECTCFvCbdnZJWdeZ6Uiwq7A+pbeb
Y94Be5Kri5a8KU3GL4iUWRZDg6OltjrtYqww9+nozArqJV0T
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:35 2024 by rpki-client on console-fra.rpki-client.org