Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/ed1b84-b8c5-4766-882d-18e84e747d22/1/_nkK3NIz-IyT33rrlsOuGis4j6U.roa
File: _nkK3NIz-IyT33rrlsOuGis4j6U.roa (raw, json)
Hash identifier: honMZU1MwQz48Z6eK1P3lsRTaaaMwB55SmRlPe4cR1o=
Subject key identifier: FE:79:0A:DC:D2:33:F8:8C:93:DF:7A:EB:96:C3:AE:1A:2B:38:8F:A5
Certificate issuer: /CN=eebb4c0b4af615c85a3cdcded4b7ebb666311b48
Certificate serial: 01856B93462FFFAAE10A63076E415CEC8020
Authority key identifier: EE:BB:4C:0B:4A:F6:15:C8:5A:3C:DC:DE:D4:B7:EB:B6:66:31:1B:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rtMC0r2FchaPNze1LfrtmYxG0g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/ed1b84-b8c5-4766-882d-18e84e747d22/1/_nkK3NIz-IyT33rrlsOuGis4j6U.roa
Signing time: Sun 01 Jan 2023 04:24:51 +0000
ROA not before: Sun 01 Jan 2023 04:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204911
IP address blocks: 2001:678:a40::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:93:46:2f:ff:aa:e1:0a:63:07:6e:41:5c:ec:80:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebb4c0b4af615c85a3cdcded4b7ebb666311b48
Validity
Not Before: Jan 1 04:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe790adcd233f88c93df7aeb96c3ae1a2b388fa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a2:7b:1c:ef:70:91:84:db:b0:8a:0d:98:29:
07:3b:3f:70:74:00:ae:d7:63:62:8a:7c:7a:1a:f5:
15:2b:f6:9b:33:61:b1:b6:0a:9a:3a:ab:4c:5f:a4:
88:7e:d5:8d:a1:67:a9:1a:0e:5e:d4:0b:e4:a3:02:
01:a4:25:d2:fd:4f:f7:fe:ce:e0:1a:49:e2:74:91:
ba:2b:32:37:38:be:f1:ef:74:08:ec:2a:79:98:7a:
6f:cd:fd:6c:da:3b:54:91:91:6d:24:14:d1:c3:0d:
59:2f:3a:95:67:1d:dd:a2:4a:ff:d8:e4:a2:06:b3:
77:d9:f3:9d:e2:0b:19:80:ae:fb:10:3b:f7:89:68:
6e:84:42:4d:57:7f:53:5c:fa:48:ae:44:77:04:fa:
5e:4e:75:a9:8b:0e:61:8d:3c:0d:06:16:05:88:8d:
b5:e9:e7:32:7b:fc:3f:0e:71:ec:ce:f1:37:2c:e1:
f2:7b:31:bb:12:aa:fa:ee:db:48:39:3b:a8:79:06:
f8:6e:c5:da:7b:00:81:b0:d8:f3:e6:b3:79:0c:75:
5a:40:7f:d4:44:d4:f1:2d:64:fc:ce:53:5f:09:6e:
62:53:fb:b8:46:d2:bf:6b:f6:f7:59:0c:75:cb:88:
c4:52:d0:53:1f:f9:64:83:99:1c:1b:5b:97:f7:f6:
46:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:79:0A:DC:D2:33:F8:8C:93:DF:7A:EB:96:C3:AE:1A:2B:38:8F:A5
X509v3 Authority Key Identifier:
keyid:EE:BB:4C:0B:4A:F6:15:C8:5A:3C:DC:DE:D4:B7:EB:B6:66:31:1B:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rtMC0r2FchaPNze1LfrtmYxG0g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ed1b84-b8c5-4766-882d-18e84e747d22/1/_nkK3NIz-IyT33rrlsOuGis4j6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ed1b84-b8c5-4766-882d-18e84e747d22/1/7rtMC0r2FchaPNze1LfrtmYxG0g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:a40::/48
Signature Algorithm: sha256WithRSAEncryption
70:49:4c:b2:17:6c:17:2d:e6:f8:66:99:3d:f5:97:74:96:1b:
b8:b2:14:cf:06:6e:dd:04:99:f9:74:d2:8e:1b:3e:69:e4:1c:
89:e8:ee:3b:7b:bd:0f:c4:68:49:7a:7a:25:04:e9:49:6e:cd:
5f:7d:29:82:ad:72:a0:6e:a4:03:2e:bc:3c:e7:b6:bb:67:b9:
32:cf:f7:ce:d3:1b:69:0f:2c:7c:99:4e:b8:ef:59:d3:04:d0:
8d:24:04:85:5f:4a:40:e6:d0:3a:51:6d:c9:50:52:aa:02:4f:
c7:f7:50:0f:62:65:09:9b:1c:70:b3:13:3b:a1:0f:f7:86:b7:
b5:4f:5d:15:6a:2f:ce:cb:52:9a:75:d3:43:57:0a:e5:f5:6a:
f8:8c:8e:ab:7d:a7:7e:b7:25:95:b0:db:dd:ac:4f:b2:d7:11:
64:17:e6:56:9d:d8:3d:ee:89:14:5c:27:8f:13:2d:a7:82:f9:
f1:7e:dd:ad:53:49:b9:3e:77:2a:3e:57:79:1a:0c:01:2a:be:
89:06:69:ab:f9:56:5e:8d:7a:d0:64:31:77:9a:69:b2:ad:f0:
4c:85:a8:fb:df:6d:1b:f5:53:59:7e:8f:c1:ee:32:64:20:ab:
48:a5:c1:67:12:c4:31:86:73:8a:20:a7:cc:be:e9:7e:88:9a:
ad:26:24:a1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVrk0Yv/6rhCmMHbkFc7IAgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmI0YzBiNGFmNjE1Yzg1YTNjZGNkZWQ0YjdlYmI2NjYz
MTFiNDgwHhcNMjMwMTAxMDQyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTc5MGFkY2QyMzNmODhjOTNkZjdhZWI5NmMzYWUxYTJiMzg4ZmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKJ7HO9wkYTbsIoNmCkHOz9wdACu
12Niinx6GvUVK/abM2GxtgqaOqtMX6SIftWNoWepGg5e1AvkowIBpCXS/U/3/s7g
GknidJG6KzI3OL7x73QI7Cp5mHpvzf1s2jtUkZFtJBTRww1ZLzqVZx3dokr/2OSi
BrN32fOd4gsZgK77EDv3iWhuhEJNV39TXPpIrkR3BPpeTnWpiw5hjTwNBhYFiI21
6ecye/w/DnHszvE3LOHyezG7Eqr67ttIOTuoeQb4bsXaewCBsNjz5rN5DHVaQH/U
RNTxLWT8zlNfCW5iU/u4RtK/a/b3WQx1y4jEUtBTH/lkg5kcG1uX9/ZGJQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFP55CtzSM/iMk99665bDrhorOI+lMB8GA1UdIwQY
MBaAFO67TAtK9hXIWjzc3tS367ZmMRtIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J0TUMwcjJGY2hhUE56ZTFMZnJ0bVl4RzBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9lZDFiODQtYjhjNS00NzY2LTg4MmQt
MThlODRlNzQ3ZDIyLzEvX25rSzNOSXotSXlUMzNycmxzT3VHaXM0ajZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9lZDFiODQtYjhjNS00NzY2LTg4MmQtMThlODRlNzQ3ZDIy
LzEvN3J0TUMwcjJGY2hhUE56ZTFMZnJ0bVl4RzBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeApA
MA0GCSqGSIb3DQEBCwUAA4IBAQBwSUyyF2wXLeb4Zpk99Zd0lhu4shTPBm7dBJn5
dNKOGz5p5ByJ6O47e70PxGhJenolBOlJbs1ffSmCrXKgbqQDLrw857a7Z7kyz/fO
0xtpDyx8mU6471nTBNCNJASFX0pA5tA6UW3JUFKqAk/H91APYmUJmxxwsxM7oQ/3
hre1T10Vai/Oy1KaddNDVwrl9Wr4jI6rfad+tyWVsNvdrE+y1xFkF+ZWndg97okU
XCePEy2ngvnxft2tU0m5PncqPld5GgwBKr6JBmmr+VZejXrQZDF3mmmyrfBMhaj7
320b9VNZfo/B7jJkIKtIpcFnEsQxhnOKIKfMvul+iJqtJiSh
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:27 2024 by rpki-client on console-fra.rpki-client.org