Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/M-2Blqu_rKJCQzP6ZUzYoHmsggE.roa
File: M-2Blqu_rKJCQzP6ZUzYoHmsggE.roa (raw, json)
Hash identifier: x/em9YsqNRzVNhrob5rMQ5R5xgTHFQqu2LoFCUOTwCU=
Subject key identifier: 33:ED:81:96:AB:BF:AC:A2:42:43:33:FA:65:4C:D8:A0:79:AC:82:01
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01857102F97CD77696829E92800AD78B3923
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/M-2Blqu_rKJCQzP6ZUzYoHmsggE.roa
Signing time: Mon 02 Jan 2023 05:44:58 +0000
ROA not before: Mon 02 Jan 2023 05:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5511
IP address blocks: 2a0b:64c1::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:f9:7c:d7:76:96:82:9e:92:80:0a:d7:8b:39:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 2 05:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=33ed8196abbfaca2424333fa654cd8a079ac8201
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:37:b9:c5:81:d0:62:3e:a5:33:49:de:bd:b4:
8f:c7:d4:6e:52:02:86:1e:bb:cf:94:04:30:c5:2b:
5a:1d:ef:70:40:9a:98:e5:aa:57:65:d9:ae:eb:59:
f3:0f:36:8d:f5:c0:c2:31:ba:d4:bf:21:ef:da:1e:
0c:77:5d:86:28:f5:fd:38:04:1a:b1:b1:ab:b5:e7:
2c:64:15:bb:34:13:17:77:9e:f0:cb:1e:64:d8:fd:
0e:f4:99:66:ea:f0:b6:fb:49:fa:35:79:27:9e:7a:
5a:e7:9d:55:59:32:43:15:44:13:45:ed:31:95:4d:
4c:4c:75:de:7a:5c:de:47:06:ca:36:61:e4:fc:4b:
53:01:95:b4:9c:be:4a:d9:34:85:a7:bb:97:40:e6:
cd:59:0b:2f:62:de:62:17:27:57:41:fb:08:39:67:
7e:b8:58:84:11:89:32:ae:f2:03:f9:1d:80:fc:a5:
be:f4:36:aa:2f:2e:fc:ef:08:92:f1:85:19:6e:00:
26:01:9a:3f:e8:ee:95:ec:38:97:94:a0:89:ee:c5:
42:3f:74:d4:90:3d:27:90:ad:68:c2:cb:3d:ad:6b:
36:d5:09:c4:09:d1:35:e0:6f:9a:42:3f:51:ab:60:
d7:7d:08:3d:6b:1a:bb:e7:93:7a:2c:d1:39:70:3a:
80:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:ED:81:96:AB:BF:AC:A2:42:43:33:FA:65:4C:D8:A0:79:AC:82:01
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/M-2Blqu_rKJCQzP6ZUzYoHmsggE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:64c1::/32
Signature Algorithm: sha256WithRSAEncryption
03:a5:22:54:5d:22:f0:31:b5:e4:f4:a3:b8:9c:51:81:55:7f:
d3:0a:95:6a:ba:d6:c4:85:71:7c:7d:59:79:da:f8:7e:8b:b3:
c8:30:7a:66:a6:a4:48:30:10:69:69:1b:de:55:26:ad:ab:f4:
77:79:0b:b6:be:84:75:d8:76:b1:2c:3f:d3:75:6c:aa:7c:2e:
0f:58:dc:35:af:97:d3:c6:2c:e6:aa:ae:73:04:8c:6b:40:1f:
95:80:e2:c1:34:1a:89:17:40:0f:2b:44:69:2c:7e:c7:ee:7b:
6e:53:e3:5b:ee:f9:b4:39:dc:87:96:cd:a8:f3:78:73:0e:50:
27:87:73:55:05:c6:17:dc:71:ff:85:3f:59:2c:f3:fd:fa:c3:
f2:2e:c3:19:65:bd:b3:01:52:ea:b7:0c:ec:b1:7a:21:22:59:
98:11:ae:9b:c7:0c:47:0a:e7:cb:bb:1e:41:57:03:62:3d:15:
67:ab:d3:99:24:3a:02:18:29:62:1c:70:00:d6:6d:a0:f6:12:
21:4b:01:fc:a1:fc:c8:cc:66:5a:f3:c9:27:29:d9:49:1f:7e:
1e:0e:35:08:2b:c7:77:20:e1:5b:35:7c:2a:30:1c:d1:12:b0:
5a:4e:13:c6:1a:a3:72:bd:92:92:6a:8a:21:6e:bc:66:db:2c:
fe:be:9f:63
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVxAvl813aWgp6SgArXizkjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2VkODE5NmFiYmZhY2EyNDI0MzMzZmE2NTRjZDhhMDc5YWM4MjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTe5xYHQYj6lM0nevbSPx9RuUgKG
HrvPlAQwxStaHe9wQJqY5apXZdmu61nzDzaN9cDCMbrUvyHv2h4Md12GKPX9OAQa
sbGrtecsZBW7NBMXd57wyx5k2P0O9Jlm6vC2+0n6NXknnnpa551VWTJDFUQTRe0x
lU1MTHXeelzeRwbKNmHk/EtTAZW0nL5K2TSFp7uXQObNWQsvYt5iFydXQfsIOWd+
uFiEEYkyrvID+R2A/KW+9DaqLy787wiS8YUZbgAmAZo/6O6V7DiXlKCJ7sVCP3TU
kD0nkK1owss9rWs21QnECdE14G+aQj9Rq2DXfQg9axq755N6LNE5cDqAWQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDPtgZarv6yiQkMz+mVM2KB5rIIBMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvTS0yQmxxdV9yS0pDUXpQNlpVellvSG1zZ2dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgtkwTAN
BgkqhkiG9w0BAQsFAAOCAQEAA6UiVF0i8DG15PSjuJxRgVV/0wqVarrWxIVxfH1Z
edr4fouzyDB6ZqakSDAQaWkb3lUmrav0d3kLtr6Eddh2sSw/03VsqnwuD1jcNa+X
08Ys5qqucwSMa0AflYDiwTQaiRdADytEaSx+x+57blPjW+75tDnch5bNqPN4cw5Q
J4dzVQXGF9xx/4U/WSzz/frD8i7DGWW9swFS6rcM7LF6ISJZmBGum8cMRwrny7se
QVcDYj0VZ6vTmSQ6AhgpYhxwANZtoPYSIUsB/KH8yMxmWvPJJynZSR9+Hg41CCvH
dyDhWzV8KjAc0RKwWk4Txhqjcr2SkmqKIW68Ztss/r6fYw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:54 2023 by rpki-client on console-ams.rpki-client.org