Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/IDnkdDLjmYxLk0buiWCc4DEFZtc.roa
File: IDnkdDLjmYxLk0buiWCc4DEFZtc.roa (raw, json)
Hash identifier: JBGkkR/5MTML1o28eCZymaKWoDuCJelGHNpCU7KRKw4=
Subject key identifier: 20:39:E4:74:32:E3:99:8C:4B:93:46:EE:89:60:9C:E0:31:05:66:D7
Certificate issuer: /CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Certificate serial: 018570C2D9B380BA33E005F4478121BBF545
Authority key identifier: D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/IDnkdDLjmYxLk0buiWCc4DEFZtc.roa
Signing time: Mon 02 Jan 2023 04:34:55 +0000
ROA not before: Mon 02 Jan 2023 04:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60960
IP address blocks: 2a07:7b00::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:d9:b3:80:ba:33:e0:05:f4:47:81:21:bb:f5:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Validity
Not Before: Jan 2 04:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2039e47432e3998c4b9346ee89609ce0310566d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ba:ff:bc:1f:8c:c1:e9:95:2e:78:b8:ad:d1:
d2:47:ad:e1:4f:27:f3:9d:da:07:65:af:e1:94:8e:
70:7a:68:39:ad:c1:9a:59:83:e8:b9:3f:c1:ae:df:
4d:7e:99:d0:d2:9e:26:92:88:e4:5d:5e:7e:a5:d0:
8e:6c:d7:2c:fe:26:4a:c2:28:b4:7a:99:c5:56:3e:
4b:57:bb:16:6e:1b:e0:15:e9:a4:e8:b5:0f:63:1e:
20:fd:af:e5:df:65:28:29:dc:2f:a8:34:6f:c9:fa:
d9:4a:c7:48:34:47:12:94:19:32:02:27:32:27:1b:
59:56:23:fb:32:e6:b6:8f:36:6a:9c:dc:e4:1e:01:
85:5c:62:be:f9:22:17:06:e2:0a:7b:d1:3f:26:9b:
c9:7d:32:ad:85:8d:bf:91:40:a2:66:39:34:37:01:
19:97:f7:27:f4:85:e7:fb:ff:71:13:b8:08:5f:fd:
30:0d:1d:5c:4b:53:12:f6:73:27:f8:b5:75:ac:c2:
06:a8:2b:76:9a:bf:e4:10:fb:96:8a:4a:d1:ce:06:
7c:16:60:5c:a3:08:b5:10:72:98:86:48:10:79:d0:
8d:c8:61:08:7f:6d:95:f7:7a:10:a0:47:66:56:14:
dd:79:cf:8e:ea:37:06:11:c0:c9:16:52:15:0c:8f:
5d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:39:E4:74:32:E3:99:8C:4B:93:46:EE:89:60:9C:E0:31:05:66:D7
X509v3 Authority Key Identifier:
keyid:D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/IDnkdDLjmYxLk0buiWCc4DEFZtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:7b00::/29
Signature Algorithm: sha256WithRSAEncryption
91:a5:67:5f:5c:ac:d5:c5:cc:a4:9c:56:41:07:33:26:56:0f:
56:94:6f:50:0f:18:e0:07:03:3d:3b:21:26:f5:01:de:6f:33:
2b:52:bd:2b:03:d6:20:95:d6:d8:c8:83:88:8b:ce:52:16:5a:
1d:2e:5a:2c:be:27:4d:9d:1d:f3:9e:19:10:3f:c5:f6:53:5f:
b0:f0:ed:5d:f9:9b:70:9a:fc:ca:1d:26:b8:e1:e0:7a:d8:93:
f0:f7:e1:8f:39:e7:34:6a:2d:cf:3b:19:26:d6:19:94:a2:6e:
c1:32:1a:6b:18:39:7e:0d:31:09:09:bf:34:e3:1e:8f:27:7b:
f1:d2:92:4e:51:c2:fd:30:4d:a4:8b:f2:5f:2d:23:4d:8c:39:
0a:42:6d:c5:6a:c0:d3:77:f1:c5:ed:29:97:5a:95:aa:b5:4b:
bf:9d:81:65:14:0a:dc:d6:09:80:00:d2:f1:a2:e0:a2:35:93:
ef:e8:a6:d5:16:5e:27:20:40:77:b4:06:3b:d0:6a:85:a3:a8:
3c:13:8e:90:09:7a:d9:60:46:c4:c7:45:18:78:48:c5:fb:29:
95:3a:e7:2c:e3:b8:0e:6a:92:9a:4f:0c:7b:15:84:73:cc:ad:
03:26:22:47:b3:f9:e8:bb:b5:62:23:0b:b4:09:3f:69:54:b4:
05:b8:83:45
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVwwtmzgLoz4AX0R4Ehu/VFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZWZlOWQzNmY1Zjg4ZmRmMDQ3NDJjNDE0MGM3NTMyMDkw
YWI3NzAwHhcNMjMwMTAyMDQzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDM5ZTQ3NDMyZTM5OThjNGI5MzQ2ZWU4OTYwOWNlMDMxMDU2NmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobr/vB+MwemVLni4rdHSR63hTyfz
ndoHZa/hlI5wemg5rcGaWYPouT/Brt9NfpnQ0p4mkojkXV5+pdCObNcs/iZKwii0
epnFVj5LV7sWbhvgFemk6LUPYx4g/a/l32UoKdwvqDRvyfrZSsdINEcSlBkyAicy
JxtZViP7Mua2jzZqnNzkHgGFXGK++SIXBuIKe9E/JpvJfTKthY2/kUCiZjk0NwEZ
l/cn9IXn+/9xE7gIX/0wDR1cS1MS9nMn+LV1rMIGqCt2mr/kEPuWikrRzgZ8FmBc
owi1EHKYhkgQedCNyGEIf22V93oQoEdmVhTdec+O6jcGEcDJFlIVDI9dTwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCA55HQy45mMS5NG7olgnOAxBWbXMB8GA1UdIwQY
MBaAFNnv6dNvX4j98EdCxBQMdTIJCrdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1Yzkt
MzlmNmQ2NDI1MzM4LzEvSURua2RETGptWXhMazBidWlXQ2M0REVGWnRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1YzktMzlmNmQ2NDI1MzM4
LzEvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgd7ADAN
BgkqhkiG9w0BAQsFAAOCAQEAkaVnX1ys1cXMpJxWQQczJlYPVpRvUA8Y4AcDPTsh
JvUB3m8zK1K9KwPWIJXW2MiDiIvOUhZaHS5aLL4nTZ0d854ZED/F9lNfsPDtXfmb
cJr8yh0muOHgetiT8PfhjznnNGotzzsZJtYZlKJuwTIaaxg5fg0xCQm/NOMejyd7
8dKSTlHC/TBNpIvyXy0jTYw5CkJtxWrA03fxxe0pl1qVqrVLv52BZRQK3NYJgADS
8aLgojWT7+im1RZeJyBAd7QGO9BqhaOoPBOOkAl62WBGxMdFGHhIxfsplTrnLOO4
DmqSmk8MexWEc8ytAyYiR7P56Lu1YiMLtAk/aVS0BbiDRQ==
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:16:19 2024 by rpki-client on console-ams.rpki-client.org