Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/296a78-01e2-496d-ba59-2200b3cc57e6/1/D6_E2XGbUU5vcDtgz0F-iow5CUw.roa
File: D6_E2XGbUU5vcDtgz0F-iow5CUw.roa (raw, json)
Hash identifier: 56BGwcWkotLZkvGhpS7IokwYJP8jTvcAjMevY3s2qv4=
Subject key identifier: 0F:AF:C4:D9:71:9B:51:4E:6F:70:3B:60:CF:41:7E:8A:8C:39:09:4C
Certificate issuer: /CN=07f0ba59b1c76cf20dc4382e5a2854d7142c26ba
Certificate serial: 018B8C980A60033FF38999AE1699AE944564
Authority key identifier: 07:F0:BA:59:B1:C7:6C:F2:0D:C4:38:2E:5A:28:54:D7:14:2C:26:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B_C6WbHHbPINxDguWihU1xQsJro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/296a78-01e2-496d-ba59-2200b3cc57e6/1/D6_E2XGbUU5vcDtgz0F-iow5CUw.roa
Signing time: Wed 01 Nov 2023 20:34:16 +0000
ROA not before: Wed 01 Nov 2023 20:34:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216176
IP address blocks: 2a14::/32 maxlen: 32
2a14:7::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8c:98:0a:60:03:3f:f3:89:99:ae:16:99:ae:94:45:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07f0ba59b1c76cf20dc4382e5a2854d7142c26ba
Validity
Not Before: Nov 1 20:34:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0fafc4d9719b514e6f703b60cf417e8a8c39094c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b0:c4:26:0a:51:7c:47:01:7b:24:6a:2a:b5:
23:7c:96:3e:11:29:c7:7c:67:86:fd:16:7f:ed:8b:
fb:2b:89:2b:00:f3:19:8c:d7:b6:4d:cd:ab:65:32:
48:d8:ef:5c:10:3f:c1:9b:80:6b:67:b5:64:5f:08:
a0:a3:dd:34:e3:6c:de:a0:c8:6b:21:a3:e2:8f:7b:
e6:ca:53:ed:6d:ff:c6:ad:1b:5f:ba:49:c1:4d:d3:
97:bb:96:e9:04:7a:74:46:04:77:9e:5b:02:1c:c5:
12:ab:25:e8:53:c1:61:d1:77:d0:c6:6a:37:ca:48:
d5:ee:ef:6b:49:e6:10:5d:98:cf:44:1c:21:5b:30:
bc:ed:de:e9:c6:b9:2d:4b:ed:55:7f:bf:75:10:52:
6e:2b:54:50:9c:cb:7a:1c:4b:0d:b8:2b:52:6c:f6:
0f:78:4f:8e:0b:af:e9:9b:d2:74:7e:68:71:8e:ff:
e6:9f:de:22:6c:9b:80:e7:e8:31:f6:b3:e5:65:2a:
cd:a4:a0:c9:ad:86:a6:32:f1:9a:6e:04:da:03:80:
98:5f:e6:f3:b2:c8:5f:c8:58:1e:3c:16:8a:9c:e0:
13:aa:72:1a:ab:5b:e9:58:80:4e:0a:61:82:c2:0c:
75:24:b3:08:9c:65:df:d3:04:c2:65:2f:c8:cc:ee:
24:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:AF:C4:D9:71:9B:51:4E:6F:70:3B:60:CF:41:7E:8A:8C:39:09:4C
X509v3 Authority Key Identifier:
keyid:07:F0:BA:59:B1:C7:6C:F2:0D:C4:38:2E:5A:28:54:D7:14:2C:26:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B_C6WbHHbPINxDguWihU1xQsJro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/296a78-01e2-496d-ba59-2200b3cc57e6/1/D6_E2XGbUU5vcDtgz0F-iow5CUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/296a78-01e2-496d-ba59-2200b3cc57e6/1/B_C6WbHHbPINxDguWihU1xQsJro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14::/32
2a14:7::/32
Signature Algorithm: sha256WithRSAEncryption
c9:08:44:f2:05:ea:8c:21:74:2a:26:f6:66:c7:d2:00:bf:89:
5e:23:aa:b3:2a:eb:dc:33:52:c7:9f:5d:95:73:ac:a2:6f:f4:
32:56:2e:c1:ed:38:ed:51:c3:d5:05:c3:b9:37:bf:b7:e0:b0:
cc:96:a0:f6:1a:a0:78:05:02:d5:88:44:52:3c:d6:c4:18:83:
81:3c:e2:31:1c:1d:14:dc:cb:00:42:83:27:fb:15:69:00:30:
33:50:00:53:5f:6a:ff:68:bb:3f:8f:03:02:23:ed:4b:42:46:
81:c8:e3:77:83:ca:20:92:89:1e:1c:ef:4d:a8:31:23:71:d5:
a0:46:ad:b3:98:8c:a7:ab:46:1f:c0:87:9f:b3:47:57:11:19:
93:6c:16:82:be:75:a6:1c:d4:b7:b3:0f:c7:56:ab:e0:ed:68:
a3:9f:45:d2:27:77:c3:14:21:ba:aa:40:70:4a:da:bd:88:93:
b4:ca:29:5e:64:84:45:fb:d4:b0:78:58:e1:7e:91:de:83:3e:
b5:b6:2c:19:23:d5:b5:94:7b:37:69:b9:d8:7d:c0:dd:77:43:
86:78:6e:93:f4:61:d3:88:58:0f:38:5e:aa:f0:32:d4:1e:14:
90:6a:76:08:a4:ef:b3:15:2a:0a:6c:f6:d8:fd:4c:29:81:ec:
58:18:42:d8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYuMmApgAz/ziZmuFpmulEVkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZjBiYTU5YjFjNzZjZjIwZGM0MzgyZTVhMjg1NGQ3MTQy
YzI2YmEwHhcNMjMxMTAxMjAzNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmFmYzRkOTcxOWI1MTRlNmY3MDNiNjBjZjQxN2U4YThjMzkwOTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrDEJgpRfEcBeyRqKrUjfJY+ESnH
fGeG/RZ/7Yv7K4krAPMZjNe2Tc2rZTJI2O9cED/Bm4BrZ7VkXwigo90042zeoMhr
IaPij3vmylPtbf/GrRtfuknBTdOXu5bpBHp0RgR3nlsCHMUSqyXoU8Fh0XfQxmo3
ykjV7u9rSeYQXZjPRBwhWzC87d7pxrktS+1Vf791EFJuK1RQnMt6HEsNuCtSbPYP
eE+OC6/pm9J0fmhxjv/mn94ibJuA5+gx9rPlZSrNpKDJrYamMvGabgTaA4CYX+bz
sshfyFgePBaKnOATqnIaq1vpWIBOCmGCwgx1JLMInGXf0wTCZS/IzO4kwQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFA+vxNlxm1FOb3A7YM9BfoqMOQlMMB8GA1UdIwQY
MBaAFAfwulmxx2zyDcQ4LlooVNcULCa6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQl9DNldiSEhiUElOeERndVdpaFUxeFFzSnJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8yOTZhNzgtMDFlMi00OTZkLWJhNTkt
MjIwMGIzY2M1N2U2LzEvRDZfRTJYR2JVVTV2Y0R0Z3owRi1pb3c1Q1V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8yOTZhNzgtMDFlMi00OTZkLWJhNTktMjIwMGIzY2M1N2U2
LzEvQl9DNldiSEhiUElOeERndVdpaFUxeFFzSnJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKhQAAAMF
ACoUAAcwDQYJKoZIhvcNAQELBQADggEBAMkIRPIF6owhdCom9mbH0gC/iV4jqrMq
69wzUsefXZVzrKJv9DJWLsHtOO1Rw9UFw7k3v7fgsMyWoPYaoHgFAtWIRFI81sQY
g4E84jEcHRTcywBCgyf7FWkAMDNQAFNfav9ouz+PAwIj7UtCRoHI43eDyiCSiR4c
702oMSNx1aBGrbOYjKerRh/Ah5+zR1cRGZNsFoK+daYc1LezD8dWq+DtaKOfRdIn
d8MUIbqqQHBK2r2Ik7TKKV5khEX71LB4WOF+kd6DPrW2LBkj1bWUezdpudh9wN13
Q4Z4bpP0YdOIWA84XqrwMtQeFJBqdgik77MVKgps9tj9TCmB7FgYQtg=
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:22:45 2024 by rpki-client on console-ams.rpki-client.org