Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/V9DW99aYBRmgyoolk5wZjLm0xv4.roa
File: V9DW99aYBRmgyoolk5wZjLm0xv4.roa (raw, json)
Hash identifier: kjQp+pXF2sK4nC6Iii8xL5vfLsWRnjZFnjrZi54xM6c=
Subject key identifier: 57:D0:D6:F7:D6:98:05:19:A0:CA:8A:25:93:9C:19:8C:B9:B4:C6:FE
Certificate issuer: /CN=ff31492473a78c6fe9f539f9fa7d2252560a2b7e
Certificate serial: 01856C6EFC0854AFC2202FEF39E3084D2746
Authority key identifier: FF:31:49:24:73:A7:8C:6F:E9:F5:39:F9:FA:7D:22:52:56:0A:2B:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/V9DW99aYBRmgyoolk5wZjLm0xv4.roa
Signing time: Sun 01 Jan 2023 08:24:50 +0000
ROA not before: Sun 01 Jan 2023 08:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213106
IP address blocks: 2001:bf7:1321::/48 maxlen: 48
2001:bf7:1320::/44 maxlen: 48
2001:bf7:1350::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:fc:08:54:af:c2:20:2f:ef:39:e3:08:4d:27:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff31492473a78c6fe9f539f9fa7d2252560a2b7e
Validity
Not Before: Jan 1 08:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=57d0d6f7d6980519a0ca8a25939c198cb9b4c6fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:23:0d:f0:73:58:99:99:36:b7:bb:81:29:02:
5f:f1:5c:32:42:77:08:31:06:50:f4:4e:88:f6:dd:
9f:77:d8:d2:d5:ab:f7:b9:e7:bf:6b:ef:77:98:6d:
b4:46:42:c7:2d:67:b6:c2:4b:ae:8c:d5:93:af:5f:
01:d4:e5:1c:d3:1f:c1:3b:67:6e:5b:5b:63:a5:6b:
a7:fd:9d:8c:64:b8:96:8f:bb:df:5c:43:90:44:12:
ec:20:e4:51:b9:4f:07:a0:02:f0:1f:e1:a5:c5:b3:
cf:31:57:22:e2:9d:cb:18:1e:c1:c3:e1:3c:93:85:
cc:9a:aa:a0:42:5a:e8:1f:6d:10:e3:e5:32:43:c3:
c0:9c:24:dc:b7:a7:fa:c8:0d:72:a9:6f:07:cb:b4:
27:b7:a4:95:97:5d:e4:73:0c:47:eb:b8:0b:42:65:
e8:02:c4:96:30:29:6d:d4:7b:89:21:d4:c6:c4:1a:
30:76:0a:6f:cc:33:24:9e:41:ee:a8:9f:43:04:0f:
91:80:da:0b:1b:fe:5d:89:d0:29:a1:28:57:5e:09:
c1:b0:44:dc:4d:eb:e9:49:17:9a:87:5d:6b:7d:f9:
5d:cc:b1:63:65:cb:45:3d:fe:db:e1:2b:9e:79:dc:
d9:5c:26:47:dc:39:c8:e7:8a:d1:f4:08:7a:3a:b5:
b9:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:D0:D6:F7:D6:98:05:19:A0:CA:8A:25:93:9C:19:8C:B9:B4:C6:FE
X509v3 Authority Key Identifier:
keyid:FF:31:49:24:73:A7:8C:6F:E9:F5:39:F9:FA:7D:22:52:56:0A:2B:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/V9DW99aYBRmgyoolk5wZjLm0xv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/_zFJJHOnjG_p9Tn5-n0iUlYKK34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:bf7:1320::/44
2001:bf7:1350::/44
Signature Algorithm: sha256WithRSAEncryption
53:b3:c6:e1:b2:c7:53:ae:f5:1a:05:9b:8a:32:b2:17:ae:8f:
1c:f8:c7:b9:ab:d5:41:8e:e3:03:69:d8:17:d1:c6:d3:1f:49:
4d:9d:be:84:93:8b:c4:63:5a:35:74:5b:23:c0:82:67:e9:9b:
a9:fe:63:c7:cd:3f:79:fd:43:d1:c5:82:15:ad:0e:a2:d6:2a:
5b:b8:16:61:fe:d3:42:8f:2f:19:bc:cf:d4:64:a0:a5:7c:29:
e6:6b:a3:35:d9:63:50:a1:87:67:0b:3c:32:65:91:5b:d8:5b:
f0:a8:8e:15:14:da:95:62:a6:bb:1a:ea:bf:0d:25:b8:60:22:
91:52:90:e6:28:ad:e5:91:46:04:7a:74:6c:73:da:cb:d2:99:
47:dc:3c:33:69:83:c2:51:be:84:ba:6a:2b:d4:7d:43:0c:03:
94:d6:06:40:f9:c2:96:9f:a1:53:9a:e2:22:41:ed:ea:93:69:
56:0b:a5:7d:73:87:fe:98:ce:a2:52:08:3c:12:40:e8:a1:fa:
2c:1b:b6:aa:ab:09:8f:af:ab:4f:3b:8a:17:2c:e7:32:f5:2d:
cf:30:f5:52:55:d9:52:29:de:3b:75:65:46:1f:8a:5c:30:d9:
07:c2:4a:17:79:47:d2:98:0c:7e:5a:5a:32:9e:bc:ad:4c:4e:
77:5d:87:d4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsbvwIVK/CIC/vOeMITSdGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMzE0OTI0NzNhNzhjNmZlOWY1MzlmOWZhN2QyMjUyNTYw
YTJiN2UwHhcNMjMwMTAxMDgyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2QwZDZmN2Q2OTgwNTE5YTBjYThhMjU5MzljMTk4Y2I5YjRjNmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiMN8HNYmZk2t7uBKQJf8VwyQncI
MQZQ9E6I9t2fd9jS1av3uee/a+93mG20RkLHLWe2wkuujNWTr18B1OUc0x/BO2du
W1tjpWun/Z2MZLiWj7vfXEOQRBLsIORRuU8HoALwH+GlxbPPMVci4p3LGB7Bw+E8
k4XMmqqgQlroH20Q4+UyQ8PAnCTct6f6yA1yqW8Hy7Qnt6SVl13kcwxH67gLQmXo
AsSWMClt1HuJIdTGxBowdgpvzDMknkHuqJ9DBA+RgNoLG/5didApoShXXgnBsETc
TevpSReah11rffldzLFjZctFPf7b4SueedzZXCZH3DnI54rR9Ah6OrW5eQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFfQ1vfWmAUZoMqKJZOcGYy5tMb+MB8GA1UdIwQY
MBaAFP8xSSRzp4xv6fU5+fp9IlJWCit+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3pGSkpIT25qR19wOVRuNS1uMGlVbFlLSzM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8xYjQxMDUtMzQ3MS00NTkyLWJmMDct
NzNmZDNiYzE5YWE3LzEvVjlEVzk5YVlCUm1neW9vbGs1d1pqTG0weHY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8xYjQxMDUtMzQ3MS00NTkyLWJmMDctNzNmZDNiYzE5YWE3
LzEvX3pGSkpIT25qR19wOVRuNS1uMGlVbFlLSzM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEIAEL9xMg
AwcEIAEL9xNQMA0GCSqGSIb3DQEBCwUAA4IBAQBTs8bhssdTrvUaBZuKMrIXro8c
+Me5q9VBjuMDadgX0cbTH0lNnb6Ek4vEY1o1dFsjwIJn6Zup/mPHzT95/UPRxYIV
rQ6i1ipbuBZh/tNCjy8ZvM/UZKClfCnma6M12WNQoYdnCzwyZZFb2FvwqI4VFNqV
Yqa7Guq/DSW4YCKRUpDmKK3lkUYEenRsc9rL0plH3DwzaYPCUb6Eumor1H1DDAOU
1gZA+cKWn6FTmuIiQe3qk2lWC6V9c4f+mM6iUgg8EkDoofosG7aqqwmPr6tPO4oX
LOcy9S3PMPVSVdlSKd47dWVGH4pcMNkHwkoXeUfSmAx+WloynrytTE53XYfU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:46 2024 by rpki-client on console-fra.rpki-client.org