Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/IffTpNeT2iqlkxTLvEDgji3MQF0.roa
File: IffTpNeT2iqlkxTLvEDgji3MQF0.roa (raw, json)
Hash identifier: AhRv30oJgsCSvuInzUXnn3ox10MGvLSxNXKf07V9bp4=
Subject key identifier: 21:F7:D3:A4:D7:93:DA:2A:A5:93:14:CB:BC:40:E0:8E:2D:CC:40:5D
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 018A45CAF9C84248378C1EA152556B97B3B0
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/IffTpNeT2iqlkxTLvEDgji3MQF0.roa
Signing time: Wed 30 Aug 2023 09:34:04 +0000
ROA not before: Wed 30 Aug 2023 09:34:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38915
IP address blocks: 2a07:3500:1998::/48 maxlen: 48
2a07:3500:1200::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:45:ca:f9:c8:42:48:37:8c:1e:a1:52:55:6b:97:b3:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Aug 30 09:34:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21f7d3a4d793da2aa59314cbbc40e08e2dcc405d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:d1:f0:88:e4:52:b9:a4:f2:22:74:e3:4d:41:
f2:c0:22:31:80:e8:f3:61:9c:9d:64:2d:5b:4d:66:
0c:a8:32:1c:17:44:b4:0c:6d:46:f5:16:50:ef:96:
52:13:e4:db:78:7d:fb:12:57:27:ce:5c:ad:d8:ba:
7f:28:77:d9:50:5a:c5:cd:34:dd:2c:ca:ef:08:ff:
c1:4e:20:1e:3f:97:d1:23:84:c9:d6:ad:16:e8:2c:
3d:c8:65:1c:2c:df:64:58:f1:f5:08:65:49:ef:c6:
86:3b:77:27:c6:b7:e7:9a:39:ba:cb:26:5d:f5:73:
e8:57:1d:7e:96:6c:f1:e5:64:9c:9d:e5:c4:e7:2d:
19:3f:a7:22:32:2e:4e:e5:db:3c:11:32:d9:0c:0b:
c8:90:d6:2b:8a:88:c8:c9:ce:c2:d6:dc:8d:89:e1:
30:0a:d9:a2:59:11:e0:41:29:64:5a:b5:97:48:90:
b7:ae:1a:b4:aa:a4:bb:d8:fa:d1:39:fd:aa:76:9c:
95:9a:0e:78:3a:83:a4:85:7d:f3:b6:dd:61:01:7a:
91:66:c2:db:d5:ec:17:74:e4:26:fa:c8:b1:58:1d:
da:4c:93:2c:66:5f:d6:96:86:80:56:f3:d1:eb:3f:
16:79:a3:2e:29:07:0b:86:df:56:00:53:f5:0c:ab:
e0:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:F7:D3:A4:D7:93:DA:2A:A5:93:14:CB:BC:40:E0:8E:2D:CC:40:5D
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/IffTpNeT2iqlkxTLvEDgji3MQF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:3500:1200::/48
2a07:3500:1998::/48
Signature Algorithm: sha256WithRSAEncryption
12:df:eb:f6:a6:6d:e5:de:f3:5a:1f:f8:3d:27:41:f5:39:7f:
38:08:0f:93:ad:fa:e5:64:fe:0b:c6:cc:3f:b8:3a:e4:0a:13:
a1:94:84:7c:47:fb:44:5f:00:de:db:8c:20:35:aa:ef:07:d3:
fc:d0:d0:60:d4:c4:aa:ed:95:a7:3f:32:04:e5:b1:00:1d:9b:
e4:5e:13:cd:a9:56:c3:12:f6:2b:36:a8:c5:0d:26:ee:8d:90:
f4:06:a1:a1:99:8d:77:b3:09:f6:7a:a2:0f:49:07:49:45:ba:
cd:29:cc:07:ba:22:a3:ee:55:f5:cb:82:9f:40:1d:03:b5:39:
e8:c6:84:09:de:30:19:be:16:a2:d4:12:6d:93:5b:60:35:24:
db:74:be:61:ec:84:dd:77:47:91:4e:a4:52:4d:97:f5:42:09:
21:a8:c7:bd:ca:8c:97:0d:3a:f8:01:53:d9:31:8f:8a:76:b7:
8c:d5:d1:7c:ce:e7:7a:99:5d:58:46:d2:9a:19:b6:89:37:0c:
d6:58:16:f1:c4:55:9d:86:30:e3:4f:ca:ed:d9:f5:7f:ce:55:
9e:9a:ee:d4:86:8e:e3:84:b6:b5:3a:c4:68:88:f4:5d:62:b3:
83:e4:7b:10:c0:06:7e:45:c7:a1:ef:5d:4c:72:41:a9:09:cb:
f8:ed:73:90
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYpFyvnIQkg3jB6hUlVrl7OwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjMwODMwMDkzNDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWY3ZDNhNGQ3OTNkYTJhYTU5MzE0Y2JiYzQwZTA4ZTJkY2M0MDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdHwiORSuaTyInTjTUHywCIxgOjz
YZydZC1bTWYMqDIcF0S0DG1G9RZQ75ZSE+TbeH37Elcnzlyt2Lp/KHfZUFrFzTTd
LMrvCP/BTiAeP5fRI4TJ1q0W6Cw9yGUcLN9kWPH1CGVJ78aGO3cnxrfnmjm6yyZd
9XPoVx1+lmzx5WScneXE5y0ZP6ciMi5O5ds8ETLZDAvIkNYriojIyc7C1tyNieEw
CtmiWRHgQSlkWrWXSJC3rhq0qqS72PrROf2qdpyVmg54OoOkhX3ztt1hAXqRZsLb
1ewXdOQm+sixWB3aTJMsZl/WloaAVvPR6z8WeaMuKQcLht9WAFP1DKvg2QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCH306TXk9oqpZMUy7xA4I4tzEBdMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvSWZmVHBOZVQyaXFsa3hUTHZFRGdqaTNNUUYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgc1ABIA
AwcAKgc1ABmYMA0GCSqGSIb3DQEBCwUAA4IBAQAS3+v2pm3l3vNaH/g9J0H1OX84
CA+TrfrlZP4Lxsw/uDrkChOhlIR8R/tEXwDe24wgNarvB9P80NBg1MSq7ZWnPzIE
5bEAHZvkXhPNqVbDEvYrNqjFDSbujZD0BqGhmY13swn2eqIPSQdJRbrNKcwHuiKj
7lX1y4KfQB0DtTnoxoQJ3jAZvhai1BJtk1tgNSTbdL5h7ITdd0eRTqRSTZf1Qgkh
qMe9yoyXDTr4AVPZMY+KdreM1dF8zud6mV1YRtKaGbaJNwzWWBbxxFWdhjDjT8rt
2fV/zlWemu7Uho7jhLa1OsRoiPRdYrOD5HsQwAZ+Rceh711MckGpCcv47XOQ
-----END CERTIFICATE-----
Generated at Wed Aug 30 13:46:10 2023 by rpki-client on console-fra.rpki-client.org