Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/19455b-d2cf-4e5f-bf58-21df55ba9ebf/1/58995qAiK7Y9oe5NizFsNBQKWKc.roa
File: 58995qAiK7Y9oe5NizFsNBQKWKc.roa (raw, json)
Hash identifier: lLAhlR4FB/TTfUBfI9XtCJAfcBwU9P+qENXlIuWUnSw=
Subject key identifier: E7:CF:7D:E6:A0:22:2B:B6:3D:A1:EE:4D:8B:31:6C:34:14:0A:58:A7
Certificate issuer: /CN=bea649ef6030fc80848fdfe21d4321ac8011fd10
Certificate serial: 01857030795A994006ACEFB9F1CB7820D545
Authority key identifier: BE:A6:49:EF:60:30:FC:80:84:8F:DF:E2:1D:43:21:AC:80:11:FD:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vqZJ72Aw_ICEj9_iHUMhrIAR_RA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/19455b-d2cf-4e5f-bf58-21df55ba9ebf/1/58995qAiK7Y9oe5NizFsNBQKWKc.roa
Signing time: Mon 02 Jan 2023 01:55:03 +0000
ROA not before: Mon 02 Jan 2023 01:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211935
IP address blocks: 2a0e:f43::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:79:5a:99:40:06:ac:ef:b9:f1:cb:78:20:d5:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bea649ef6030fc80848fdfe21d4321ac8011fd10
Validity
Not Before: Jan 2 01:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7cf7de6a0222bb63da1ee4d8b316c34140a58a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:37:9c:63:61:74:98:a1:2d:34:f1:4e:e6:4b:
0b:2b:3c:78:c5:52:12:c4:6a:9e:e5:d6:c8:84:8e:
87:8e:bc:fe:07:6e:2c:f8:da:ef:3e:70:a6:ee:1c:
2b:7d:a3:4b:6c:6b:80:9e:e3:95:7f:a1:13:5a:6c:
83:fb:eb:e0:b2:86:66:ec:4a:04:30:2c:5a:95:36:
e5:8a:8b:0b:01:b4:4c:a8:65:08:70:b7:3c:d0:23:
83:26:22:74:da:3e:75:71:49:ff:d5:28:cf:80:78:
ca:d3:82:31:6e:8f:53:d6:98:07:ca:91:41:e7:f6:
f9:75:a7:ca:09:08:68:ac:23:b4:7c:76:db:58:a5:
d5:36:41:23:ba:9a:81:69:74:85:b1:00:f5:a3:0a:
c3:d6:f5:87:02:95:6b:95:93:4a:d2:fc:56:2a:e9:
a5:b4:b3:d2:9b:f2:29:aa:ab:3c:f3:26:f1:41:2b:
b3:26:59:f3:13:5e:e7:e9:e8:08:3f:e8:e3:90:12:
26:b3:65:3c:3f:0c:30:0a:ba:c9:01:ea:1c:f4:6c:
87:be:8c:ee:0e:4d:f0:e6:c0:56:3c:67:35:dc:bd:
03:c2:b5:6c:61:d7:88:be:07:1e:c2:30:16:23:53:
54:c2:5c:d0:77:de:4d:bc:39:c4:69:83:3a:ee:e5:
46:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:CF:7D:E6:A0:22:2B:B6:3D:A1:EE:4D:8B:31:6C:34:14:0A:58:A7
X509v3 Authority Key Identifier:
keyid:BE:A6:49:EF:60:30:FC:80:84:8F:DF:E2:1D:43:21:AC:80:11:FD:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vqZJ72Aw_ICEj9_iHUMhrIAR_RA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/19455b-d2cf-4e5f-bf58-21df55ba9ebf/1/58995qAiK7Y9oe5NizFsNBQKWKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/19455b-d2cf-4e5f-bf58-21df55ba9ebf/1/vqZJ72Aw_ICEj9_iHUMhrIAR_RA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:f43::/48
Signature Algorithm: sha256WithRSAEncryption
19:96:6b:4c:9c:33:e8:44:02:50:22:1d:4b:1e:a4:6b:79:d2:
bb:ef:87:c3:ab:34:81:a8:38:bf:cb:e1:cf:bf:0b:25:96:1d:
df:55:92:38:81:c3:7e:66:cd:6d:e1:ec:91:1d:3c:96:a5:3e:
5c:91:05:50:25:5c:53:43:75:f2:84:5c:bc:02:68:74:45:dd:
d4:3f:0d:ba:4c:86:23:63:8a:e0:f2:c8:00:91:a1:08:97:d8:
0c:79:2f:17:f4:db:70:c4:05:7e:ce:5c:5d:d3:d6:d4:2f:68:
9f:74:16:97:7c:05:97:c3:24:28:88:1b:5d:56:0f:52:d5:f7:
83:82:4d:03:28:89:7b:1e:cd:fe:23:ce:4a:5d:70:bc:77:f9:
7d:f3:92:57:6a:29:ec:27:0e:9e:dc:5e:4d:77:ee:e4:36:4c:
a3:f4:3d:bc:74:17:5d:fe:33:41:fd:19:8c:81:1e:28:75:fb:
e3:1c:c1:d5:9f:fe:bc:84:41:3f:10:41:cf:c8:bb:8a:41:43:
d7:13:44:2b:a2:0e:d7:3d:21:c1:88:bc:a6:b2:90:c8:30:14:
77:b6:b0:bd:fc:f0:e2:c6:4c:f3:50:9d:d9:be:5d:5b:15:aa:
97:4d:d2:c5:70:db:45:93:cb:45:ea:0f:a0:1e:91:0c:23:77:
83:52:22:39
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVwMHlamUAGrO+58ct4INVFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlYTY0OWVmNjAzMGZjODA4NDhmZGZlMjFkNDMyMWFjODAx
MWZkMTAwHhcNMjMwMTAyMDE1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2NmN2RlNmEwMjIyYmI2M2RhMWVlNGQ4YjMxNmMzNDE0MGE1OGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDecY2F0mKEtNPFO5ksLKzx4xVIS
xGqe5dbIhI6Hjrz+B24s+NrvPnCm7hwrfaNLbGuAnuOVf6ETWmyD++vgsoZm7EoE
MCxalTbliosLAbRMqGUIcLc80CODJiJ02j51cUn/1SjPgHjK04Ixbo9T1pgHypFB
5/b5dafKCQhorCO0fHbbWKXVNkEjupqBaXSFsQD1owrD1vWHApVrlZNK0vxWKuml
tLPSm/Ipqqs88ybxQSuzJlnzE17n6egIP+jjkBIms2U8PwwwCrrJAeoc9GyHvozu
Dk3w5sBWPGc13L0DwrVsYdeIvgcewjAWI1NUwlzQd95NvDnEaYM67uVGhQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOfPfeagIiu2PaHuTYsxbDQUClinMB8GA1UdIwQY
MBaAFL6mSe9gMPyAhI/f4h1DIayAEf0QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnFaSjcyQXdfSUNFajlfaUhVTWhySUFSX1JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8xOTQ1NWItZDJjZi00ZTVmLWJmNTgt
MjFkZjU1YmE5ZWJmLzEvNTg5OTVxQWlLN1k5b2U1Tml6RnNOQlFLV0tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8xOTQ1NWItZDJjZi00ZTVmLWJmNTgtMjFkZjU1YmE5ZWJm
LzEvdnFaSjcyQXdfSUNFajlfaUhVTWhySUFSX1JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg4PQwAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAZlmtMnDPoRAJQIh1LHqRredK774fDqzSBqDi/
y+HPvwsllh3fVZI4gcN+Zs1t4eyRHTyWpT5ckQVQJVxTQ3XyhFy8Amh0Rd3UPw26
TIYjY4rg8sgAkaEIl9gMeS8X9NtwxAV+zlxd09bUL2ifdBaXfAWXwyQoiBtdVg9S
1feDgk0DKIl7Hs3+I85KXXC8d/l985JXainsJw6e3F5Nd+7kNkyj9D28dBdd/jNB
/RmMgR4odfvjHMHVn/68hEE/EEHPyLuKQUPXE0Qrog7XPSHBiLymspDIMBR3trC9
/PDixkzzUJ3Zvl1bFaqXTdLFcNtFk8tF6g+gHpEMI3eDUiI5
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:22 2024 by rpki-client on console-ams.rpki-client.org