Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/sRwz8_gbhHt4Hwo4QnHsqNZu6yk.roa
File: sRwz8_gbhHt4Hwo4QnHsqNZu6yk.roa (raw, json)
Hash identifier: GmqmNZa64XP799QsTsNLu6p0CxtX6tuYu3s49YDg+00=
Subject key identifier: B1:1C:33:F3:F8:1B:84:7B:78:1F:0A:38:42:71:EC:A8:D6:6E:EB:29
Certificate issuer: /CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Certificate serial: 01856ED4D53E937E4D91D35A8B2DF13C0926
Authority key identifier: F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/sRwz8_gbhHt4Hwo4QnHsqNZu6yk.roa
Signing time: Sun 01 Jan 2023 19:35:19 +0000
ROA not before: Sun 01 Jan 2023 19:35:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209844
IP address blocks: 2001:67c:2960::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:d5:3e:93:7e:4d:91:d3:5a:8b:2d:f1:3c:09:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Validity
Not Before: Jan 1 19:35:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b11c33f3f81b847b781f0a384271eca8d66eeb29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:e0:bb:43:ba:78:43:c4:23:0e:c2:02:cb:a2:
61:ef:d1:b4:bb:bd:cc:da:75:52:fa:f1:eb:13:dd:
57:6c:d9:f1:ce:3e:ff:f3:cf:de:cf:7c:2a:dc:37:
74:06:b6:aa:b8:9e:42:5e:e0:31:06:bc:f7:f4:17:
01:d9:f9:e1:f2:20:a4:cc:7d:42:b9:b6:8a:06:c4:
f0:6c:a6:4b:69:43:d5:b8:3a:2f:97:d8:d1:b6:fe:
4e:e8:50:07:d0:1c:25:35:2f:3f:9e:8c:65:72:64:
91:c8:42:81:56:27:29:76:be:97:d6:17:22:f1:8b:
6f:6b:d4:50:67:0a:75:27:9b:6f:eb:bb:bd:14:eb:
41:fd:ce:0e:92:20:4d:de:57:32:43:14:63:7e:8b:
43:31:e9:cb:b8:5f:a4:58:b3:27:43:1f:21:0d:0b:
9b:10:7d:67:9f:32:2d:c9:4d:05:a6:2b:e9:13:6b:
6d:d1:21:0c:cb:48:7c:1d:5c:9f:30:f5:c3:c7:a3:
cf:50:0a:c1:d8:87:1b:3f:72:9f:ee:3b:fd:0b:99:
7e:42:17:21:e4:5b:f8:a9:04:91:2f:e4:a2:5a:f0:
d1:d5:dd:c9:c5:d3:08:32:35:25:7d:0c:f3:a2:71:
35:9c:9d:ac:36:de:0f:dc:17:12:fd:b2:17:21:1a:
60:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:1C:33:F3:F8:1B:84:7B:78:1F:0A:38:42:71:EC:A8:D6:6E:EB:29
X509v3 Authority Key Identifier:
keyid:F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/sRwz8_gbhHt4Hwo4QnHsqNZu6yk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2960::/48
Signature Algorithm: sha256WithRSAEncryption
9c:15:20:3e:79:e1:48:f0:e2:69:28:fb:15:50:87:4e:ee:25:
65:07:0d:0d:4b:16:f8:50:f5:bd:bd:1b:8b:ba:11:8e:e9:35:
ca:3e:e7:07:57:13:09:dd:65:ca:a3:5f:49:34:4d:8f:b3:27:
cb:60:ab:39:f1:56:40:c3:0a:d3:ae:8f:32:5a:40:89:c1:02:
a9:41:8d:6c:fb:5f:7c:76:81:38:1e:77:07:08:65:17:ab:d7:
7f:f8:8b:ff:5c:4e:04:49:47:d0:d4:cf:5f:78:50:a1:ad:67:
34:94:8c:8d:52:cd:2b:1b:52:e8:37:c8:36:32:c7:79:e2:59:
de:d3:6f:5f:28:db:b0:39:c2:65:40:a4:67:ce:63:d8:5a:8e:
48:56:12:23:60:1c:05:58:0f:d2:81:55:00:54:f6:a6:76:83:
65:38:23:6f:24:0c:52:cb:f0:23:79:52:32:92:ca:43:a7:14:
6f:df:fd:b5:b1:42:ad:99:74:3d:1d:73:0e:18:24:76:a4:d8:
b6:4d:67:9f:01:65:42:32:6a:1a:c4:e4:48:e4:73:4f:82:b0:
9d:38:fc:25:5b:e5:68:18:f7:17:5d:1e:b2:4a:dd:4c:53:92:
9f:64:0d:02:c9:ef:36:33:2c:3b:c8:a0:25:45:9e:1b:c7:99:
51:fc:01:84
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVu1NU+k35NkdNaiy3xPAkmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGViMjA0ZjM1ODAwNDc4ODIyNGUyZmIxOGU0ZDVlNzRi
ZWJmOGQwHhcNMjMwMTAxMTkzNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTFjMzNmM2Y4MWI4NDdiNzgxZjBhMzg0MjcxZWNhOGQ2NmVlYjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1OC7Q7p4Q8QjDsICy6Jh79G0u73M
2nVS+vHrE91XbNnxzj7/88/ez3wq3Dd0BraquJ5CXuAxBrz39BcB2fnh8iCkzH1C
ubaKBsTwbKZLaUPVuDovl9jRtv5O6FAH0BwlNS8/noxlcmSRyEKBVicpdr6X1hci
8Ytva9RQZwp1J5tv67u9FOtB/c4OkiBN3lcyQxRjfotDMenLuF+kWLMnQx8hDQub
EH1nnzItyU0FpivpE2tt0SEMy0h8HVyfMPXDx6PPUArB2IcbP3Kf7jv9C5l+Qhch
5Fv4qQSRL+SiWvDR1d3JxdMIMjUlfQzzonE1nJ2sNt4P3BcS/bIXIRpgCwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLEcM/P4G4R7eB8KOEJx7KjWbuspMB8GA1UdIwQY
MBaAFPBOsgTzWABHiCJOL7GOTV50vr+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMt
NWM1ODkyYWZhNDg3LzEvc1J3ejhfZ2JoSHQ0SHdvNFFuSHNxTlp1NnlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMtNWM1ODkyYWZhNDg3
LzEvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfClg
MA0GCSqGSIb3DQEBCwUAA4IBAQCcFSA+eeFI8OJpKPsVUIdO7iVlBw0NSxb4UPW9
vRuLuhGO6TXKPucHVxMJ3WXKo19JNE2PsyfLYKs58VZAwwrTro8yWkCJwQKpQY1s
+198doE4HncHCGUXq9d/+Iv/XE4ESUfQ1M9feFChrWc0lIyNUs0rG1LoN8g2Msd5
4lne029fKNuwOcJlQKRnzmPYWo5IVhIjYBwFWA/SgVUAVPamdoNlOCNvJAxSy/Aj
eVIykspDpxRv3/21sUKtmXQ9HXMOGCR2pNi2TWefAWVCMmoaxORI5HNPgrCdOPwl
W+VoGPcXXR6ySt1MU5KfZA0Cye82Myw7yKAlRZ4bx5lR/AGE
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:22:50 2024 by rpki-client on console-ams.rpki-client.org