Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/f33dff-8270-4894-ba8a-bbf2e37438d5/1/vV2CCH3Z7U8fKgWfGwY43Db0tYs.roa
File: vV2CCH3Z7U8fKgWfGwY43Db0tYs.roa (raw, json)
Hash identifier: fuQWdqOXGZHQSCq62ybctiFlFH5a/Y4ruxf73KQRMgs=
Subject key identifier: BD:5D:82:08:7D:D9:ED:4F:1F:2A:05:9F:1B:06:38:DC:36:F4:B5:8B
Certificate issuer: /CN=d7475ecb0f680a56d20f581bbdce521cfb7eb46d
Certificate serial: 018CC4253C4519198E24F8C977AF64364B7E
Authority key identifier: D7:47:5E:CB:0F:68:0A:56:D2:0F:58:1B:BD:CE:52:1C:FB:7E:B4:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10deyw9oClbSD1gbvc5SHPt-tG0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/f33dff-8270-4894-ba8a-bbf2e37438d5/1/vV2CCH3Z7U8fKgWfGwY43Db0tYs.roa
Signing time: Mon 01 Jan 2024 08:30:23 +0000
ROA not before: Mon 01 Jan 2024 08:30:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210761
IP address blocks: 2001:67c:81c::/48 maxlen: 48
2001:67c:b90::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 07 Jan 2024 07:54:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:3c:45:19:19:8e:24:f8:c9:77:af:64:36:4b:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7475ecb0f680a56d20f581bbdce521cfb7eb46d
Validity
Not Before: Jan 1 08:30:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd5d82087dd9ed4f1f2a059f1b0638dc36f4b58b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:bb:57:15:6e:28:9f:52:12:cd:ee:af:18:65:
c0:5e:5d:7e:90:44:0b:f7:0a:33:bf:7c:6f:03:74:
5a:3c:86:56:db:4c:3b:7b:a1:5a:be:b2:96:02:ae:
75:64:5a:bc:18:32:f5:54:d9:4e:ff:97:b7:fb:66:
96:2f:99:fd:44:fd:0a:63:61:6a:d7:e7:3f:80:19:
5c:e9:10:ef:04:2a:ee:22:7d:f3:b1:f0:5d:cd:af:
2d:3e:78:88:53:5f:a9:fc:c8:fc:15:35:96:e3:cb:
9d:1b:5a:2b:f2:70:7f:64:cf:f3:76:70:e5:99:41:
60:db:e3:50:0b:a5:16:31:7a:f9:25:4b:4d:b1:8c:
51:01:ea:b8:84:ca:04:53:09:1d:9d:a0:4c:10:cf:
3c:00:3f:94:95:e4:df:a4:e0:37:a9:bd:32:c4:d8:
08:92:c2:b4:2a:fd:b8:29:09:fb:78:87:61:ec:66:
e5:21:c6:14:bc:4f:ac:e7:07:60:f0:67:83:d0:d5:
84:7e:00:39:45:52:63:11:11:66:e3:89:32:3b:3a:
24:01:0e:e7:63:01:07:78:89:38:75:e9:4d:24:98:
1e:d5:c1:81:23:f8:07:02:8d:58:d4:a9:66:7c:c5:
9c:fd:36:ba:0b:1b:ae:00:ba:c5:39:ce:8a:6d:49:
b4:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:5D:82:08:7D:D9:ED:4F:1F:2A:05:9F:1B:06:38:DC:36:F4:B5:8B
X509v3 Authority Key Identifier:
keyid:D7:47:5E:CB:0F:68:0A:56:D2:0F:58:1B:BD:CE:52:1C:FB:7E:B4:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10deyw9oClbSD1gbvc5SHPt-tG0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/f33dff-8270-4894-ba8a-bbf2e37438d5/1/vV2CCH3Z7U8fKgWfGwY43Db0tYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/f33dff-8270-4894-ba8a-bbf2e37438d5/1/10deyw9oClbSD1gbvc5SHPt-tG0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:81c::/48
2001:67c:b90::/48
Signature Algorithm: sha256WithRSAEncryption
0e:77:ca:39:41:6a:4d:20:0b:17:0d:79:02:96:f9:a3:f8:65:
9d:02:fb:a7:cc:16:cf:62:a8:16:b3:a7:3c:6c:c4:64:8e:2a:
d0:e6:4b:d6:30:13:95:88:e5:7b:fb:20:42:7d:8f:44:ce:d7:
a1:83:80:68:ae:98:db:9a:53:c3:f9:8d:90:f6:e7:29:ac:b1:
70:6c:a5:22:0a:08:84:70:da:99:d0:af:d8:5f:b6:20:d4:3b:
89:8a:7c:a5:6d:80:8a:42:60:89:65:48:4e:39:18:e8:ea:fa:
27:0e:69:b2:eb:64:9c:e5:da:cc:cf:74:2e:70:d4:b1:fd:da:
ac:a1:0a:f8:a3:d4:e9:93:dd:ca:a8:aa:c8:19:32:3e:9f:46:
ae:55:b3:4c:82:42:84:1a:8a:d4:9b:17:8d:22:8f:62:cd:fe:
dd:49:09:19:2b:c1:84:93:fc:d7:b4:ad:da:f6:59:ec:97:48:
aa:ae:c9:a7:83:bb:40:b1:29:a5:a0:c5:87:c5:5e:47:86:ca:
b9:6d:34:56:70:8e:e4:71:81:bf:84:bc:b0:59:1f:5c:e4:77:
cf:73:d4:24:f9:b2:3f:f7:03:c5:7a:17:48:ac:6b:57:4b:f2:
0d:eb:eb:71:d7:29:6e:8d:e6:cc:d2:c4:25:8b:19:6e:84:8d:
ee:44:8f:ef
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzEJTxFGRmOJPjJd69kNkt+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDc1ZWNiMGY2ODBhNTZkMjBmNTgxYmJkY2U1MjFjZmI3
ZWI0NmQwHhcNMjQwMTAxMDgzMDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDVkODIwODdkZDllZDRmMWYyYTA1OWYxYjA2MzhkYzM2ZjRiNThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibtXFW4on1ISze6vGGXAXl1+kEQL
9wozv3xvA3RaPIZW20w7e6FavrKWAq51ZFq8GDL1VNlO/5e3+2aWL5n9RP0KY2Fq
1+c/gBlc6RDvBCruIn3zsfBdza8tPniIU1+p/Mj8FTWW48udG1or8nB/ZM/zdnDl
mUFg2+NQC6UWMXr5JUtNsYxRAeq4hMoEUwkdnaBMEM88AD+UleTfpOA3qb0yxNgI
ksK0Kv24KQn7eIdh7GblIcYUvE+s5wdg8GeD0NWEfgA5RVJjERFm44kyOzokAQ7n
YwEHeIk4delNJJge1cGBI/gHAo1Y1KlmfMWc/Ta6CxuuALrFOc6KbUm07QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFL1dggh92e1PHyoFnxsGONw29LWLMB8GA1UdIwQY
MBaAFNdHXssPaApW0g9YG73OUhz7frRtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBkZXl3OW9DbGJTRDFnYnZjNVNIUHQtdEcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9mMzNkZmYtODI3MC00ODk0LWJhOGEt
YmJmMmUzNzQzOGQ1LzEvdlYyQ0NIM1o3VThmS2dXZkd3WTQzRGIwdFlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9mMzNkZmYtODI3MC00ODk0LWJhOGEtYmJmMmUzNzQzOGQ1
LzEvMTBkZXl3OW9DbGJTRDFnYnZjNVNIUHQtdEcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAIAEGfAgc
AwcAIAEGfAuQMA0GCSqGSIb3DQEBCwUAA4IBAQAOd8o5QWpNIAsXDXkClvmj+GWd
AvunzBbPYqgWs6c8bMRkjirQ5kvWMBOViOV7+yBCfY9Eztehg4BorpjbmlPD+Y2Q
9ucprLFwbKUiCgiEcNqZ0K/YX7Yg1DuJinylbYCKQmCJZUhOORjo6vonDmmy62Sc
5drMz3QucNSx/dqsoQr4o9Tpk93KqKrIGTI+n0auVbNMgkKEGorUmxeNIo9izf7d
SQkZK8GEk/zXtK3a9lnsl0iqrsmng7tAsSmloMWHxV5Hhsq5bTRWcI7kcYG/hLyw
WR9c5HfPc9Qk+bI/9wPFehdIrGtXS/IN6+tx1ylujebM0sQlixluhI3uRI/v
-----END CERTIFICATE-----
Generated at Sun Jan 7 11:20:38 2024 by rpki-client on console-ams.rpki-client.org