Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/AlFWl0WTPUfagatw_2v1J6O-DVI.roa
File: AlFWl0WTPUfagatw_2v1J6O-DVI.roa (raw, json)
Hash identifier: sQWNesKZezHPGNfFZhe3yCYwRBQzaRpOI8OxhCIF7VI=
Subject key identifier: 02:51:56:97:45:93:3D:47:DA:81:AB:70:FF:6B:F5:27:A3:BE:0D:52
Certificate issuer: /CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8
Certificate serial: 01856FD535DDD94B56F9DCEDA160090531F5
Authority key identifier: 38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/AlFWl0WTPUfagatw_2v1J6O-DVI.roa
Signing time: Mon 02 Jan 2023 00:15:21 +0000
ROA not before: Mon 02 Jan 2023 00:15:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211454
IP address blocks: 2a0a:d6c0:eff4::/48 maxlen: 48
2a0a:d6c0:2157::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:35:dd:d9:4b:56:f9:dc:ed:a1:60:09:05:31:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8
Validity
Not Before: Jan 2 00:15:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0251569745933d47da81ab70ff6bf527a3be0d52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:60:57:1d:9c:c7:4f:c4:96:5e:d3:1a:0c:4c:
81:91:60:82:8f:c9:6a:20:78:dd:1d:4b:62:b7:a0:
94:de:c4:ed:2c:d6:b1:ab:21:9e:22:12:d0:e1:39:
be:4a:2f:f7:88:34:40:bc:7c:bb:72:4e:ed:6c:6a:
9b:ca:00:08:23:94:33:26:f0:7d:e7:28:bd:03:a6:
f7:76:5c:b8:93:a3:08:97:ad:2f:a9:af:61:9a:61:
2c:bd:ca:bb:f0:5f:47:71:06:2e:3a:cc:39:84:8d:
41:a9:53:e9:f4:23:31:17:09:ad:65:d7:7b:33:e4:
d1:94:e3:6e:1b:55:d8:f0:95:d6:17:93:a2:f0:07:
93:88:3c:be:36:6d:bc:89:31:7b:7a:ac:c4:28:62:
8d:e4:b5:60:da:63:25:02:6c:62:d6:1a:6f:88:40:
5c:dd:ac:03:f6:b5:67:53:20:56:ef:77:da:d3:44:
25:36:c0:9c:d9:75:da:02:52:04:24:0b:e1:d1:2a:
d9:32:9b:92:06:2d:4c:8e:36:7d:d6:ce:a1:d1:0c:
9c:fc:75:c8:09:a6:61:1c:88:ac:30:54:99:28:f6:
69:c6:a9:21:72:3d:e7:fe:35:d0:53:b3:56:94:16:
84:93:c9:b2:46:69:ca:df:d1:02:23:96:a5:71:92:
40:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:51:56:97:45:93:3D:47:DA:81:AB:70:FF:6B:F5:27:A3:BE:0D:52
X509v3 Authority Key Identifier:
keyid:38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/AlFWl0WTPUfagatw_2v1J6O-DVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:d6c0:2157::/48
2a0a:d6c0:eff4::/48
Signature Algorithm: sha256WithRSAEncryption
b1:d3:83:a9:16:a4:3c:e4:91:7e:a3:47:ec:dc:d5:86:d3:7f:
15:40:31:cd:21:c7:de:ed:4d:d9:38:1b:7a:7a:20:93:25:fb:
e9:c9:86:7d:60:fc:7c:9c:6a:88:f1:3d:4c:3b:06:2f:84:57:
5e:6f:54:9e:25:5a:23:17:d5:6d:f7:24:12:d8:d6:af:1f:59:
94:cd:4d:29:bd:83:a9:5f:4c:d8:43:3d:ed:ee:fc:e0:7e:48:
4c:86:0b:4d:24:39:e7:67:8d:ec:af:2b:cf:17:eb:09:31:9f:
27:63:92:bd:70:af:c2:fa:a9:76:bd:32:8a:83:c9:6c:94:35:
3b:91:28:d3:00:e8:78:fa:ed:59:d5:74:fe:ef:4a:a5:a9:95:
f2:03:4a:7c:2a:d3:de:d6:ae:aa:be:d5:06:71:04:3f:30:bb:
da:ac:9b:9e:d9:6a:9c:7a:39:e9:e1:47:9b:39:33:22:ae:c7:
5a:be:89:ed:0c:08:9d:1c:ae:18:df:bf:fe:1b:30:f8:a2:35:
7c:65:b0:d7:42:41:0e:8e:a6:bc:d7:fc:3e:01:35:fb:98:7d:
d1:c3:18:43:a8:a8:ca:ab:0f:33:95:82:5a:b6:63:b8:58:cf:
0a:cf:f3:bb:20:9c:06:14:07:b9:c7:d6:7d:65:d3:00:e9:a1:
fd:a0:a5:3b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVv1TXd2UtW+dztoWAJBTH1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4N2Q2ZGY3ZWI3NTQyZTAzMzNhZWVkZDE0YWRmZjhmNTFm
OGNiZDgwHhcNMjMwMTAyMDAxNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjUxNTY5NzQ1OTMzZDQ3ZGE4MWFiNzBmZjZiZjUyN2EzYmUwZDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmBXHZzHT8SWXtMaDEyBkWCCj8lq
IHjdHUtit6CU3sTtLNaxqyGeIhLQ4Tm+Si/3iDRAvHy7ck7tbGqbygAII5QzJvB9
5yi9A6b3dly4k6MIl60vqa9hmmEsvcq78F9HcQYuOsw5hI1BqVPp9CMxFwmtZdd7
M+TRlONuG1XY8JXWF5Oi8AeTiDy+Nm28iTF7eqzEKGKN5LVg2mMlAmxi1hpviEBc
3awD9rVnUyBW73fa00QlNsCc2XXaAlIEJAvh0SrZMpuSBi1MjjZ91s6h0Qyc/HXI
CaZhHIisMFSZKPZpxqkhcj3n/jXQU7NWlBaEk8myRmnK39ECI5alcZJA3QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAJRVpdFkz1H2oGrcP9r9Sejvg1SMB8GA1UdIwQY
MBaAFDh9bffrdULgMzru3RSt/49R+MvYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2Mt
NjA5YTQ4YjJiMTRkLzEvQWxGV2wwV1RQVWZhZ2F0d18ydjFKNk8tRFZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2MtNjA5YTQ4YjJiMTRk
LzEvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgrWwCFX
AwcAKgrWwO/0MA0GCSqGSIb3DQEBCwUAA4IBAQCx04OpFqQ85JF+o0fs3NWG038V
QDHNIcfe7U3ZOBt6eiCTJfvpyYZ9YPx8nGqI8T1MOwYvhFdeb1SeJVojF9Vt9yQS
2NavH1mUzU0pvYOpX0zYQz3t7vzgfkhMhgtNJDnnZ43sryvPF+sJMZ8nY5K9cK/C
+ql2vTKKg8lslDU7kSjTAOh4+u1Z1XT+70qlqZXyA0p8KtPe1q6qvtUGcQQ/MLva
rJue2Wqcejnp4UebOTMirsdavontDAidHK4Y37/+GzD4ojV8ZbDXQkEOjqa81/w+
ATX7mH3RwxhDqKjKqw8zlYJatmO4WM8Kz/O7IJwGFAe5x9Z9ZdMA6aH9oKU7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:38 2024 by rpki-client on console-fra.rpki-client.org