Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/2f3904-3898-42ed-8f40-97345ca17d7f/1/IkLyM1C9EBu3a4evZFO9V-Gkdkw.roa
File: IkLyM1C9EBu3a4evZFO9V-Gkdkw.roa (raw, json)
Hash identifier: sdW6Ce2OHR2hOxHLgW8z3Vq+hjhIgLHJNaO9cX6ikMo=
Subject key identifier: 22:42:F2:33:50:BD:10:1B:B7:6B:87:AF:64:53:BD:57:E1:A4:76:4C
Certificate issuer: /CN=d71fbe3820f6f18ea1b3336da9f072b8fd2a0df2
Certificate serial: 018572711CBF17E35C13707802961662A046
Authority key identifier: D7:1F:BE:38:20:F6:F1:8E:A1:B3:33:6D:A9:F0:72:B8:FD:2A:0D:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1x--OCD28Y6hszNtqfByuP0qDfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/2f3904-3898-42ed-8f40-97345ca17d7f/1/IkLyM1C9EBu3a4evZFO9V-Gkdkw.roa
Signing time: Mon 02 Jan 2023 12:24:53 +0000
ROA not before: Mon 02 Jan 2023 12:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213199
IP address blocks: 2001:67c:285c::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:71:1c:bf:17:e3:5c:13:70:78:02:96:16:62:a0:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d71fbe3820f6f18ea1b3336da9f072b8fd2a0df2
Validity
Not Before: Jan 2 12:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2242f23350bd101bb76b87af6453bd57e1a4764c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:dd:fb:f2:25:e6:03:64:76:98:c2:3d:69:18:
b2:af:09:20:07:bd:6f:5b:c3:a6:39:0f:8d:1d:af:
30:e2:91:27:36:4b:5a:73:79:cd:b6:51:58:7d:5d:
52:7f:60:b1:cd:bb:ea:0f:91:ad:4c:c0:1e:f0:da:
a5:47:79:0d:79:f8:e6:ed:b1:51:11:2d:3b:fb:2c:
5c:40:5e:64:ea:78:22:e5:0e:b5:76:6f:06:56:47:
eb:4a:26:ce:37:7e:36:a1:50:37:e9:b1:10:81:54:
69:6c:7f:1d:81:cd:3c:23:10:2f:01:e6:34:91:80:
44:6a:4d:66:05:0d:2a:de:2e:c7:7f:71:ee:66:91:
64:ae:6f:90:9e:41:76:76:23:62:4d:14:78:be:dd:
47:31:8e:e0:26:eb:22:18:1a:3f:f5:74:b6:0f:fe:
f9:73:ee:c7:27:75:98:46:2c:bc:84:37:65:84:23:
a3:6f:12:67:76:7f:f1:5e:6f:35:0c:9b:df:49:2a:
d7:93:19:c5:df:a0:60:72:79:54:84:bb:fe:61:64:
d3:ef:ee:12:0f:56:53:14:ab:cb:c1:92:da:fe:e6:
a9:0c:15:19:01:ba:30:1b:d2:46:f5:c6:1c:fd:f8:
37:8b:d7:31:2f:74:29:7f:01:72:2b:b1:59:3a:eb:
64:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:42:F2:33:50:BD:10:1B:B7:6B:87:AF:64:53:BD:57:E1:A4:76:4C
X509v3 Authority Key Identifier:
keyid:D7:1F:BE:38:20:F6:F1:8E:A1:B3:33:6D:A9:F0:72:B8:FD:2A:0D:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1x--OCD28Y6hszNtqfByuP0qDfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/2f3904-3898-42ed-8f40-97345ca17d7f/1/IkLyM1C9EBu3a4evZFO9V-Gkdkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/2f3904-3898-42ed-8f40-97345ca17d7f/1/1x--OCD28Y6hszNtqfByuP0qDfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:285c::/48
Signature Algorithm: sha256WithRSAEncryption
7f:c5:73:b1:88:7e:1c:63:9b:c3:d8:d1:f2:3f:37:4b:9a:01:
48:ad:01:7e:43:47:9f:0e:6f:10:db:4c:43:f4:32:44:ea:47:
d9:1c:9a:c6:89:88:40:7c:bd:1e:1b:b0:58:db:08:db:44:18:
fa:dd:3e:72:ba:34:e4:58:63:be:c4:b6:25:54:0c:ae:96:ad:
ff:7b:6d:73:a5:3e:44:3d:4d:81:5f:a5:39:2d:9a:c4:10:8a:
70:c7:b8:02:e0:5e:38:1a:82:23:39:04:a5:f1:c6:53:bb:b1:
02:9c:93:90:05:f1:0f:d4:6f:c0:dc:bd:69:94:62:80:c2:4f:
73:c3:64:ef:c8:3d:27:ea:63:07:e1:09:c4:c0:91:76:a3:20:
66:6b:3f:db:b0:82:3d:8b:1f:75:bd:2f:63:1c:3a:7e:5b:b9:
ee:1f:c4:61:e3:46:16:31:39:7a:35:cf:0a:26:31:95:07:b0:
9a:4d:46:81:70:cf:9e:83:97:43:c5:85:5c:16:f3:92:e6:fa:
09:7e:04:6c:46:b8:10:14:8c:f0:49:97:6e:87:5d:83:3b:f9:
53:6c:9b:63:f4:70:47:f1:9e:13:bb:a4:c0:92:d1:da:f9:21:
f6:49:7d:25:a5:81:00:1b:54:57:fc:71:ee:8d:a0:54:49:24:
f8:3d:d9:d7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVycRy/F+NcE3B4ApYWYqBGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MWZiZTM4MjBmNmYxOGVhMWIzMzM2ZGE5ZjA3MmI4ZmQy
YTBkZjIwHhcNMjMwMTAyMTIyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjQyZjIzMzUwYmQxMDFiYjc2Yjg3YWY2NDUzYmQ1N2UxYTQ3NjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAld378iXmA2R2mMI9aRiyrwkgB71v
W8OmOQ+NHa8w4pEnNktac3nNtlFYfV1Sf2CxzbvqD5GtTMAe8NqlR3kNefjm7bFR
ES07+yxcQF5k6ngi5Q61dm8GVkfrSibON342oVA36bEQgVRpbH8dgc08IxAvAeY0
kYBEak1mBQ0q3i7Hf3HuZpFkrm+QnkF2diNiTRR4vt1HMY7gJusiGBo/9XS2D/75
c+7HJ3WYRiy8hDdlhCOjbxJndn/xXm81DJvfSSrXkxnF36BgcnlUhLv+YWTT7+4S
D1ZTFKvLwZLa/uapDBUZAbowG9JG9cYc/fg3i9cxL3QpfwFyK7FZOutkCwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCJC8jNQvRAbt2uHr2RTvVfhpHZMMB8GA1UdIwQY
MBaAFNcfvjgg9vGOobMzbanwcrj9Kg3yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXgtLU9DRDI4WTZoc3pOdHFmQnl1UDBxRGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8yZjM5MDQtMzg5OC00MmVkLThmNDAt
OTczNDVjYTE3ZDdmLzEvSWtMeU0xQzlFQnUzYTRldlpGTzlWLUdrZGt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8yZjM5MDQtMzg5OC00MmVkLThmNDAtOTczNDVjYTE3ZDdm
LzEvMXgtLU9DRDI4WTZoc3pOdHFmQnl1UDBxRGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfChc
MA0GCSqGSIb3DQEBCwUAA4IBAQB/xXOxiH4cY5vD2NHyPzdLmgFIrQF+Q0efDm8Q
20xD9DJE6kfZHJrGiYhAfL0eG7BY2wjbRBj63T5yujTkWGO+xLYlVAyulq3/e21z
pT5EPU2BX6U5LZrEEIpwx7gC4F44GoIjOQSl8cZTu7ECnJOQBfEP1G/A3L1plGKA
wk9zw2TvyD0n6mMH4QnEwJF2oyBmaz/bsII9ix91vS9jHDp+W7nuH8Rh40YWMTl6
Nc8KJjGVB7CaTUaBcM+eg5dDxYVcFvOS5voJfgRsRrgQFIzwSZduh12DO/lTbJtj
9HBH8Z4Tu6TAktHa+SH2SX0lpYEAG1RX/HHujaBUSST4PdnX
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:19:55 2024 by rpki-client on console-ams.rpki-client.org