Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/4b06d3-a58b-4a29-b68d-764de3b7bf3d/1/_2NzuqMMY_tQEXHqqbMndS0tYjM.roa
File: _2NzuqMMY_tQEXHqqbMndS0tYjM.roa (raw, json)
Hash identifier: rassEgiy5TEI/nkrzQvCEcqvsJWXbYr70BKOJwrAedU=
Subject key identifier: FF:63:73:BA:A3:0C:63:FB:50:11:71:EA:A9:B3:27:75:2D:2D:62:33
Certificate issuer: /CN=220c904d430e4f999d147e214515e9cba7ac7e84
Certificate serial: 01856E78C1538D6981BB7974CA1F98C3BA93
Authority key identifier: 22:0C:90:4D:43:0E:4F:99:9D:14:7E:21:45:15:E9:CB:A7:AC:7E:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IgyQTUMOT5mdFH4hRRXpy6esfoQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/4b06d3-a58b-4a29-b68d-764de3b7bf3d/1/_2NzuqMMY_tQEXHqqbMndS0tYjM.roa
Signing time: Sun 01 Jan 2023 17:54:45 +0000
ROA not before: Sun 01 Jan 2023 17:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16074
IP address blocks: 2001:67c:2f04::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:c1:53:8d:69:81:bb:79:74:ca:1f:98:c3:ba:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=220c904d430e4f999d147e214515e9cba7ac7e84
Validity
Not Before: Jan 1 17:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff6373baa30c63fb501171eaa9b327752d2d6233
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d1:17:41:00:a8:f6:c0:25:b3:e9:e0:51:b4:
b6:9c:4a:0e:4f:ad:d4:9d:36:fe:b6:06:66:ee:f9:
b5:a5:41:0a:3f:75:58:a5:35:0c:7a:14:7d:6f:91:
bb:05:20:96:64:84:ed:3d:5b:f2:77:45:05:66:55:
8a:a8:c6:b3:5d:96:37:21:be:cc:c6:50:55:4c:45:
fe:ed:6d:f3:01:5f:aa:27:dd:ff:a4:73:29:14:c3:
ef:3b:e6:d9:8f:60:4b:85:7e:d8:4f:b8:51:f6:56:
b7:ef:8e:cd:47:3e:9e:74:2b:36:e6:19:6d:46:13:
4f:ab:83:ea:63:78:38:a6:3a:c3:d2:a1:94:ff:ee:
cc:51:33:28:f4:dd:48:cf:a6:5d:b3:92:be:8e:04:
68:80:b4:57:11:10:c7:f5:7a:33:e6:3d:a5:9d:33:
e4:30:1a:b9:d8:78:a7:c1:52:71:e1:6d:b9:77:1a:
24:26:9e:22:39:49:b8:f8:92:15:19:0f:58:bd:a3:
cf:45:a3:cf:4e:74:e1:ac:1b:f3:96:c3:1a:ea:db:
3d:6d:57:ad:b8:20:4f:95:a4:3e:5f:39:5a:54:09:
37:c5:80:78:cb:e3:27:7b:7d:fe:ae:78:4c:22:d5:
bb:be:89:0e:05:b8:f9:cb:f8:6b:ae:97:51:45:2c:
93:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:63:73:BA:A3:0C:63:FB:50:11:71:EA:A9:B3:27:75:2D:2D:62:33
X509v3 Authority Key Identifier:
keyid:22:0C:90:4D:43:0E:4F:99:9D:14:7E:21:45:15:E9:CB:A7:AC:7E:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IgyQTUMOT5mdFH4hRRXpy6esfoQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/4b06d3-a58b-4a29-b68d-764de3b7bf3d/1/_2NzuqMMY_tQEXHqqbMndS0tYjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/4b06d3-a58b-4a29-b68d-764de3b7bf3d/1/IgyQTUMOT5mdFH4hRRXpy6esfoQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2f04::/48
Signature Algorithm: sha256WithRSAEncryption
84:62:0f:40:da:50:89:4a:9d:a0:d8:85:70:d7:0b:b7:03:33:
c2:25:53:e0:c6:bc:3b:c0:fe:77:53:0f:bb:cc:f6:21:17:4e:
76:36:af:5a:58:56:2b:15:a4:4c:e4:ad:e9:db:09:1b:9b:7d:
41:4c:88:e1:c4:fc:c5:fb:23:89:a6:94:95:65:cb:7e:f8:d1:
ab:00:43:d7:df:c4:fd:10:1d:be:2f:75:d3:4e:df:5a:b6:6e:
65:13:ba:4c:65:b0:8b:de:2d:f0:79:86:8e:a3:2a:cc:87:6a:
b8:4a:48:6f:29:72:ef:e9:e6:34:5a:40:a0:2a:3a:a1:e5:04:
ab:3c:35:5d:5e:51:13:f0:e0:b2:aa:bd:b3:c7:c4:f1:7e:76:
8a:e5:2d:68:b8:9b:90:86:c3:2e:97:37:f8:67:f1:d4:35:7f:
29:1d:c2:b8:fb:34:b2:37:e2:fd:ba:ee:28:ec:7f:e2:ff:ae:
e3:2e:bc:01:93:6a:ce:3e:b1:16:2f:49:62:f3:cb:7a:8f:a1:
11:04:6f:9c:2d:d2:9d:b9:a4:24:fb:6e:38:d8:74:58:b0:b4:
c1:ba:86:ab:82:d7:1f:8d:95:cc:a3:89:2f:18:a1:92:1f:72:
61:79:8a:31:e8:3b:11:03:50:de:b4:2b:d3:dc:29:e9:ee:bf:
61:9b:fc:5c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVueMFTjWmBu3l0yh+Yw7qTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMGM5MDRkNDMwZTRmOTk5ZDE0N2UyMTQ1MTVlOWNiYTdh
YzdlODQwHhcNMjMwMTAxMTc1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjYzNzNiYWEzMGM2M2ZiNTAxMTcxZWFhOWIzMjc3NTJkMmQ2MjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9EXQQCo9sAls+ngUbS2nEoOT63U
nTb+tgZm7vm1pUEKP3VYpTUMehR9b5G7BSCWZITtPVvyd0UFZlWKqMazXZY3Ib7M
xlBVTEX+7W3zAV+qJ93/pHMpFMPvO+bZj2BLhX7YT7hR9la3747NRz6edCs25hlt
RhNPq4PqY3g4pjrD0qGU/+7MUTMo9N1Iz6Zds5K+jgRogLRXERDH9Xoz5j2lnTPk
MBq52HinwVJx4W25dxokJp4iOUm4+JIVGQ9YvaPPRaPPTnThrBvzlsMa6ts9bVet
uCBPlaQ+XzlaVAk3xYB4y+Mne33+rnhMItW7vokOBbj5y/hrrpdRRSyTCwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFP9jc7qjDGP7UBFx6qmzJ3UtLWIzMB8GA1UdIwQY
MBaAFCIMkE1DDk+ZnRR+IUUV6cunrH6EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWd5UVRVTU9UNW1kRkg0aFJSWHB5NmVzZm9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy80YjA2ZDMtYTU4Yi00YTI5LWI2OGQt
NzY0ZGUzYjdiZjNkLzEvXzJOenVxTU1ZX3RRRVhIcXFiTW5kUzB0WWpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy80YjA2ZDMtYTU4Yi00YTI5LWI2OGQtNzY0ZGUzYjdiZjNk
LzEvSWd5UVRVTU9UNW1kRkg0aFJSWHB5NmVzZm9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfC8E
MA0GCSqGSIb3DQEBCwUAA4IBAQCEYg9A2lCJSp2g2IVw1wu3AzPCJVPgxrw7wP53
Uw+7zPYhF052Nq9aWFYrFaRM5K3p2wkbm31BTIjhxPzF+yOJppSVZct++NGrAEPX
38T9EB2+L3XTTt9atm5lE7pMZbCL3i3weYaOoyrMh2q4SkhvKXLv6eY0WkCgKjqh
5QSrPDVdXlET8OCyqr2zx8TxfnaK5S1ouJuQhsMulzf4Z/HUNX8pHcK4+zSyN+L9
uu4o7H/i/67jLrwBk2rOPrEWL0li88t6j6ERBG+cLdKduaQk+2442HRYsLTBuoar
gtcfjZXMo4kvGKGSH3JheYox6DsRA1DetCvT3Cnp7r9hm/xc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:08 2024 by rpki-client on console-fra.rpki-client.org