Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/mVwjOqKaBW8KAcajoEu5fE-V4jg.roa
File: mVwjOqKaBW8KAcajoEu5fE-V4jg.roa (raw, json)
Hash identifier: d6LUV/tE8hBiq3+0t6n9fvSUMTvwO8quEk2H5UDtFQM=
Subject key identifier: 99:5C:23:3A:A2:9A:05:6F:0A:01:C6:A3:A0:4B:B9:7C:4F:95:E2:38
Certificate issuer: /CN=c531b63d11a6cc2d1ce69e1311c87ac1a6a70733
Certificate serial: 01856DC1AFD0D06F0BFFB83DBCE0CB58CA49
Authority key identifier: C5:31:B6:3D:11:A6:CC:2D:1C:E6:9E:13:11:C8:7A:C1:A6:A7:07:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/mVwjOqKaBW8KAcajoEu5fE-V4jg.roa
Signing time: Sun 01 Jan 2023 14:34:48 +0000
ROA not before: Sun 01 Jan 2023 14:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210825
IP address blocks: 2001:67c:80c::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:af:d0:d0:6f:0b:ff:b8:3d:bc:e0:cb:58:ca:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c531b63d11a6cc2d1ce69e1311c87ac1a6a70733
Validity
Not Before: Jan 1 14:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=995c233aa29a056f0a01c6a3a04bb97c4f95e238
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:10:e4:e8:54:05:14:d9:d5:9a:73:30:10:ad:
73:0a:6b:2b:c4:f5:69:66:c2:f6:81:5b:e7:c8:c6:
05:d1:f2:34:81:dc:86:cb:48:23:ae:48:c8:95:0d:
6c:87:97:8a:60:ff:2e:48:f2:39:0f:14:13:52:fe:
71:77:a1:6a:ab:54:2a:04:af:65:02:81:d7:87:5f:
86:5a:0f:37:dd:7a:d4:7f:a8:d6:74:45:c6:b0:88:
b7:1e:fb:96:ea:85:0d:eb:17:49:18:86:12:55:79:
22:14:69:88:3a:1b:62:cd:3c:19:0c:9a:f3:9e:07:
98:19:b7:6e:2d:4c:7a:28:34:e3:03:a7:5c:46:87:
33:8c:28:2b:1a:8f:b3:07:fb:e0:c1:9f:fa:f8:ce:
66:23:6b:82:9f:e3:74:ae:a3:d3:53:6f:6b:20:11:
29:8e:00:ee:cd:b2:38:93:09:5d:dd:03:26:7f:82:
cb:7c:8b:dd:ff:db:4b:86:27:bb:30:5a:ba:7b:92:
35:86:c4:d4:a7:3a:d5:77:df:9c:fd:79:9f:3f:f8:
81:fc:23:f2:22:d2:68:1a:dd:2b:29:ce:7d:9f:b6:
ee:24:62:24:53:1c:18:fc:52:7f:f4:22:df:16:09:
c9:36:a0:b8:3c:11:09:6f:5c:0e:48:ec:3b:37:ea:
92:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:5C:23:3A:A2:9A:05:6F:0A:01:C6:A3:A0:4B:B9:7C:4F:95:E2:38
X509v3 Authority Key Identifier:
keyid:C5:31:B6:3D:11:A6:CC:2D:1C:E6:9E:13:11:C8:7A:C1:A6:A7:07:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/mVwjOqKaBW8KAcajoEu5fE-V4jg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:80c::/48
Signature Algorithm: sha256WithRSAEncryption
47:29:c9:94:cf:e1:48:5b:d1:eb:85:19:eb:d5:c0:6d:6f:5c:
3b:44:1f:38:69:20:cb:9c:33:13:3a:1a:38:7d:80:79:2e:ee:
08:ae:f0:59:31:52:d4:b8:5c:6e:6d:ea:fa:a6:f7:97:bf:f1:
1a:06:6e:af:20:98:5d:7c:85:4a:bc:65:a1:c7:30:ad:b2:49:
fa:30:f9:27:ad:2a:f0:5a:87:17:4c:9e:25:5c:2c:4b:cd:ff:
e8:e1:bd:94:eb:9f:c0:ea:d4:22:53:02:3b:45:56:2e:99:78:
21:a2:b3:86:74:c5:ea:f6:cc:bf:e6:99:f8:37:eb:54:bb:05:
5b:c9:62:82:b5:d8:ee:bb:10:47:1b:0f:d4:27:a5:db:c9:b9:
54:ab:f8:14:bf:d2:d1:36:b4:55:91:6f:55:80:e8:05:1e:ef:
e5:02:08:96:75:b7:63:6c:af:f2:5b:03:da:b4:aa:5f:b0:e9:
98:2c:18:b0:8a:98:73:55:b3:67:f7:59:84:75:39:9b:d1:c3:
f9:4f:f4:1b:85:50:1b:83:5f:3d:c5:8a:e9:68:98:f4:8c:a8:
c2:44:75:dc:aa:0e:d4:c4:71:68:80:03:e4:d6:fc:a4:ab:ec:
b7:79:a3:68:39:93:91:0a:1d:1d:76:6f:f8:79:0a:0a:0c:04:
77:cc:ef:0c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtwa/Q0G8L/7g9vODLWMpJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1MzFiNjNkMTFhNmNjMmQxY2U2OWUxMzExYzg3YWMxYTZh
NzA3MzMwHhcNMjMwMTAxMTQzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTVjMjMzYWEyOWEwNTZmMGEwMWM2YTNhMDRiYjk3YzRmOTVlMjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0RDk6FQFFNnVmnMwEK1zCmsrxPVp
ZsL2gVvnyMYF0fI0gdyGy0gjrkjIlQ1sh5eKYP8uSPI5DxQTUv5xd6Fqq1QqBK9l
AoHXh1+GWg833XrUf6jWdEXGsIi3HvuW6oUN6xdJGIYSVXkiFGmIOhtizTwZDJrz
ngeYGbduLUx6KDTjA6dcRoczjCgrGo+zB/vgwZ/6+M5mI2uCn+N0rqPTU29rIBEp
jgDuzbI4kwld3QMmf4LLfIvd/9tLhie7MFq6e5I1hsTUpzrVd9+c/XmfP/iB/CPy
ItJoGt0rKc59n7buJGIkUxwY/FJ/9CLfFgnJNqC4PBEJb1wOSOw7N+qS/wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJlcIzqimgVvCgHGo6BLuXxPleI4MB8GA1UdIwQY
MBaAFMUxtj0RpswtHOaeExHIesGmpwczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84Njg5OGUtZTZlNi00Yjg4LTg4MTEt
ZGI4Y2FiY2VlMjFlLzEvbVZ3ak9xS2FCVzhLQWNham9FdTVmRS1WNGpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC84Njg5OGUtZTZlNi00Yjg4LTg4MTEtZGI4Y2FiY2VlMjFl
LzEveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAgM
MA0GCSqGSIb3DQEBCwUAA4IBAQBHKcmUz+FIW9HrhRnr1cBtb1w7RB84aSDLnDMT
Oho4fYB5Lu4IrvBZMVLUuFxuber6pveXv/EaBm6vIJhdfIVKvGWhxzCtskn6MPkn
rSrwWocXTJ4lXCxLzf/o4b2U65/A6tQiUwI7RVYumXghorOGdMXq9sy/5pn4N+tU
uwVbyWKCtdjuuxBHGw/UJ6XbyblUq/gUv9LRNrRVkW9VgOgFHu/lAgiWdbdjbK/y
WwPatKpfsOmYLBiwiphzVbNn91mEdTmb0cP5T/QbhVAbg189xYrpaJj0jKjCRHXc
qg7UxHFogAPk1vykq+y3eaNoOZORCh0ddm/4eQoKDAR3zO8M
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:52:41 2024 by rpki-client on console-fra.rpki-client.org