Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/8fad8b-a033-4484-885e-e02872d1db01/1/mRfRgBgEUOC0eq1AsUiEIaGVDcg.roa
File: mRfRgBgEUOC0eq1AsUiEIaGVDcg.roa (raw, json)
Hash identifier: jAi5+xo+NXX4Asgxqf+4J/uRPl145XrzS2Q4RtuuKuI=
Subject key identifier: 99:17:D1:80:18:04:50:E0:B4:7A:AD:40:B1:48:84:21:A1:95:0D:C8
Certificate issuer: /CN=2e41457da1ea6c79b1b6bea52c64a7a1b5f29648
Certificate serial: 018571B0C3F7AA6FFDEF0A67D8064612377B
Authority key identifier: 2E:41:45:7D:A1:EA:6C:79:B1:B6:BE:A5:2C:64:A7:A1:B5:F2:96:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LkFFfaHqbHmxtr6lLGSnobXylkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/8fad8b-a033-4484-885e-e02872d1db01/1/mRfRgBgEUOC0eq1AsUiEIaGVDcg.roa
Signing time: Mon 02 Jan 2023 08:54:47 +0000
ROA not before: Mon 02 Jan 2023 08:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202060
IP address blocks: 2001:67c:558::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:c3:f7:aa:6f:fd:ef:0a:67:d8:06:46:12:37:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e41457da1ea6c79b1b6bea52c64a7a1b5f29648
Validity
Not Before: Jan 2 08:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9917d180180450e0b47aad40b1488421a1950dc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a9:3d:07:c6:f6:36:2b:59:ee:34:f5:db:65:
d2:17:ac:d2:fe:ee:a5:63:66:57:13:97:b3:cf:e9:
88:8e:d2:55:2b:c5:60:45:25:ec:7e:4a:57:55:2e:
56:fc:57:b6:46:0e:2a:5b:37:0b:7f:9d:a9:c6:f3:
ae:28:9e:99:15:14:ea:ff:b4:c2:77:de:a9:a4:cd:
ae:7a:41:cc:46:ef:25:30:9e:12:2c:b0:b3:9b:14:
bd:4e:0a:30:fd:af:73:17:c0:b2:3d:64:cf:ee:a0:
56:43:ea:d6:35:44:1b:00:f0:91:bc:de:dc:01:35:
f5:26:dd:12:37:35:ad:88:cd:69:68:a5:07:f9:cc:
1c:fd:83:20:e4:24:44:04:3a:10:31:8f:21:ec:ef:
4c:f6:3d:54:0b:24:85:e5:00:66:3e:20:db:24:29:
8d:74:81:99:19:ad:ae:77:4a:8f:9e:28:70:62:44:
a4:2a:e0:31:9c:0a:28:03:79:b7:7c:bf:c2:8c:e7:
5d:00:e2:38:dd:82:bc:8f:d7:ea:a8:0e:e4:85:cc:
d4:6e:c1:99:4b:bf:f7:99:48:17:ec:b5:85:d9:b6:
81:df:7d:77:45:50:59:eb:cc:40:4a:19:9d:12:13:
d1:d7:79:dd:2d:57:a8:17:cb:3c:7b:72:22:0d:0a:
bf:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:17:D1:80:18:04:50:E0:B4:7A:AD:40:B1:48:84:21:A1:95:0D:C8
X509v3 Authority Key Identifier:
keyid:2E:41:45:7D:A1:EA:6C:79:B1:B6:BE:A5:2C:64:A7:A1:B5:F2:96:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LkFFfaHqbHmxtr6lLGSnobXylkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/8fad8b-a033-4484-885e-e02872d1db01/1/mRfRgBgEUOC0eq1AsUiEIaGVDcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/8fad8b-a033-4484-885e-e02872d1db01/1/LkFFfaHqbHmxtr6lLGSnobXylkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:558::/48
Signature Algorithm: sha256WithRSAEncryption
41:bf:69:51:f3:6f:9a:be:33:49:8f:ec:01:4a:42:eb:ea:fb:
13:96:13:01:02:ff:6e:50:f0:03:4d:2b:a5:00:14:0a:02:96:
aa:ae:f0:77:57:e3:7a:8e:ba:2f:9c:7e:63:5a:cb:49:c0:b1:
59:30:0a:ad:34:dd:bf:30:a0:ad:33:01:05:14:ca:89:33:4b:
a7:18:8f:ad:eb:10:d6:18:9e:93:cd:1a:d4:8c:70:45:d0:39:
a7:15:d6:97:ef:dc:d3:77:b3:4f:45:64:79:5a:5d:58:4f:d2:
1c:48:2e:b7:7f:59:63:75:13:77:1c:a0:16:0e:41:b0:55:27:
80:e5:78:bb:99:e0:6b:a7:09:c4:57:80:ee:d1:b2:d3:2a:6a:
cd:e3:79:d8:ce:f0:b6:25:21:cd:e0:97:e5:93:fa:b7:ea:f6:
a5:9c:1f:8e:30:3b:cb:1b:4a:b6:3a:c5:b2:40:9e:27:96:e1:
83:99:b2:6e:ec:a5:2c:04:b1:fe:b7:a3:94:c5:2d:4c:84:d2:
72:68:87:78:8a:55:8d:2d:b2:fc:d4:6c:4e:98:d6:66:63:83:
59:ce:fa:58:5a:fe:3d:26:95:79:a2:6d:cb:f2:bf:39:e0:4c:
1e:4f:62:e2:49:e3:5c:2a:f8:e7:e4:a1:8e:70:e4:57:f4:ae:
91:e8:89:89
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxsMP3qm/97wpn2AZGEjd7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNDE0NTdkYTFlYTZjNzliMWI2YmVhNTJjNjRhN2ExYjVm
Mjk2NDgwHhcNMjMwMTAyMDg1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTE3ZDE4MDE4MDQ1MGUwYjQ3YWFkNDBiMTQ4ODQyMWExOTUwZGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqk9B8b2NitZ7jT122XSF6zS/u6l
Y2ZXE5ezz+mIjtJVK8VgRSXsfkpXVS5W/Fe2Rg4qWzcLf52pxvOuKJ6ZFRTq/7TC
d96ppM2uekHMRu8lMJ4SLLCzmxS9Tgow/a9zF8CyPWTP7qBWQ+rWNUQbAPCRvN7c
ATX1Jt0SNzWtiM1paKUH+cwc/YMg5CREBDoQMY8h7O9M9j1UCySF5QBmPiDbJCmN
dIGZGa2ud0qPnihwYkSkKuAxnAooA3m3fL/CjOddAOI43YK8j9fqqA7khczUbsGZ
S7/3mUgX7LWF2baB3313RVBZ68xAShmdEhPR13ndLVeoF8s8e3IiDQq/GQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJkX0YAYBFDgtHqtQLFIhCGhlQ3IMB8GA1UdIwQY
MBaAFC5BRX2h6mx5sba+pSxkp6G18pZIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGtGRmZhSHFiSG14dHI2bExHU25vYlh5bGtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84ZmFkOGItYTAzMy00NDg0LTg4NWUt
ZTAyODcyZDFkYjAxLzEvbVJmUmdCZ0VVT0MwZXExQXNVaUVJYUdWRGNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC84ZmFkOGItYTAzMy00NDg0LTg4NWUtZTAyODcyZDFkYjAx
LzEvTGtGRmZhSHFiSG14dHI2bExHU25vYlh5bGtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAVY
MA0GCSqGSIb3DQEBCwUAA4IBAQBBv2lR82+avjNJj+wBSkLr6vsTlhMBAv9uUPAD
TSulABQKApaqrvB3V+N6jrovnH5jWstJwLFZMAqtNN2/MKCtMwEFFMqJM0unGI+t
6xDWGJ6TzRrUjHBF0DmnFdaX79zTd7NPRWR5Wl1YT9IcSC63f1ljdRN3HKAWDkGw
VSeA5Xi7meBrpwnEV4Du0bLTKmrN43nYzvC2JSHN4Jflk/q36valnB+OMDvLG0q2
OsWyQJ4nluGDmbJu7KUsBLH+t6OUxS1MhNJyaId4ilWNLbL81GxOmNZmY4NZzvpY
Wv49JpV5om3L8r854EweT2LiSeNcKvjn5KGOcORX9K6R6ImJ
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:52:41 2024 by rpki-client on console-fra.rpki-client.org