Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/3cf2fb-cf43-4c52-a2a1-be8d8c67df95/1/wC8YGyM2LnOUSK-aO5QaHTYM924.roa
File: wC8YGyM2LnOUSK-aO5QaHTYM924.roa (raw, json)
Hash identifier: 2HQRCIqpBhfE2ph4NHyhIuBz3W5iXXK5z73oEhEdvgA=
Subject key identifier: C0:2F:18:1B:23:36:2E:73:94:48:AF:9A:3B:94:1A:1D:36:0C:F7:6E
Certificate issuer: /CN=018cc6f466a241657bf5ec52a630daeb01222f85
Certificate serial: 01860A2DB23549EDCCF9046968D56FB3B66F
Authority key identifier: 01:8C:C6:F4:66:A2:41:65:7B:F5:EC:52:A6:30:DA:EB:01:22:2F:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AYzG9GaiQWV79exSpjDa6wEiL4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/3cf2fb-cf43-4c52-a2a1-be8d8c67df95/1/wC8YGyM2LnOUSK-aO5QaHTYM924.roa
Signing time: Tue 31 Jan 2023 23:33:32 +0000
ROA not before: Tue 31 Jan 2023 23:33:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23738
IP address blocks: 2a0f:d800::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0a:2d:b2:35:49:ed:cc:f9:04:69:68:d5:6f:b3:b6:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=018cc6f466a241657bf5ec52a630daeb01222f85
Validity
Not Before: Jan 31 23:33:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c02f181b23362e739448af9a3b941a1d360cf76e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:d5:2b:ea:4d:a5:af:06:ab:06:fa:1e:df:bf:
a6:ef:a9:fb:42:e9:09:54:98:93:fe:65:08:3d:40:
0b:d1:93:0c:bc:dc:12:05:eb:85:3f:24:d6:94:cf:
4f:44:d9:3e:39:1d:15:dc:76:c3:bb:1b:4b:3f:d3:
34:fb:6e:3e:8b:c6:a6:f6:b9:2b:f6:52:fe:d2:bb:
aa:9f:bb:98:e5:a4:53:93:8d:0f:b6:60:98:ba:ef:
3f:94:fe:ec:b4:25:69:ee:68:28:1d:46:c5:7a:e2:
87:51:b1:da:bd:ed:4c:55:66:d1:c8:fc:86:78:51:
d7:78:84:f2:87:cc:7e:00:45:a5:a1:60:fb:35:06:
b4:88:d4:b0:8b:41:d3:21:96:8c:3a:cd:a4:ca:fb:
35:85:5b:ee:ab:49:d5:5a:27:5d:bf:a9:de:7f:17:
39:33:22:3e:54:47:f0:19:a3:6e:a6:d6:db:97:e4:
e1:cc:73:61:f2:94:e2:95:27:bc:62:b2:7f:e5:0e:
3b:0e:17:9b:b7:5c:74:cc:f6:d5:b7:ee:0a:48:d2:
ed:a7:38:f8:f2:cb:17:bb:c8:98:33:1f:37:17:98:
f1:3d:3f:29:91:6f:6d:06:34:4a:2f:c5:73:73:e5:
7e:27:1d:ab:e0:6a:68:6e:23:84:29:c8:cb:08:8f:
9a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:2F:18:1B:23:36:2E:73:94:48:AF:9A:3B:94:1A:1D:36:0C:F7:6E
X509v3 Authority Key Identifier:
keyid:01:8C:C6:F4:66:A2:41:65:7B:F5:EC:52:A6:30:DA:EB:01:22:2F:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AYzG9GaiQWV79exSpjDa6wEiL4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/3cf2fb-cf43-4c52-a2a1-be8d8c67df95/1/wC8YGyM2LnOUSK-aO5QaHTYM924.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/3cf2fb-cf43-4c52-a2a1-be8d8c67df95/1/AYzG9GaiQWV79exSpjDa6wEiL4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:d800::/29
Signature Algorithm: sha256WithRSAEncryption
bb:7f:34:67:17:77:db:df:b8:cd:7f:23:0c:b9:68:76:90:83:
6c:1b:c0:a4:0f:db:23:11:84:2c:75:d0:20:8f:c8:56:56:b5:
2f:05:1e:a6:7d:3b:75:40:40:bd:83:bb:38:19:eb:3d:11:db:
24:27:c4:03:cc:bf:ca:44:eb:4e:8e:0f:f9:06:9b:e0:08:dc:
70:55:04:0e:20:27:0c:29:e0:24:22:28:13:b6:2d:6d:9b:e0:
52:43:84:5e:fc:42:b5:ae:88:fa:61:80:0b:38:dc:d6:f1:2d:
a2:ec:95:c6:d6:a9:47:31:97:26:2c:5c:3b:db:98:41:7b:8a:
c0:13:7d:c4:95:f5:f2:fb:21:a0:2a:a4:90:2e:28:9b:15:31:
6d:c4:07:92:dd:50:93:b8:42:1b:34:7c:40:61:67:28:f6:79:
7e:c4:2b:90:d4:5b:ac:4a:d9:e3:4a:99:4f:61:ed:25:0c:90:
17:82:b4:0e:de:9e:af:31:60:b5:c4:30:bf:a4:8b:5d:4a:53:
90:fa:ba:2d:a5:5d:23:a4:8d:7f:55:26:c4:d2:a1:10:d3:4b:
c2:e1:4a:f4:52:51:18:c9:58:f1:89:b6:6b:1a:47:58:6b:68:
93:dc:96:08:b1:30:a0:92:66:c3:1d:b5:a3:d1:f3:c5:e7:da:
bd:77:6b:1c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYYKLbI1Se3M+QRpaNVvs7ZvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxOGNjNmY0NjZhMjQxNjU3YmY1ZWM1MmE2MzBkYWViMDEy
MjJmODUwHhcNMjMwMTMxMjMzMzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDJmMTgxYjIzMzYyZTczOTQ0OGFmOWEzYjk0MWExZDM2MGNmNzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9NUr6k2lrwarBvoe37+m76n7QukJ
VJiT/mUIPUAL0ZMMvNwSBeuFPyTWlM9PRNk+OR0V3HbDuxtLP9M0+24+i8am9rkr
9lL+0ruqn7uY5aRTk40PtmCYuu8/lP7stCVp7mgoHUbFeuKHUbHave1MVWbRyPyG
eFHXeITyh8x+AEWloWD7NQa0iNSwi0HTIZaMOs2kyvs1hVvuq0nVWiddv6nefxc5
MyI+VEfwGaNuptbbl+ThzHNh8pTilSe8YrJ/5Q47Dhebt1x0zPbVt+4KSNLtpzj4
8ssXu8iYMx83F5jxPT8pkW9tBjRKL8Vzc+V+Jx2r4GpobiOEKcjLCI+ayQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMAvGBsjNi5zlEivmjuUGh02DPduMB8GA1UdIwQY
MBaAFAGMxvRmokFle/XsUqYw2usBIi+FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVl6RzlHYWlRV1Y3OWV4U3BqRGE2d0VpTDRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8zY2YyZmItY2Y0My00YzUyLWEyYTEt
YmU4ZDhjNjdkZjk1LzEvd0M4WUd5TTJMbk9VU0stYU81UWFIVFlNOTI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8zY2YyZmItY2Y0My00YzUyLWEyYTEtYmU4ZDhjNjdkZjk1
LzEvQVl6RzlHYWlRV1Y3OWV4U3BqRGE2d0VpTDRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg/YADAN
BgkqhkiG9w0BAQsFAAOCAQEAu380Zxd329+4zX8jDLlodpCDbBvApA/bIxGELHXQ
II/IVla1LwUepn07dUBAvYO7OBnrPRHbJCfEA8y/ykTrTo4P+Qab4AjccFUEDiAn
DCngJCIoE7YtbZvgUkOEXvxCta6I+mGACzjc1vEtouyVxtapRzGXJixcO9uYQXuK
wBN9xJX18vshoCqkkC4omxUxbcQHkt1Qk7hCGzR8QGFnKPZ5fsQrkNRbrErZ40qZ
T2HtJQyQF4K0Dt6erzFgtcQwv6SLXUpTkPq6LaVdI6SNf1UmxNKhENNLwuFK9FJR
GMlY8Ym2axpHWGtok9yWCLEwoJJmwx21o9HzxefavXdrHA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:42 2024 by rpki-client on console-fra.rpki-client.org