Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/j8c3z0ABwQLhdz-yUp1d_AGCwW0.roa
File: j8c3z0ABwQLhdz-yUp1d_AGCwW0.roa (raw, json)
Hash identifier: fQ+fnVnB+XD5eNscmsa2pNRI4h13+VdSdwJt2LNee8w=
Subject key identifier: 8F:C7:37:CF:40:01:C1:02:E1:77:3F:B2:52:9D:5D:FC:01:82:C1:6D
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018570FBC8078E3128C9DAE3C3A4E5D92805
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/j8c3z0ABwQLhdz-yUp1d_AGCwW0.roa
Signing time: Mon 02 Jan 2023 05:37:06 +0000
ROA not before: Mon 02 Jan 2023 05:37:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204254
IP address blocks: 2a07:6fc6:2::/48 maxlen: 48
2a00:f826:a::/48 maxlen: 48
2a07:6fc6::/40 maxlen: 40
2a07:6fc6:200::/40 maxlen: 40
2a07:6fc6:100::/40 maxlen: 40
2a07:6fc6::/32 maxlen: 32
2a07:6fc6:1::/48 maxlen: 48
2a07:6fc6::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:c8:07:8e:31:28:c9:da:e3:c3:a4:e5:d9:28:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 2 05:37:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8fc737cf4001c102e1773fb2529d5dfc0182c16d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b7:3a:67:05:60:63:1d:a8:45:38:89:42:cf:
69:12:67:1f:a8:0d:a4:a8:f1:37:63:be:b8:3d:f5:
56:ee:58:88:ff:e4:b6:83:65:a1:07:cb:83:92:f4:
5b:7c:da:51:52:f9:e3:52:c3:af:ae:ec:39:36:ea:
47:82:4f:fa:ca:d5:bf:ee:33:18:3f:54:94:2a:4b:
c2:54:d5:d6:43:f8:72:7d:8b:3f:3f:3d:96:e9:98:
e6:ab:5b:2f:5c:24:22:fa:2f:07:ff:d0:79:a3:1e:
58:14:19:d8:cf:42:25:f2:95:0a:b5:61:41:24:68:
bd:ca:6b:7b:bd:71:9d:7f:c6:69:5a:44:f8:da:5c:
40:3c:16:33:51:83:03:9b:32:e3:8a:27:56:b4:94:
6d:a8:60:8b:77:d6:3f:e7:86:45:77:c0:93:d8:98:
b8:e3:2e:d7:1c:5f:9f:78:cc:ca:8a:81:4e:5b:b2:
36:a2:56:35:f8:35:8b:40:a3:f3:97:2d:af:9d:ab:
68:14:64:66:bf:a5:75:ad:d4:80:a6:a7:a9:b8:06:
a6:74:d5:9f:6a:c3:a9:74:03:b0:fd:c6:c5:e2:90:
72:c7:52:1f:57:24:a9:66:46:65:9e:1b:16:80:17:
5f:3d:f2:b8:b8:33:de:dd:68:4d:86:ff:74:ac:5d:
bf:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:C7:37:CF:40:01:C1:02:E1:77:3F:B2:52:9D:5D:FC:01:82:C1:6D
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/j8c3z0ABwQLhdz-yUp1d_AGCwW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:f826:a::/48
2a07:6fc6::/32
Signature Algorithm: sha256WithRSAEncryption
65:af:14:6d:e0:ad:9a:8d:2b:73:81:0e:6f:35:20:8d:f4:16:
a1:1a:6f:bf:b6:15:12:68:57:3f:9b:2e:a7:e6:a7:c6:57:7f:
e2:7d:02:16:3c:6e:bf:71:ab:48:7d:c8:82:cd:a6:b7:ab:a7:
98:c1:3f:e1:c7:9f:99:e1:94:e3:07:9c:d9:28:44:d0:00:6b:
36:7b:88:a9:d6:1e:35:e7:92:24:3e:60:0a:03:1b:1a:8e:55:
8f:9b:63:c6:17:64:54:a1:84:69:fe:b1:54:b8:43:69:c2:db:
e5:b4:d6:32:1c:a4:ce:d3:14:2d:2a:19:cf:d5:95:c4:43:3c:
49:45:6d:6b:0c:43:32:2f:b1:64:d0:cd:97:75:a3:fc:05:49:
57:fd:ea:55:54:d9:ef:9a:41:10:32:f2:86:89:00:91:71:75:
f5:2c:07:d6:fc:8c:b2:0b:e0:37:d1:ca:90:a1:3f:e8:57:0f:
ee:6f:98:ca:cc:e6:86:5b:b9:0c:89:65:bd:8e:c8:38:34:fb:
9c:9a:7b:e1:0e:18:68:65:fd:2d:e1:78:5e:25:be:bf:2d:55:
7e:e7:d1:a5:b7:de:e3:ce:13:c2:94:90:0d:3f:69:ff:49:ed:
ba:82:0d:99:92:8e:33:6a:e3:27:48:b5:47:41:2f:b7:dd:d7:
8e:13:f6:a6
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYVw+8gHjjEoydrjw6Tl2SgFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjMwMTAyMDUzNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmM3MzdjZjQwMDFjMTAyZTE3NzNmYjI1MjlkNWRmYzAxODJjMTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbc6ZwVgYx2oRTiJQs9pEmcfqA2k
qPE3Y764PfVW7liI/+S2g2WhB8uDkvRbfNpRUvnjUsOvruw5NupHgk/6ytW/7jMY
P1SUKkvCVNXWQ/hyfYs/Pz2W6Zjmq1svXCQi+i8H/9B5ox5YFBnYz0Il8pUKtWFB
JGi9ymt7vXGdf8ZpWkT42lxAPBYzUYMDmzLjiidWtJRtqGCLd9Y/54ZFd8CT2Ji4
4y7XHF+feMzKioFOW7I2olY1+DWLQKPzly2vnatoFGRmv6V1rdSApqepuAamdNWf
asOpdAOw/cbF4pByx1IfVySpZkZlnhsWgBdfPfK4uDPe3WhNhv90rF2/mwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFI/HN89AAcEC4Xc/slKdXfwBgsFtMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvajhjM3owQUJ3UUxoZHoteVVwMWRfQUdDd1cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwcAKgD4JgAK
AwUAKgdvxjANBgkqhkiG9w0BAQsFAAOCAQEAZa8UbeCtmo0rc4EObzUgjfQWoRpv
v7YVEmhXP5sup+anxld/4n0CFjxuv3GrSH3Igs2mt6unmME/4cefmeGU4wec2ShE
0ABrNnuIqdYeNeeSJD5gCgMbGo5Vj5tjxhdkVKGEaf6xVLhDacLb5bTWMhykztMU
LSoZz9WVxEM8SUVtawxDMi+xZNDNl3Wj/AVJV/3qVVTZ75pBEDLyhokAkXF19SwH
1vyMsgvgN9HKkKE/6FcP7m+Yyszmhlu5DIllvY7IODT7nJp74Q4YaGX9LeF4XiW+
vy1VfufRpbfe484TwpSQDT9p/0ntuoINmZKOM2rjJ0i1R0Evt93XjhP2pg==
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:28:19 2024 by rpki-client on console-fra.rpki-client.org