Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/oFXhyvf_YjaUMKNaT2DOsZxghOY.roa
File: oFXhyvf_YjaUMKNaT2DOsZxghOY.roa (raw, json)
Hash identifier: b63NPmje9W1L1rgvbyeMlVzgXrH72EcrqppcvckmzTM=
Subject key identifier: A0:55:E1:CA:F7:FF:62:36:94:30:A3:5A:4F:60:CE:B1:9C:60:84:E6
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018570FBCAF8F9A52856D39EC371598A58A6
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/oFXhyvf_YjaUMKNaT2DOsZxghOY.roa
Signing time: Mon 02 Jan 2023 05:37:07 +0000
ROA not before: Mon 02 Jan 2023 05:37:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207713
IP address blocks: 2a09:e1c1:efd0::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:ca:f8:f9:a5:28:56:d3:9e:c3:71:59:8a:58:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 2 05:37:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a055e1caf7ff62369430a35a4f60ceb19c6084e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:0f:fa:07:7b:70:79:a0:c0:47:34:09:3c:81:
d0:9d:2c:46:f4:2b:68:2c:9f:aa:4e:60:fc:27:8e:
ca:91:fb:38:18:fc:bc:d6:0f:5a:33:a1:7d:6c:e4:
7d:26:9a:9c:e7:97:4e:ce:c9:7b:a2:05:b7:16:4a:
3b:82:66:8d:61:f8:cb:dd:a3:59:3f:e1:11:69:8a:
59:79:ca:51:ce:43:a7:af:75:17:a4:54:07:60:29:
79:b5:d7:87:24:f6:27:fb:f4:e4:cd:19:08:1f:8f:
1b:30:24:16:e1:fd:51:ef:29:b1:22:3d:e3:97:02:
b7:a1:61:34:6e:78:88:85:d3:5d:0d:8b:c3:50:62:
02:1f:04:98:ef:79:d8:18:8c:ba:5d:ce:78:66:41:
cf:c7:4c:37:61:a1:4a:0e:dd:c2:e9:c5:e6:a9:ba:
36:f1:19:85:82:fe:77:c9:ba:6c:e7:3d:d6:1a:23:
cd:1e:20:85:ed:14:92:39:11:c2:c0:db:e4:48:3e:
77:a5:c2:84:b3:47:98:1f:c3:ca:3b:f9:b1:0a:71:
2b:e6:80:9d:bc:14:fc:77:1f:d8:c4:b2:f6:64:bd:
8b:cb:4f:36:d6:71:7d:f4:65:91:08:67:5d:70:7c:
c3:99:e1:e6:78:48:72:de:c2:62:48:ea:c0:2e:cc:
a0:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:55:E1:CA:F7:FF:62:36:94:30:A3:5A:4F:60:CE:B1:9C:60:84:E6
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/oFXhyvf_YjaUMKNaT2DOsZxghOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:e1c1:efd0::/44
Signature Algorithm: sha256WithRSAEncryption
b6:e4:9c:df:1d:ee:61:15:c2:1a:d2:81:8e:89:9b:5f:32:23:
93:0d:e9:66:25:d0:bc:fe:d7:f6:e6:aa:a5:8a:12:ce:5b:e5:
43:ad:e1:16:46:c7:2b:47:a5:20:56:41:c1:a0:0d:c4:d1:4c:
4a:31:8a:6a:11:89:b4:06:00:bd:4a:8d:d6:ec:40:26:91:80:
1f:a0:70:8d:12:5c:66:2c:45:4b:67:58:13:12:17:11:61:c0:
9d:b0:d9:42:c9:df:f1:01:2f:62:7c:18:09:31:24:af:ad:9f:
98:9c:92:5b:de:3d:2c:11:c5:df:b5:ad:9b:6b:41:7b:76:3b:
a6:6c:d8:0b:79:cd:66:e2:b9:a4:28:12:73:f6:72:b4:91:60:
1b:4b:4e:eb:4e:97:09:b2:18:9a:6c:75:63:c7:ae:bd:27:7e:
80:5b:00:84:aa:8d:97:7d:eb:e8:bc:9b:bc:01:02:87:2e:23:
3a:15:f1:88:7f:75:e9:07:21:b0:2e:6f:53:ac:b8:8a:1a:a7:
53:0b:e1:f8:c4:0c:f2:1c:38:d0:bb:75:fb:8a:f9:8f:37:33:
a9:41:d4:af:88:d2:90:81:88:b6:2b:ee:ef:90:b8:d0:63:e4:
ca:d9:f8:77:e3:07:8e:1b:17:6d:41:93:95:e7:34:7a:b4:93:
0d:dc:a0:04
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw+8r4+aUoVtOew3FZilimMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjMwMTAyMDUzNzA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDU1ZTFjYWY3ZmY2MjM2OTQzMGEzNWE0ZjYwY2ViMTljNjA4NGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQ/6B3tweaDARzQJPIHQnSxG9Cto
LJ+qTmD8J47Kkfs4GPy81g9aM6F9bOR9Jpqc55dOzsl7ogW3Fko7gmaNYfjL3aNZ
P+ERaYpZecpRzkOnr3UXpFQHYCl5tdeHJPYn+/TkzRkIH48bMCQW4f1R7ymxIj3j
lwK3oWE0bniIhdNdDYvDUGICHwSY73nYGIy6Xc54ZkHPx0w3YaFKDt3C6cXmqbo2
8RmFgv53ybps5z3WGiPNHiCF7RSSORHCwNvkSD53pcKEs0eYH8PKO/mxCnEr5oCd
vBT8dx/YxLL2ZL2Ly0821nF99GWRCGddcHzDmeHmeEhy3sJiSOrALsygOwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKBV4cr3/2I2lDCjWk9gzrGcYITmMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvb0ZYaHl2Zl9ZamFVTUtOYVQyRE9zWnhnaE9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgnhwe/Q
MA0GCSqGSIb3DQEBCwUAA4IBAQC25JzfHe5hFcIa0oGOiZtfMiOTDelmJdC8/tf2
5qqlihLOW+VDreEWRscrR6UgVkHBoA3E0UxKMYpqEYm0BgC9So3W7EAmkYAfoHCN
ElxmLEVLZ1gTEhcRYcCdsNlCyd/xAS9ifBgJMSSvrZ+YnJJb3j0sEcXfta2ba0F7
djumbNgLec1m4rmkKBJz9nK0kWAbS07rTpcJshiabHVjx669J36AWwCEqo2Xfevo
vJu8AQKHLiM6FfGIf3XpByGwLm9TrLiKGqdTC+H4xAzyHDjQu3X7ivmPNzOpQdSv
iNKQgYi2K+7vkLjQY+TK2fh34weOGxdtQZOV5zR6tJMN3KAE
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:28:19 2024 by rpki-client on console-fra.rpki-client.org