Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/945305-0a63-4c2f-aaff-cb220b719e78/1/1-a-1Sh01ivaX6Stbc7izWXj9img.roa
File: 1-a-1Sh01ivaX6Stbc7izWXj9img.roa (raw, json)
Hash identifier: qEjpUFVGGjHwnJ9sM0UaGuEe8+vpiBM6iU8umyFj2r8=
Subject key identifier: F9:AF:B5:4A:1D:35:8A:F6:97:E9:2B:5B:73:B8:B3:59:78:FD:8A:68
Certificate issuer: /CN=205945443c5b25e4dcf6203f061ac04d36871554
Certificate serial: 018573B178E0E01442AA91A1234B0452E6C0
Authority key identifier: 20:59:45:44:3C:5B:25:E4:DC:F6:20:3F:06:1A:C0:4D:36:87:15:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IFlFRDxbJeTc9iA_BhrATTaHFVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/945305-0a63-4c2f-aaff-cb220b719e78/1/1-a-1Sh01ivaX6Stbc7izWXj9img.roa
Signing time: Mon 02 Jan 2023 18:14:48 +0000
ROA not before: Mon 02 Jan 2023 18:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204082
IP address blocks: 2001:67c:2f88::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:b1:78:e0:e0:14:42:aa:91:a1:23:4b:04:52:e6:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=205945443c5b25e4dcf6203f061ac04d36871554
Validity
Not Before: Jan 2 18:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9afb54a1d358af697e92b5b73b8b35978fd8a68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:64:6c:1c:36:a1:3c:3b:fb:ae:f9:5b:e3:da:
03:d6:f8:28:6f:b8:6d:71:46:86:88:fa:1c:74:44:
27:f9:6c:e8:61:35:e6:d8:d9:9f:fb:80:05:e3:b0:
ce:32:0b:b4:c1:cb:20:d4:fb:60:20:c3:f9:78:b1:
7d:94:ef:88:7c:5f:e6:f1:dd:de:54:45:52:91:7d:
e8:0c:8e:83:9e:00:b8:4b:8a:05:a7:94:39:a0:02:
3d:2a:c3:fb:22:68:7a:a7:9f:47:c9:91:e0:87:42:
5f:dc:93:5f:0a:ad:91:81:8f:a5:a2:00:5c:91:12:
0d:07:b7:14:a4:6b:63:95:76:e3:4a:ac:d6:e7:1d:
f9:57:46:a1:3b:dc:4b:72:03:c7:34:a5:bd:50:a0:
92:c4:3e:7f:95:c0:87:1f:b8:ec:b6:50:6a:8a:ae:
30:c4:30:4d:f1:4f:da:ee:c7:0b:40:75:92:ad:d9:
4d:53:f0:b5:da:fd:38:22:0e:36:61:1f:3d:9e:cd:
2f:62:2f:d4:55:bf:f8:cd:a4:97:a6:d3:9a:73:7b:
e7:c4:d6:96:f9:2f:70:e6:5e:ff:2f:10:a7:49:46:
d5:68:f0:03:87:e0:cb:c4:d9:4d:0f:4e:9f:3e:b0:
dd:b9:3a:f0:24:50:ec:c2:75:d1:17:e6:b7:93:6d:
5e:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:AF:B5:4A:1D:35:8A:F6:97:E9:2B:5B:73:B8:B3:59:78:FD:8A:68
X509v3 Authority Key Identifier:
keyid:20:59:45:44:3C:5B:25:E4:DC:F6:20:3F:06:1A:C0:4D:36:87:15:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IFlFRDxbJeTc9iA_BhrATTaHFVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/945305-0a63-4c2f-aaff-cb220b719e78/1/1-a-1Sh01ivaX6Stbc7izWXj9img.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/945305-0a63-4c2f-aaff-cb220b719e78/1/IFlFRDxbJeTc9iA_BhrATTaHFVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2f88::/48
Signature Algorithm: sha256WithRSAEncryption
2b:31:4a:5a:16:a5:b9:52:e2:68:e7:be:39:02:85:ef:fe:e6:
3d:ae:e8:4a:47:0b:6d:71:5d:c4:90:da:62:9a:89:01:91:80:
3a:fb:69:cd:c4:f3:51:57:0a:70:f1:6d:55:c6:79:24:f9:fa:
19:17:44:5c:c7:12:bb:98:96:2d:40:b6:ac:6c:0c:7e:02:9d:
62:a3:c7:d2:aa:92:b5:27:67:48:9e:ad:5b:1d:3d:23:2b:89:
16:03:6d:fb:b5:49:9c:60:e5:c2:2a:af:24:de:17:59:b2:0f:
a7:7b:3f:f7:8f:29:e1:ad:ee:c5:dd:50:a8:fa:eb:18:da:44:
a5:d2:35:1e:0f:b0:96:08:2e:a1:97:02:51:ca:56:3f:80:14:
21:44:58:b9:9b:97:9e:0a:19:6b:f3:bd:4f:6b:f7:50:fc:7e:
72:42:23:af:d0:40:bf:9c:5c:66:49:7a:b5:af:2d:9f:04:fa:
2c:e0:7e:97:0e:d4:73:49:ec:71:b4:6a:30:a7:66:85:9d:fb:
ec:d5:f9:08:dd:7b:85:13:66:b5:60:06:3f:76:aa:ed:2a:24:
9f:df:40:58:a1:23:5e:d5:07:d6:07:97:5a:1f:93:cb:0e:19:
19:3e:ae:3a:97:71:80:4c:01:e2:d2:ce:c0:06:89:1c:74:98:
69:72:e8:3f
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAYVzsXjg4BRCqpGhI0sEUubAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNTk0NTQ0M2M1YjI1ZTRkY2Y2MjAzZjA2MWFjMDRkMzY4
NzE1NTQwHhcNMjMwMTAyMTgxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWFmYjU0YTFkMzU4YWY2OTdlOTJiNWI3M2I4YjM1OTc4ZmQ4YTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmRsHDahPDv7rvlb49oD1vgob7ht
cUaGiPocdEQn+WzoYTXm2Nmf+4AF47DOMgu0wcsg1PtgIMP5eLF9lO+IfF/m8d3e
VEVSkX3oDI6DngC4S4oFp5Q5oAI9KsP7Imh6p59HyZHgh0Jf3JNfCq2RgY+logBc
kRINB7cUpGtjlXbjSqzW5x35V0ahO9xLcgPHNKW9UKCSxD5/lcCHH7jstlBqiq4w
xDBN8U/a7scLQHWSrdlNU/C12v04Ig42YR89ns0vYi/UVb/4zaSXptOac3vnxNaW
+S9w5l7/LxCnSUbVaPADh+DLxNlND06fPrDduTrwJFDswnXRF+a3k21eowIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFPmvtUodNYr2l+krW3O4s1l4/YpoMB8GA1UdIwQY
MBaAFCBZRUQ8WyXk3PYgPwYawE02hxVUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUZsRlJEeGJKZVRjOWlBX0JockFUVGFIRlZRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85NDUzMDUtMGE2My00YzJmLWFhZmYt
Y2IyMjBiNzE5ZTc4LzEvMS1hLTFTaDAxaXZhWDZTdGJjN2l6V1hqOWltZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDAvOTQ1MzA1LTBhNjMtNGMyZi1hYWZmLWNiMjIwYjcxOWU3
OC8xL0lGbEZSRHhiSmVUYzlpQV9CaHJBVFRhSEZWUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwv
iDANBgkqhkiG9w0BAQsFAAOCAQEAKzFKWhaluVLiaOe+OQKF7/7mPa7oSkcLbXFd
xJDaYpqJAZGAOvtpzcTzUVcKcPFtVcZ5JPn6GRdEXMcSu5iWLUC2rGwMfgKdYqPH
0qqStSdnSJ6tWx09IyuJFgNt+7VJnGDlwiqvJN4XWbIPp3s/948p4a3uxd1QqPrr
GNpEpdI1Hg+wlgguoZcCUcpWP4AUIURYuZuXngoZa/O9T2v3UPx+ckIjr9BAv5xc
Zkl6ta8tnwT6LOB+lw7Uc0nscbRqMKdmhZ377NX5CN17hRNmtWAGP3aq7Sokn99A
WKEjXtUH1geXWh+Tyw4ZGT6uOpdxgEwB4tLOwAaJHHSYaXLoPw==
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:37:39 2024 by rpki-client on console-fra.rpki-client.org