Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/G7sdtxWB1xjk0_f2VUjWSl0eB88.roa
File: G7sdtxWB1xjk0_f2VUjWSl0eB88.roa (raw, json)
Hash identifier: AviTzzAsRZ5tfjJcSb0yMlNAk6Jv1k0ysULG6mEvuXw=
Subject key identifier: 1B:BB:1D:B7:15:81:D7:18:E4:D3:F7:F6:55:48:D6:4A:5D:1E:07:CF
Certificate issuer: /CN=dbe6ab8e0c46e841b44d2b9c6b03bb65f5621db1
Certificate serial: 01856C6F2115B59D1E67BEAF665D84D44A5A
Authority key identifier: DB:E6:AB:8E:0C:46:E8:41:B4:4D:2B:9C:6B:03:BB:65:F5:62:1D:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/G7sdtxWB1xjk0_f2VUjWSl0eB88.roa
Signing time: Sun 01 Jan 2023 08:25:00 +0000
ROA not before: Sun 01 Jan 2023 08:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207616
IP address blocks: 2a0f:ca83::/40 maxlen: 48
2a0f:ca85::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6f:21:15:b5:9d:1e:67:be:af:66:5d:84:d4:4a:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe6ab8e0c46e841b44d2b9c6b03bb65f5621db1
Validity
Not Before: Jan 1 08:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1bbb1db71581d718e4d3f7f65548d64a5d1e07cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:c2:25:20:1e:d9:e4:73:d7:70:66:6a:ab:5f:
1e:30:10:a1:80:55:b6:2a:b1:4b:dc:50:b4:13:80:
04:f0:94:a6:c2:66:b0:59:48:c0:93:75:af:8d:25:
31:bf:e8:89:e9:d5:9d:a6:cd:fe:57:fe:ab:4a:24:
b7:ea:c8:c7:13:ce:b0:cb:bf:f4:d9:f7:bf:4c:30:
a6:03:b5:02:a0:58:92:e3:c5:54:52:3d:fd:21:a5:
77:f6:22:2e:cc:d7:db:42:99:68:dd:9c:bc:57:44:
6f:f2:73:c7:ef:bb:fe:5d:5a:27:8d:e9:09:61:5d:
9e:ff:96:23:5c:9f:23:4c:9a:ff:a7:7b:a5:95:01:
dd:85:37:2e:f5:2f:6a:ae:74:23:c7:81:e1:42:10:
7f:59:86:8e:24:1d:08:f0:5b:db:79:39:9d:c4:aa:
2c:a4:a6:4b:29:6e:43:33:65:7a:c9:46:f2:5f:84:
a1:13:af:2c:3d:20:f1:e1:f6:b8:05:8b:31:df:d5:
4f:60:de:d9:f6:7e:1c:cb:85:2b:4a:0a:53:cd:1c:
e6:ef:ae:90:a2:bd:46:d9:bc:79:c7:4d:d7:6e:2d:
ae:87:ab:7d:bd:13:bb:3d:58:97:f5:f6:79:53:01:
42:4a:cc:f4:b0:ee:f3:1d:05:dc:b4:4f:40:99:d4:
cb:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:BB:1D:B7:15:81:D7:18:E4:D3:F7:F6:55:48:D6:4A:5D:1E:07:CF
X509v3 Authority Key Identifier:
keyid:DB:E6:AB:8E:0C:46:E8:41:B4:4D:2B:9C:6B:03:BB:65:F5:62:1D:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/G7sdtxWB1xjk0_f2VUjWSl0eB88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/2-arjgxG6EG0TSucawO7ZfViHbE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:ca83::/40
2a0f:ca85::/48
Signature Algorithm: sha256WithRSAEncryption
88:5f:56:64:ed:81:35:3e:e8:6a:c0:81:f8:92:20:2a:12:33:
c2:20:a9:e4:b0:ee:f2:b6:14:83:aa:65:15:df:87:9f:52:92:
c5:7c:0d:e3:16:8d:73:a1:82:a4:be:b3:05:f8:0a:c6:54:86:
8f:ab:22:7c:be:f2:22:16:8f:ad:18:3b:66:42:88:b7:97:1b:
13:81:38:b2:68:a8:1f:b8:40:14:e1:ef:e9:3e:2a:29:64:b6:
98:b5:3b:bf:05:e6:73:22:d1:62:0f:d8:43:21:b1:07:d9:63:
5a:3c:29:c0:da:db:09:fa:39:c0:ba:42:4a:95:51:db:3b:31:
5b:a5:80:c8:32:89:bd:32:7c:0a:36:2f:79:a2:04:f5:67:39:
75:2e:bf:84:cf:c3:46:95:91:b5:be:b7:36:1d:cf:4e:ff:4f:
6b:ea:b2:59:30:9b:42:74:0c:3d:bc:1b:16:3f:6b:83:38:03:
04:a6:18:a6:83:1a:12:dc:6e:f8:20:21:9e:59:97:64:82:7f:
f3:df:79:d5:be:30:8a:82:27:32:15:8e:d2:4a:a4:02:e4:51:
2c:93:1c:5c:13:dd:67:68:90:80:45:e9:50:6f:c4:58:9f:d9:
9f:33:78:4d:6b:ad:10:34:c0:9b:a8:d6:c5:2b:ea:16:2b:b5:
3e:7f:c0:19
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYVsbyEVtZ0eZ76vZl2E1EpaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZTZhYjhlMGM0NmU4NDFiNDRkMmI5YzZiMDNiYjY1ZjU2
MjFkYjEwHhcNMjMwMTAxMDgyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmJiMWRiNzE1ODFkNzE4ZTRkM2Y3ZjY1NTQ4ZDY0YTVkMWUwN2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsIlIB7Z5HPXcGZqq18eMBChgFW2
KrFL3FC0E4AE8JSmwmawWUjAk3WvjSUxv+iJ6dWdps3+V/6rSiS36sjHE86wy7/0
2fe/TDCmA7UCoFiS48VUUj39IaV39iIuzNfbQplo3Zy8V0Rv8nPH77v+XVonjekJ
YV2e/5YjXJ8jTJr/p3ullQHdhTcu9S9qrnQjx4HhQhB/WYaOJB0I8FvbeTmdxKos
pKZLKW5DM2V6yUbyX4ShE68sPSDx4fa4BYsx39VPYN7Z9n4cy4UrSgpTzRzm766Q
or1G2bx5x03Xbi2uh6t9vRO7PViX9fZ5UwFCSsz0sO7zHQXctE9AmdTLCwIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFBu7HbcVgdcY5NP39lVI1kpdHgfPMB8GA1UdIwQY
MBaAFNvmq44MRuhBtE0rnGsDu2X1Yh2xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1hcmpneEc2RUcwVFN1Y2F3TzdaZlZpSGJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS85NjQzNmMtZjZmYS00MGJhLWEyN2Mt
ZmIxMDMwNjUxMDY3LzEvRzdzZHR4V0IxeGprMF9mMlZValdTbDBlQjg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS85NjQzNmMtZjZmYS00MGJhLWEyN2MtZmIxMDMwNjUxMDY3
LzEvMi1hcmpneEc2RUcwVFN1Y2F3TzdaZlZpSGJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwYAKg/KgwAD
BwAqD8qFAAAwDQYJKoZIhvcNAQELBQADggEBAIhfVmTtgTU+6GrAgfiSICoSM8Ig
qeSw7vK2FIOqZRXfh59SksV8DeMWjXOhgqS+swX4CsZUho+rIny+8iIWj60YO2ZC
iLeXGxOBOLJoqB+4QBTh7+k+Kilktpi1O78F5nMi0WIP2EMhsQfZY1o8KcDa2wn6
OcC6QkqVUds7MVulgMgyib0yfAo2L3miBPVnOXUuv4TPw0aVkbW+tzYdz07/T2vq
slkwm0J0DD28GxY/a4M4AwSmGKaDGhLcbvggIZ5Zl2SCf/PfedW+MIqCJzIVjtJK
pALkUSyTHFwT3WdokIBF6VBvxFif2Z8zeE1rrRA0wJuo1sUr6hYrtT5/wBk=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:52:49 2024 by rpki-client on console-fra.rpki-client.org