Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/lDwakhdTjSpBI5LXrxPc-hVdCm8.roa
File: lDwakhdTjSpBI5LXrxPc-hVdCm8.roa (raw, json)
Hash identifier: D4vIHErrsPvoJw9OHf8KVxMgJt3ZoaajQ/UPM+u7ziI=
Subject key identifier: 94:3C:1A:92:17:53:8D:2A:41:23:92:D7:AF:13:DC:FA:15:5D:0A:6F
Certificate issuer: /CN=dbe6ab8e0c46e841b44d2b9c6b03bb65f5621db1
Certificate serial: 01856C6F22FAD42FB299F642504018F974A6
Authority key identifier: DB:E6:AB:8E:0C:46:E8:41:B4:4D:2B:9C:6B:03:BB:65:F5:62:1D:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/lDwakhdTjSpBI5LXrxPc-hVdCm8.roa
Signing time: Sun 01 Jan 2023 08:25:00 +0000
ROA not before: Sun 01 Jan 2023 08:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211481
IP address blocks: 2a0f:ca81:6960::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6f:22:fa:d4:2f:b2:99:f6:42:50:40:18:f9:74:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe6ab8e0c46e841b44d2b9c6b03bb65f5621db1
Validity
Not Before: Jan 1 08:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=943c1a9217538d2a412392d7af13dcfa155d0a6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:40:12:0a:c9:d7:31:c1:53:cb:d5:d3:d0:5f:
85:55:ed:4e:50:15:b2:f4:43:ea:ff:b8:78:20:a4:
19:16:51:df:63:78:c8:be:22:c1:09:1e:eb:ab:ca:
67:00:b2:c7:5c:83:86:c6:8a:b1:ea:9d:d2:de:05:
61:52:10:d5:fc:7d:ba:ac:67:26:d5:91:65:d4:74:
6d:d7:0f:ce:ea:55:6e:d8:89:61:b3:ce:6e:c8:c3:
4c:2f:49:74:af:44:9d:51:1c:a3:1e:20:95:59:29:
e0:74:88:0f:19:58:bd:00:e8:51:cc:0b:74:b5:4c:
ca:b3:38:1a:1b:d9:42:66:5f:bd:3e:0b:f3:b1:0c:
00:3f:15:b6:ea:76:a4:20:0e:39:c2:58:7c:fc:07:
92:83:61:be:86:ec:94:bf:15:a9:36:95:c7:d9:bb:
f8:85:d0:fe:de:5c:2a:a7:19:88:ca:b8:1d:da:d7:
09:db:1b:5a:af:53:3f:df:20:64:4d:25:79:b9:98:
22:d6:da:26:00:88:2d:f6:2e:5c:e5:89:20:84:9c:
a6:d0:f5:67:b9:6d:fc:5f:c6:5b:f8:05:c6:14:49:
82:9d:e2:5a:d2:19:b4:16:b4:96:85:e0:0d:d8:ba:
29:03:59:5f:92:31:5a:73:02:de:df:ea:1d:0f:1d:
75:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:3C:1A:92:17:53:8D:2A:41:23:92:D7:AF:13:DC:FA:15:5D:0A:6F
X509v3 Authority Key Identifier:
keyid:DB:E6:AB:8E:0C:46:E8:41:B4:4D:2B:9C:6B:03:BB:65:F5:62:1D:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/lDwakhdTjSpBI5LXrxPc-hVdCm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/2-arjgxG6EG0TSucawO7ZfViHbE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:ca81:6960::/44
Signature Algorithm: sha256WithRSAEncryption
be:44:eb:89:de:a8:88:60:ba:ea:c0:c3:b2:58:1e:8a:98:49:
f2:50:b8:b1:7f:9f:38:84:57:d7:5f:94:e9:d8:49:d8:50:a2:
58:57:f4:0e:3a:de:cb:53:71:dc:16:2c:a6:a7:4a:13:24:de:
69:a8:a6:ef:66:26:52:d9:49:66:9c:5c:19:d8:71:4d:ec:33:
0f:ca:d5:07:13:e6:ac:f4:c3:61:aa:74:4c:f4:85:69:54:86:
b1:e2:ee:4c:08:3b:31:3a:fc:5f:28:45:71:a9:27:6e:1f:8c:
48:54:20:38:c0:09:74:cd:f0:79:8f:f0:9d:4d:aa:dc:36:a7:
9a:5d:bc:ae:3c:3e:1f:79:cb:27:a8:d7:70:e8:8a:50:33:e7:
5a:2d:1b:b0:aa:40:ea:70:a0:c6:95:f8:98:89:14:73:c7:da:
f4:eb:d4:af:94:61:be:b8:f9:46:fe:cd:70:96:10:07:04:32:
6d:4f:4e:4d:75:21:c7:d0:53:69:0e:5e:d3:ab:cf:3e:e7:11:
72:81:a8:57:72:35:8d:b0:8a:6a:a2:2d:a8:e6:6f:ee:14:79:
e2:24:78:d8:6e:0f:04:b6:58:72:50:b8:5e:99:cb:18:18:c7:
f6:e7:f7:ba:c3:49:15:44:c0:a2:13:74:dd:6f:44:84:f7:e7:
84:48:c3:35
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVsbyL61C+ymfZCUEAY+XSmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZTZhYjhlMGM0NmU4NDFiNDRkMmI5YzZiMDNiYjY1ZjU2
MjFkYjEwHhcNMjMwMTAxMDgyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDNjMWE5MjE3NTM4ZDJhNDEyMzkyZDdhZjEzZGNmYTE1NWQwYTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkASCsnXMcFTy9XT0F+FVe1OUBWy
9EPq/7h4IKQZFlHfY3jIviLBCR7rq8pnALLHXIOGxoqx6p3S3gVhUhDV/H26rGcm
1ZFl1HRt1w/O6lVu2Ilhs85uyMNML0l0r0SdURyjHiCVWSngdIgPGVi9AOhRzAt0
tUzKszgaG9lCZl+9PgvzsQwAPxW26nakIA45wlh8/AeSg2G+huyUvxWpNpXH2bv4
hdD+3lwqpxmIyrgd2tcJ2xtar1M/3yBkTSV5uZgi1tomAIgt9i5c5YkghJym0PVn
uW38X8Zb+AXGFEmCneJa0hm0FrSWheAN2LopA1lfkjFacwLe3+odDx11bQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJQ8GpIXU40qQSOS168T3PoVXQpvMB8GA1UdIwQY
MBaAFNvmq44MRuhBtE0rnGsDu2X1Yh2xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1hcmpneEc2RUcwVFN1Y2F3TzdaZlZpSGJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS85NjQzNmMtZjZmYS00MGJhLWEyN2Mt
ZmIxMDMwNjUxMDY3LzEvbER3YWtoZFRqU3BCSTVMWHJ4UGMtaFZkQ204LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS85NjQzNmMtZjZmYS00MGJhLWEyN2MtZmIxMDMwNjUxMDY3
LzEvMi1hcmpneEc2RUcwVFN1Y2F3TzdaZlZpSGJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg/KgWlg
MA0GCSqGSIb3DQEBCwUAA4IBAQC+ROuJ3qiIYLrqwMOyWB6KmEnyULixf584hFfX
X5Tp2EnYUKJYV/QOOt7LU3HcFiymp0oTJN5pqKbvZiZS2UlmnFwZ2HFN7DMPytUH
E+as9MNhqnRM9IVpVIax4u5MCDsxOvxfKEVxqSduH4xIVCA4wAl0zfB5j/CdTarc
NqeaXbyuPD4fecsnqNdw6IpQM+daLRuwqkDqcKDGlfiYiRRzx9r069SvlGG+uPlG
/s1wlhAHBDJtT05NdSHH0FNpDl7Tq88+5xFygahXcjWNsIpqoi2o5m/uFHniJHjY
bg8EtlhyULhemcsYGMf25/e6w0kVRMCiE3Tdb0SE9+eESMM1
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:35:55 2024 by rpki-client on console-ams.rpki-client.org