Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/2NqGvhoSEcqCtAbKlBwm462qgXI.roa
File: 2NqGvhoSEcqCtAbKlBwm462qgXI.roa (raw, json)
Hash identifier: L89bCLEg++yToiVvlMFHcL0e4FAFfmT3yJWqn7RYMR8=
Subject key identifier: D8:DA:86:BE:1A:12:11:CA:82:B4:06:CA:94:1C:26:E3:AD:AA:81:72
Certificate issuer: /CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Certificate serial: 01856BDC680D2F7EE016CB12FEDDB5E78416
Authority key identifier: 0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/2NqGvhoSEcqCtAbKlBwm462qgXI.roa
Signing time: Sun 01 Jan 2023 05:44:44 +0000
ROA not before: Sun 01 Jan 2023 05:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8095
IP address blocks: 2a0f:607:105a::/47 maxlen: 47
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:68:0d:2f:7e:e0:16:cb:12:fe:dd:b5:e7:84:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Validity
Not Before: Jan 1 05:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8da86be1a1211ca82b406ca941c26e3adaa8172
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:aa:54:60:90:b6:1d:fd:39:f1:0a:ab:6b:70:
8b:1a:14:f4:b0:55:3e:4e:e7:4d:4e:6b:43:76:2e:
05:60:d0:6e:3f:39:cf:bd:bf:58:e3:be:aa:3e:87:
fe:a2:07:90:25:00:29:52:08:5a:63:9f:05:2b:6b:
0f:1e:45:8b:ab:c8:b1:6a:fa:27:4c:22:ef:71:45:
ea:7a:40:ac:a2:b8:c8:ef:51:68:bd:6d:f3:8b:12:
8a:41:e0:eb:5c:3b:ac:5d:ad:fc:e5:43:86:24:20:
70:39:0d:91:0e:e3:c9:a7:31:39:88:86:77:d3:57:
1b:bd:b6:1a:d2:91:3a:9b:35:38:a9:04:86:5b:46:
30:b8:4e:00:92:66:6c:f7:21:2a:3b:8c:99:0e:90:
1c:cc:fc:45:ed:c1:c8:36:8b:cd:be:62:75:86:bd:
2a:41:57:50:2a:d4:57:b1:61:65:71:36:5e:1f:44:
40:25:7f:72:01:9d:46:31:e0:33:4d:a4:7d:54:22:
81:d5:e8:8e:dc:80:e6:b7:b5:e9:f1:42:c2:25:0d:
39:e9:10:35:d0:e2:b4:e5:ad:ff:a5:52:3b:c1:38:
5e:84:7e:85:d4:64:40:68:e6:35:31:17:3b:eb:60:
ea:03:c6:b0:f0:d7:14:a1:26:f9:18:24:fd:07:0d:
fb:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:DA:86:BE:1A:12:11:CA:82:B4:06:CA:94:1C:26:E3:AD:AA:81:72
X509v3 Authority Key Identifier:
keyid:0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/2NqGvhoSEcqCtAbKlBwm462qgXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/DCG5JbTEvMMPd8nEG6jQQKyV38Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:607:105a::/47
Signature Algorithm: sha256WithRSAEncryption
3f:2d:e1:10:38:d3:3a:c5:6d:e9:45:b1:a0:9c:6f:2c:2d:ad:
b6:58:97:dc:80:7f:f8:34:83:ec:ad:d6:dc:76:6e:c4:90:7c:
15:05:ef:92:ef:09:e9:18:45:2f:57:33:73:28:f4:83:9c:9b:
f3:e0:f0:d9:ec:23:24:3c:eb:8b:4b:6d:51:76:b8:d9:80:56:
87:f0:1c:90:6b:7b:4b:4c:80:f5:3b:ea:b2:4c:f5:ba:da:0a:
cf:c6:e5:c0:42:cd:89:76:f5:f1:0f:b6:0e:23:35:89:49:b6:
4c:1c:da:76:22:20:3e:9b:fa:73:0e:ad:c0:1a:80:e2:4f:2c:
25:6d:b4:7f:24:ed:a3:6d:96:2a:e9:2a:b9:8e:b6:0d:93:a9:
81:f6:a2:3e:b5:54:72:17:00:07:9e:5f:48:ef:4a:1a:53:aa:
9c:a5:fb:62:68:e1:41:90:75:0b:f6:b9:70:e3:87:a2:fc:98:
d3:a9:9c:74:17:88:be:bf:a2:8a:23:0f:5f:93:51:e7:76:c8:
20:70:0f:2d:1f:5c:b6:f8:b8:f1:75:35:34:0f:5d:3c:72:82:
d3:cd:42:83:d6:c8:a7:58:0f:14:2b:f6:b3:ac:f8:53:74:ca:
f5:5b:ac:fd:cf:27:1a:39:98:b1:c6:96:94:e6:64:1b:ab:db:
44:5c:b8:c3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVr3GgNL37gFssS/t2154QWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMjFiOTI1YjRjNGJjYzMwZjc3YzljNDFiYThkMDQwYWM5
NWRmYzYwHhcNMjMwMTAxMDU0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGRhODZiZTFhMTIxMWNhODJiNDA2Y2E5NDFjMjZlM2FkYWE4MTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqapUYJC2Hf058Qqra3CLGhT0sFU+
TudNTmtDdi4FYNBuPznPvb9Y476qPof+ogeQJQApUghaY58FK2sPHkWLq8ixavon
TCLvcUXqekCsorjI71FovW3zixKKQeDrXDusXa385UOGJCBwOQ2RDuPJpzE5iIZ3
01cbvbYa0pE6mzU4qQSGW0YwuE4AkmZs9yEqO4yZDpAczPxF7cHINovNvmJ1hr0q
QVdQKtRXsWFlcTZeH0RAJX9yAZ1GMeAzTaR9VCKB1eiO3IDmt7Xp8ULCJQ056RA1
0OK05a3/pVI7wThehH6F1GRAaOY1MRc762DqA8aw8NcUoSb5GCT9Bw374wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNjahr4aEhHKgrQGypQcJuOtqoFyMB8GA1UdIwQY
MBaAFAwhuSW0xLzDD3fJxBuo0ECsld/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2Ut
YTM0NzU2NDE1OGY4LzEvMk5xR3Zob1NFY3FDdEFiS2xCd200NjJxZ1hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2UtYTM0NzU2NDE1OGY4
LzEvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKg8GBxBa
MA0GCSqGSIb3DQEBCwUAA4IBAQA/LeEQONM6xW3pRbGgnG8sLa22WJfcgH/4NIPs
rdbcdm7EkHwVBe+S7wnpGEUvVzNzKPSDnJvz4PDZ7CMkPOuLS21RdrjZgFaH8ByQ
a3tLTID1O+qyTPW62grPxuXAQs2JdvXxD7YOIzWJSbZMHNp2IiA+m/pzDq3AGoDi
TywlbbR/JO2jbZYq6Sq5jrYNk6mB9qI+tVRyFwAHnl9I70oaU6qcpftiaOFBkHUL
9rlw44ei/JjTqZx0F4i+v6KKIw9fk1HndsggcA8tH1y2+LjxdTU0D108coLTzUKD
1sinWA8UK/azrPhTdMr1W6z9zycaOZixxpaU5mQbq9tEXLjD
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:17:00 2024 by rpki-client on console-ams.rpki-client.org