Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/8cICeHBIadOugv9sEx8mLgsBttA.roa
File: 8cICeHBIadOugv9sEx8mLgsBttA.roa (raw, json)
Hash identifier: Dqu+wBgQlXpwabCKkJIOvYDrFqaUz+pn7VQxW0O4dFA=
Subject key identifier: F1:C2:02:78:70:48:69:D3:AE:82:FF:6C:13:1F:26:2E:0B:01:B6:D0
Certificate issuer: /CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Certificate serial: 01856BDC672A24CF2B449A89C0A04184F72B
Authority key identifier: 0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/8cICeHBIadOugv9sEx8mLgsBttA.roa
Signing time: Sun 01 Jan 2023 05:44:44 +0000
ROA not before: Sun 01 Jan 2023 05:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7603
IP address blocks: 2a0f:607:1300::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:67:2a:24:cf:2b:44:9a:89:c0:a0:41:84:f7:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Validity
Not Before: Jan 1 05:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1c20278704869d3ae82ff6c131f262e0b01b6d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:0f:95:87:28:9d:3e:0c:69:f1:5c:30:d2:a2:
04:d7:5e:bc:f6:98:7b:c8:2a:5f:1d:22:b8:95:4e:
42:fa:e8:e8:39:9e:8d:29:ed:99:07:28:c6:a2:b2:
fe:00:0b:37:dd:fe:3c:2f:ba:74:73:6c:08:79:ae:
0c:ac:b4:d4:6d:bf:2d:79:c2:6d:9d:a6:08:ee:b2:
fa:c1:35:6f:f1:dd:de:9f:82:2d:46:75:50:82:9a:
16:ef:d8:63:90:13:3c:b0:bb:c6:ff:7e:24:30:e7:
2e:cf:3c:41:93:d8:4a:a7:6b:56:b4:c3:0a:76:3b:
04:c9:7e:1f:60:d8:6f:10:d3:ad:c5:18:6a:bc:8e:
a0:d4:f8:d3:26:a2:c4:09:0e:2a:84:d6:94:73:78:
00:7d:57:d7:da:20:4e:5d:c9:4f:11:0e:cb:ba:93:
8e:34:57:8b:af:de:a3:14:70:9a:4d:c3:b6:90:0a:
0c:f6:37:ad:e3:af:d7:fc:68:dd:b6:53:50:31:36:
35:90:46:b6:6a:ff:76:cd:8d:13:66:55:d2:da:45:
ff:84:f2:dc:0b:44:f9:2b:d6:2f:56:7c:47:17:c0:
b5:28:a2:c4:56:23:36:52:a4:44:85:74:6e:17:d7:
72:e0:3d:11:4f:6b:1e:4a:ef:a6:fb:c0:0c:f4:88:
e4:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:C2:02:78:70:48:69:D3:AE:82:FF:6C:13:1F:26:2E:0B:01:B6:D0
X509v3 Authority Key Identifier:
keyid:0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/8cICeHBIadOugv9sEx8mLgsBttA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/DCG5JbTEvMMPd8nEG6jQQKyV38Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:607:1300::/44
Signature Algorithm: sha256WithRSAEncryption
26:2b:96:cc:70:7e:64:b6:4a:0c:58:3f:42:25:a3:a1:bc:17:
eb:b4:43:e3:e7:4b:fb:33:5a:3b:86:62:a2:3b:a5:de:74:23:
d1:78:8f:79:e8:ea:e5:ef:4e:6f:fb:e4:67:1e:22:95:ff:1b:
5f:b0:ee:bd:db:d4:0d:39:a4:ea:ca:3b:02:dc:a6:bc:0a:4b:
0c:35:ea:d3:98:cd:01:b7:e4:91:25:e5:ac:d6:17:e9:82:38:
80:35:21:e7:cd:ae:ed:10:20:87:5a:23:ff:88:76:ae:35:2b:
36:2c:d1:ac:15:9d:9b:d3:20:66:ed:d2:f4:88:a6:ac:83:21:
32:0d:a6:91:ed:f0:f6:e8:ee:94:d5:1e:10:ab:b8:c2:21:f5:
47:98:10:fa:5f:8a:0c:c3:57:d8:e3:24:f8:de:e5:bf:f3:04:
09:28:cc:4c:ca:51:77:0e:d8:ea:5d:23:34:49:d4:94:52:d1:
67:7b:46:5e:f0:69:ea:dd:1f:8b:06:05:ab:4c:69:1e:ad:af:
e2:6c:a9:cc:5e:bb:88:6a:cf:d7:3b:fc:9c:29:5c:4a:d0:2f:
5c:dc:78:2e:dc:59:cb:48:4c:91:b1:db:86:77:53:13:e8:72:
47:8c:92:60:b9:e5:ff:33:51:de:07:53:3d:3d:13:07:9b:47:
22:92:2a:ca
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVr3GcqJM8rRJqJwKBBhPcrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMjFiOTI1YjRjNGJjYzMwZjc3YzljNDFiYThkMDQwYWM5
NWRmYzYwHhcNMjMwMTAxMDU0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWMyMDI3ODcwNDg2OWQzYWU4MmZmNmMxMzFmMjYyZTBiMDFiNmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQ+VhyidPgxp8Vww0qIE11689ph7
yCpfHSK4lU5C+ujoOZ6NKe2ZByjGorL+AAs33f48L7p0c2wIea4MrLTUbb8tecJt
naYI7rL6wTVv8d3en4ItRnVQgpoW79hjkBM8sLvG/34kMOcuzzxBk9hKp2tWtMMK
djsEyX4fYNhvENOtxRhqvI6g1PjTJqLECQ4qhNaUc3gAfVfX2iBOXclPEQ7LupOO
NFeLr96jFHCaTcO2kAoM9jet46/X/GjdtlNQMTY1kEa2av92zY0TZlXS2kX/hPLc
C0T5K9YvVnxHF8C1KKLEViM2UqREhXRuF9dy4D0RT2seSu+m+8AM9IjkywIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPHCAnhwSGnTroL/bBMfJi4LAbbQMB8GA1UdIwQY
MBaAFAwhuSW0xLzDD3fJxBuo0ECsld/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2Ut
YTM0NzU2NDE1OGY4LzEvOGNJQ2VIQklhZE91Z3Y5c0V4OG1MZ3NCdHRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2UtYTM0NzU2NDE1OGY4
LzEvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg8GBxMA
MA0GCSqGSIb3DQEBCwUAA4IBAQAmK5bMcH5ktkoMWD9CJaOhvBfrtEPj50v7M1o7
hmKiO6XedCPReI956Orl705v++RnHiKV/xtfsO6929QNOaTqyjsC3Ka8CksMNerT
mM0Bt+SRJeWs1hfpgjiANSHnza7tECCHWiP/iHauNSs2LNGsFZ2b0yBm7dL0iKas
gyEyDaaR7fD26O6U1R4Qq7jCIfVHmBD6X4oMw1fY4yT43uW/8wQJKMxMylF3Dtjq
XSM0SdSUUtFne0Ze8Gnq3R+LBgWrTGkera/ibKnMXruIas/XO/ycKVxK0C9c3Hgu
3FnLSEyRsduGd1MT6HJHjJJgueX/M1HeB1M9PRMHm0cikirK
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:17:00 2024 by rpki-client on console-ams.rpki-client.org