Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/AOXBrryR4iN1ideQOT2JedPhoSA.roa
File: AOXBrryR4iN1ideQOT2JedPhoSA.roa (raw, json)
Hash identifier: +CQKz0gBgbUqCQWA3QeeOZuW9wriigJS2hct4+xrCwM=
Subject key identifier: 00:E5:C1:AE:BC:91:E2:23:75:89:D7:90:39:3D:89:79:D3:E1:A1:20
Certificate issuer: /CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Certificate serial: 01856BDC6BF349A69171FCEA76E3708A1B2A
Authority key identifier: 0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/AOXBrryR4iN1ideQOT2JedPhoSA.roa
Signing time: Sun 01 Jan 2023 05:44:45 +0000
ROA not before: Sun 01 Jan 2023 05:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57429
IP address blocks: 2a0f:607:1024::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:6b:f3:49:a6:91:71:fc:ea:76:e3:70:8a:1b:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Validity
Not Before: Jan 1 05:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00e5c1aebc91e2237589d790393d8979d3e1a120
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:0b:4b:1e:bf:d8:be:93:4b:77:6f:4f:15:d3:
38:92:94:54:19:ff:20:08:db:16:1b:42:5d:58:03:
33:34:86:97:c7:19:4f:8c:1d:8e:6c:20:27:10:90:
2e:98:65:06:7d:95:9d:21:13:5d:45:9a:04:3a:40:
f5:d1:d8:cf:b4:cd:ea:7a:24:6e:79:8f:36:cf:94:
df:af:93:78:87:2e:26:7a:8e:23:b8:85:7c:0a:c9:
01:99:97:4b:3d:01:1a:e2:1a:d8:2e:a5:84:cd:2d:
26:e8:b5:f8:90:cc:13:15:6c:1e:18:6d:54:0c:1b:
da:f0:0b:10:34:a6:4c:85:de:ac:5c:e2:e9:fb:53:
8c:94:da:e8:6e:ca:2b:02:26:0c:74:b8:42:a7:ba:
31:ab:92:e5:cb:27:d7:22:6a:63:8a:cb:6b:f5:a1:
9d:47:7c:99:6c:0f:a1:56:8b:6d:f8:a7:04:9d:75:
a6:bc:fd:b8:5d:0c:e0:44:e3:1e:34:4a:cb:ef:04:
35:e2:1c:48:a6:a5:a7:72:56:ca:9e:9b:f7:16:99:
57:56:ea:68:a3:0d:6e:b5:4e:86:58:63:85:0d:bf:
19:c1:71:1a:e2:d2:08:63:d4:57:5b:07:de:d5:8f:
26:27:c2:2e:47:e1:c3:84:9b:83:1c:c7:22:44:2e:
00:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:E5:C1:AE:BC:91:E2:23:75:89:D7:90:39:3D:89:79:D3:E1:A1:20
X509v3 Authority Key Identifier:
keyid:0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/AOXBrryR4iN1ideQOT2JedPhoSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/DCG5JbTEvMMPd8nEG6jQQKyV38Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:607:1024::/48
Signature Algorithm: sha256WithRSAEncryption
2a:e3:7a:18:23:8b:f3:48:7b:73:e1:0d:6c:8b:2b:61:78:a1:
8d:c5:39:74:b0:27:b8:34:de:fb:80:3c:e4:07:5b:da:04:6d:
c2:fb:54:44:eb:ff:4c:92:ba:d1:b9:68:ad:b4:e7:af:9e:bc:
d6:98:f6:f5:6e:90:58:4c:e8:79:62:c7:d7:e8:34:5f:a0:d9:
d0:e3:20:c7:56:bd:bc:98:41:1a:df:bd:39:53:71:1c:75:b3:
8a:18:67:bd:30:1a:49:90:b4:cb:7f:dd:3b:9c:a4:7a:15:b8:
50:cf:f2:13:aa:99:34:39:22:76:df:d6:ab:10:cb:9b:e9:42:
b5:6a:d5:d2:f1:b0:40:5f:9e:e0:ea:55:5e:cd:a7:58:05:5d:
54:d4:81:e7:38:2c:ef:f0:4c:9e:17:9d:79:cb:ee:8c:54:5b:
fd:e4:20:b5:68:3e:14:da:4e:0b:66:c3:c4:d3:b6:25:c0:71:
79:e6:da:94:2f:1d:9f:5c:98:db:4e:b1:aa:0c:46:40:75:31:
8d:69:83:6d:85:47:6e:18:61:25:bc:c1:b6:46:91:54:cd:4c:
c0:6e:95:d3:80:f4:c6:15:59:3a:ad:16:65:97:be:f9:49:dc:
1b:bc:10:b9:c5:59:8f:3b:22:1a:3b:3f:be:5f:a4:16:0c:1c:
bc:4f:c9:d6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVr3GvzSaaRcfzqduNwihsqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMjFiOTI1YjRjNGJjYzMwZjc3YzljNDFiYThkMDQwYWM5
NWRmYzYwHhcNMjMwMTAxMDU0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGU1YzFhZWJjOTFlMjIzNzU4OWQ3OTAzOTNkODk3OWQzZTFhMTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwtLHr/YvpNLd29PFdM4kpRUGf8g
CNsWG0JdWAMzNIaXxxlPjB2ObCAnEJAumGUGfZWdIRNdRZoEOkD10djPtM3qeiRu
eY82z5Tfr5N4hy4meo4juIV8CskBmZdLPQEa4hrYLqWEzS0m6LX4kMwTFWweGG1U
DBva8AsQNKZMhd6sXOLp+1OMlNrobsorAiYMdLhCp7oxq5LlyyfXImpjistr9aGd
R3yZbA+hVott+KcEnXWmvP24XQzgROMeNErL7wQ14hxIpqWnclbKnpv3FplXVupo
ow1utU6GWGOFDb8ZwXEa4tIIY9RXWwfe1Y8mJ8IuR+HDhJuDHMciRC4ASQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFADlwa68keIjdYnXkDk9iXnT4aEgMB8GA1UdIwQY
MBaAFAwhuSW0xLzDD3fJxBuo0ECsld/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2Ut
YTM0NzU2NDE1OGY4LzEvQU9YQnJyeVI0aU4xaWRlUU9UMkplZFBob1NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2UtYTM0NzU2NDE1OGY4
LzEvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg8GBxAk
MA0GCSqGSIb3DQEBCwUAA4IBAQAq43oYI4vzSHtz4Q1siytheKGNxTl0sCe4NN77
gDzkB1vaBG3C+1RE6/9MkrrRuWittOevnrzWmPb1bpBYTOh5YsfX6DRfoNnQ4yDH
Vr28mEEa3705U3EcdbOKGGe9MBpJkLTLf907nKR6FbhQz/ITqpk0OSJ239arEMub
6UK1atXS8bBAX57g6lVezadYBV1U1IHnOCzv8EyeF515y+6MVFv95CC1aD4U2k4L
ZsPE07YlwHF55tqULx2fXJjbTrGqDEZAdTGNaYNthUduGGElvMG2RpFUzUzAbpXT
gPTGFVk6rRZll775SdwbvBC5xVmPOyIaOz++X6QWDBy8T8nW
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:17:00 2024 by rpki-client on console-ams.rpki-client.org