Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/PB79N8IpUtBuIosDEF8gjxKL1Pc.roa
File: PB79N8IpUtBuIosDEF8gjxKL1Pc.roa (raw, json)
Hash identifier: nrtTbHiRSsY/4q8LNxOL8ToCTs9dn+cUN7nyz0lBDEY=
Subject key identifier: 3C:1E:FD:37:C2:29:52:D0:6E:22:8B:03:10:5F:20:8F:12:8B:D4:F7
Certificate issuer: /CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Certificate serial: 01856BDC69DFC752254D3CB4A41420959D2E
Authority key identifier: 0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/PB79N8IpUtBuIosDEF8gjxKL1Pc.roa
Signing time: Sun 01 Jan 2023 05:44:45 +0000
ROA not before: Sun 01 Jan 2023 05:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43126
IP address blocks: 2a0f:607:1060::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:69:df:c7:52:25:4d:3c:b4:a4:14:20:95:9d:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Validity
Not Before: Jan 1 05:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c1efd37c22952d06e228b03105f208f128bd4f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:39:72:68:6d:2b:3d:8a:b3:0f:cc:11:27:08:
9f:a4:44:17:a9:9a:43:1e:bd:e5:30:ad:02:b2:cf:
6d:aa:bc:aa:a9:20:79:bc:63:4e:03:af:c5:a7:67:
ed:2b:c4:18:fc:08:54:0a:6d:96:f2:b6:a5:62:63:
ee:19:43:d0:bc:a6:ce:65:30:de:6a:cd:4f:9f:8d:
b9:bc:77:a4:d1:03:ad:83:13:31:f7:d0:05:c9:ef:
e7:39:70:0c:8c:d5:ba:10:c9:56:75:72:9c:b0:f6:
5b:85:4f:19:2c:17:29:d1:a0:1b:6b:a5:34:b4:fd:
2e:d6:fb:30:0e:cc:e6:d3:63:2c:0a:ce:c1:6c:a8:
de:25:1d:96:47:ac:fa:c9:9c:f8:12:ee:39:85:cc:
9c:40:5c:30:50:a0:6a:d2:ba:72:48:0a:eb:c4:b0:
6f:6b:d8:b4:ad:7a:3d:04:f6:54:cb:f6:e1:db:2b:
f4:a1:25:ce:31:66:f4:20:64:7a:d2:34:58:5b:e9:
dd:98:64:4f:cf:b3:b6:45:44:b0:e4:67:d6:c5:4d:
97:0c:31:a4:a6:bb:12:77:c3:dc:6a:6d:94:5b:2f:
ec:4c:03:01:bc:ac:67:fb:4e:50:98:10:11:6a:90:
01:01:f1:0f:bf:9e:c0:62:45:bb:00:3c:28:3b:6a:
a4:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:1E:FD:37:C2:29:52:D0:6E:22:8B:03:10:5F:20:8F:12:8B:D4:F7
X509v3 Authority Key Identifier:
keyid:0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/PB79N8IpUtBuIosDEF8gjxKL1Pc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/DCG5JbTEvMMPd8nEG6jQQKyV38Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:607:1060::/44
Signature Algorithm: sha256WithRSAEncryption
82:4e:31:0c:9a:de:de:d8:2f:f2:b6:d2:ed:9b:2b:9d:29:af:
b6:bb:42:2f:05:23:f1:e1:70:fb:fb:30:47:67:f1:47:3d:e8:
b9:01:cb:1a:8e:76:dd:47:ab:14:1f:dd:52:ce:be:02:a2:29:
ed:8d:c1:c5:72:3a:5f:a4:53:f3:e7:f7:e3:83:99:eb:0b:88:
67:8f:45:1b:03:d5:4e:81:56:89:2a:cb:75:f9:07:a1:01:16:
b0:a7:45:77:04:e4:da:3d:d8:61:99:33:24:cb:55:e4:dc:a7:
60:4c:15:c4:d2:cb:a3:ff:2c:d1:1f:48:b9:f4:48:3d:37:a6:
65:bc:32:b0:b7:cf:38:8c:11:38:e5:27:ce:b2:b2:ba:2b:85:
74:29:23:f3:9e:08:b2:3e:35:56:45:1e:0b:16:0b:76:0a:cb:
99:a1:72:88:3c:2f:c2:b1:af:62:1e:14:d3:23:fa:c5:83:bd:
a3:95:5d:e7:5c:02:ba:23:06:55:23:64:d0:a9:e5:72:4d:4c:
7f:89:5e:99:6a:2a:6b:5f:d5:75:a9:93:5f:a0:09:df:0a:68:
61:af:90:70:17:24:6e:66:bc:a3:e7:8b:bc:de:37:77:95:17:
f1:e3:69:d3:43:27:ee:31:e7:80:85:5a:19:5b:59:60:cc:b8:
81:75:24:0e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVr3Gnfx1IlTTy0pBQglZ0uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMjFiOTI1YjRjNGJjYzMwZjc3YzljNDFiYThkMDQwYWM5
NWRmYzYwHhcNMjMwMTAxMDU0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzFlZmQzN2MyMjk1MmQwNmUyMjhiMDMxMDVmMjA4ZjEyOGJkNGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzlyaG0rPYqzD8wRJwifpEQXqZpD
Hr3lMK0Css9tqryqqSB5vGNOA6/Fp2ftK8QY/AhUCm2W8ralYmPuGUPQvKbOZTDe
as1Pn425vHek0QOtgxMx99AFye/nOXAMjNW6EMlWdXKcsPZbhU8ZLBcp0aAba6U0
tP0u1vswDszm02MsCs7BbKjeJR2WR6z6yZz4Eu45hcycQFwwUKBq0rpySArrxLBv
a9i0rXo9BPZUy/bh2yv0oSXOMWb0IGR60jRYW+ndmGRPz7O2RUSw5GfWxU2XDDGk
prsSd8Pcam2UWy/sTAMBvKxn+05QmBARapABAfEPv57AYkW7ADwoO2qkMwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDwe/TfCKVLQbiKLAxBfII8Si9T3MB8GA1UdIwQY
MBaAFAwhuSW0xLzDD3fJxBuo0ECsld/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2Ut
YTM0NzU2NDE1OGY4LzEvUEI3OU44SXBVdEJ1SW9zREVGOGdqeEtMMVBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2UtYTM0NzU2NDE1OGY4
LzEvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg8GBxBg
MA0GCSqGSIb3DQEBCwUAA4IBAQCCTjEMmt7e2C/yttLtmyudKa+2u0IvBSPx4XD7
+zBHZ/FHPei5AcsajnbdR6sUH91Szr4CointjcHFcjpfpFPz5/fjg5nrC4hnj0Ub
A9VOgVaJKst1+QehARawp0V3BOTaPdhhmTMky1Xk3KdgTBXE0suj/yzRH0i59Eg9
N6ZlvDKwt884jBE45SfOsrK6K4V0KSPzngiyPjVWRR4LFgt2CsuZoXKIPC/Csa9i
HhTTI/rFg72jlV3nXAK6IwZVI2TQqeVyTUx/iV6ZaiprX9V1qZNfoAnfCmhhr5Bw
FyRuZryj54u83jd3lRfx42nTQyfuMeeAhVoZW1lgzLiBdSQO
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:17:01 2024 by rpki-client on console-ams.rpki-client.org