Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/aaYh3_2b79fBxQrdu6q_8Hzv_Tc.roa
File: aaYh3_2b79fBxQrdu6q_8Hzv_Tc.roa (raw, json)
Hash identifier: dc/OJz8SAfWZs9IdCf//z4/QAYclwxg5mDmlVfu5oRo=
Subject key identifier: 69:A6:21:DF:FD:9B:EF:D7:C1:C5:0A:DD:BB:AA:BF:F0:7C:EF:FD:37
Certificate issuer: /CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Certificate serial: 01856BDC74BF2802546BC9FFB3E05848C947
Authority key identifier: 0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/aaYh3_2b79fBxQrdu6q_8Hzv_Tc.roa
Signing time: Sun 01 Jan 2023 05:44:47 +0000
ROA not before: Sun 01 Jan 2023 05:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212331
IP address blocks: 2a0f:607:1057::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:74:bf:28:02:54:6b:c9:ff:b3:e0:58:48:c9:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Validity
Not Before: Jan 1 05:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69a621dffd9befd7c1c50addbbaabff07ceffd37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:07:22:58:93:5f:41:72:31:f1:1c:3a:1b:30:
28:7b:8e:bc:08:0b:94:40:7d:8a:9d:d3:78:2c:9d:
4b:ed:4f:c4:8b:0d:e5:7f:4c:01:59:2b:77:03:21:
a6:a1:73:a7:02:8b:04:cf:0b:65:ee:1b:66:24:47:
d1:6e:ef:64:6d:a9:c8:7c:06:03:74:77:84:a5:bc:
9c:c2:7f:96:c5:b7:f3:c8:0a:1f:2c:a1:73:d5:bc:
15:4c:85:df:e4:b2:c3:8c:52:f0:48:95:2a:f6:70:
73:13:5c:8c:0f:94:a8:8f:37:32:76:06:d7:4c:ee:
e3:2b:12:1d:71:a3:1e:c8:39:fa:c3:41:a0:c7:b1:
b7:83:ab:10:dd:34:d8:7c:6d:ea:45:20:bb:9b:9a:
52:36:13:dd:b6:7e:3c:2e:1d:90:32:8f:be:50:ed:
27:7a:cc:e4:bf:94:f3:ce:65:47:fe:0b:70:cf:92:
57:24:55:e1:38:09:1d:a6:ff:95:6a:80:40:6c:49:
c5:47:b1:b4:86:12:ae:78:02:0e:83:b4:fd:27:ca:
51:ec:f4:5e:17:0c:cd:a7:35:1d:0e:77:81:1e:b4:
b3:14:48:96:7c:79:f6:24:ce:4a:a0:8f:a3:e5:22:
a4:53:b1:a5:db:ac:fb:23:c2:45:66:2a:f7:42:41:
83:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:A6:21:DF:FD:9B:EF:D7:C1:C5:0A:DD:BB:AA:BF:F0:7C:EF:FD:37
X509v3 Authority Key Identifier:
keyid:0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/aaYh3_2b79fBxQrdu6q_8Hzv_Tc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/DCG5JbTEvMMPd8nEG6jQQKyV38Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:607:1057::/48
Signature Algorithm: sha256WithRSAEncryption
42:c1:4a:f5:57:7c:1b:72:0f:e5:c4:37:c2:a3:ac:ab:d3:a1:
77:94:2c:28:79:ed:7c:38:75:85:a7:06:59:36:d3:b2:62:ff:
cd:ef:7c:94:2f:14:8c:2c:9b:47:d5:9f:8d:39:e7:68:d1:cc:
97:62:97:05:12:48:df:dd:c1:67:07:c3:ef:1b:27:16:a2:08:
04:80:b9:ab:29:df:3b:c0:38:9f:f9:40:c2:1d:31:e3:b1:e2:
d8:73:b1:04:ef:f1:ad:b6:3d:48:f0:6c:d2:18:b0:fb:49:c2:
62:11:9b:4c:6e:b7:9e:d1:86:95:94:82:d0:2c:72:dd:c9:01:
7b:2a:33:22:a8:98:12:eb:3c:98:6a:87:1b:af:3d:4d:7b:d6:
cd:46:a9:4a:df:d4:0f:f3:97:71:9e:51:09:6d:09:d9:8c:98:
e5:69:24:d7:86:50:27:f9:c4:e6:1c:a6:16:6d:58:3c:e6:62:
08:a4:7d:11:09:8c:72:cf:fc:b8:ac:7e:13:aa:a5:7c:33:ae:
28:e6:7c:52:a5:42:98:03:ea:7c:ca:d8:87:0a:4a:04:02:33:
cb:02:e3:f2:b1:73:65:a6:96:2a:31:57:e9:9a:f1:e7:bb:7e:
7c:c1:87:cd:0b:0c:63:14:9f:fb:31:72:19:24:bf:6e:66:88:
81:69:57:41
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVr3HS/KAJUa8n/s+BYSMlHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMjFiOTI1YjRjNGJjYzMwZjc3YzljNDFiYThkMDQwYWM5
NWRmYzYwHhcNMjMwMTAxMDU0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWE2MjFkZmZkOWJlZmQ3YzFjNTBhZGRiYmFhYmZmMDdjZWZmZDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQciWJNfQXIx8Rw6GzAoe468CAuU
QH2KndN4LJ1L7U/Eiw3lf0wBWSt3AyGmoXOnAosEzwtl7htmJEfRbu9kbanIfAYD
dHeEpbycwn+WxbfzyAofLKFz1bwVTIXf5LLDjFLwSJUq9nBzE1yMD5SojzcydgbX
TO7jKxIdcaMeyDn6w0Ggx7G3g6sQ3TTYfG3qRSC7m5pSNhPdtn48Lh2QMo++UO0n
eszkv5TzzmVH/gtwz5JXJFXhOAkdpv+VaoBAbEnFR7G0hhKueAIOg7T9J8pR7PRe
FwzNpzUdDneBHrSzFEiWfHn2JM5KoI+j5SKkU7Gl26z7I8JFZir3QkGDgwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGmmId/9m+/XwcUK3buqv/B87/03MB8GA1UdIwQY
MBaAFAwhuSW0xLzDD3fJxBuo0ECsld/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2Ut
YTM0NzU2NDE1OGY4LzEvYWFZaDNfMmI3OWZCeFFyZHU2cV84SHp2X1RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2UtYTM0NzU2NDE1OGY4
LzEvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg8GBxBX
MA0GCSqGSIb3DQEBCwUAA4IBAQBCwUr1V3wbcg/lxDfCo6yr06F3lCwoee18OHWF
pwZZNtOyYv/N73yULxSMLJtH1Z+NOedo0cyXYpcFEkjf3cFnB8PvGycWoggEgLmr
Kd87wDif+UDCHTHjseLYc7EE7/Gttj1I8GzSGLD7ScJiEZtMbree0YaVlILQLHLd
yQF7KjMiqJgS6zyYaocbrz1Ne9bNRqlK39QP85dxnlEJbQnZjJjlaSTXhlAn+cTm
HKYWbVg85mIIpH0RCYxyz/y4rH4TqqV8M64o5nxSpUKYA+p8ytiHCkoEAjPLAuPy
sXNlppYqMVfpmvHnu358wYfNCwxjFJ/7MXIZJL9uZoiBaVdB
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:46 2024 by rpki-client on console-fra.rpki-client.org