Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/bYMhEoD0IrejWDFaLoLnUce2H7U.roa
File: bYMhEoD0IrejWDFaLoLnUce2H7U.roa (raw, json)
Hash identifier: 7RuSEztefK1SjkaWJzwCujzZeQfIAg20Gh+K/2UjgdQ=
Subject key identifier: 6D:83:21:12:80:F4:22:B7:A3:58:31:5A:2E:82:E7:51:C7:B6:1F:B5
Certificate issuer: /CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Certificate serial: 01856BDC767F034261247EBDBDF4E320B057
Authority key identifier: 0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/bYMhEoD0IrejWDFaLoLnUce2H7U.roa
Signing time: Sun 01 Jan 2023 05:44:48 +0000
ROA not before: Sun 01 Jan 2023 05:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212425
IP address blocks: 2a0f:607:1100::/44 maxlen: 48
2a0f:607:1052::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:76:7f:03:42:61:24:7e:bd:bd:f4:e3:20:b0:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Validity
Not Before: Jan 1 05:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d83211280f422b7a358315a2e82e751c7b61fb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:45:eb:cd:85:ab:c3:9d:dd:54:68:31:d6:d2:
cd:f3:2c:4b:68:ae:36:6b:a7:cc:5f:21:08:b2:0e:
7c:32:f5:71:c0:44:5b:2c:3d:39:7d:30:87:4a:99:
9e:48:e3:8f:ef:82:db:60:80:ee:0f:31:a9:2e:1e:
12:4e:e3:6e:db:8a:9d:6d:11:05:af:ff:38:9d:5d:
36:66:76:fa:23:fd:00:0c:d0:d3:c9:05:47:00:01:
ab:09:99:e7:a4:ba:08:8c:a5:5f:38:4a:02:31:28:
3f:85:19:29:bb:89:e6:5d:ff:1c:81:16:63:3e:e9:
84:a9:46:98:8a:75:d1:a6:3a:6b:5c:26:b6:8c:2d:
b0:f3:70:d9:5e:4c:2b:99:27:1c:5b:26:78:28:aa:
47:be:ce:28:1d:4d:95:ad:41:20:40:f6:cc:b5:b5:
4d:c8:95:85:cd:7e:f2:5f:7a:d5:cf:fc:3a:ef:03:
d0:ca:35:bf:2b:45:96:c8:ef:77:1f:5b:71:19:05:
4f:65:6c:47:60:9d:8a:fb:f2:15:e2:b8:d9:08:dd:
0e:51:19:28:75:45:ec:7c:c5:2c:fa:9e:e8:96:b1:
de:01:f7:78:31:86:cd:6b:88:0e:49:a8:0f:06:b3:
ad:d2:3b:b0:50:7d:86:e7:fe:d8:d1:f3:8c:a5:28:
e8:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:83:21:12:80:F4:22:B7:A3:58:31:5A:2E:82:E7:51:C7:B6:1F:B5
X509v3 Authority Key Identifier:
keyid:0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/bYMhEoD0IrejWDFaLoLnUce2H7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/DCG5JbTEvMMPd8nEG6jQQKyV38Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:607:1052::/48
2a0f:607:1100::/44
Signature Algorithm: sha256WithRSAEncryption
37:fc:e9:60:8b:3b:16:00:df:5c:b3:2e:be:0f:7f:7a:3d:fb:
a7:01:8b:21:70:3f:5a:3c:52:62:53:b8:3c:45:73:5d:83:46:
8a:cd:6a:61:19:9b:40:9d:0c:41:0f:85:2b:ba:39:10:ed:01:
c7:af:fa:da:c1:89:82:d8:c9:e2:58:2b:5e:f8:38:6c:15:ab:
5d:d3:a9:92:1f:23:c8:f0:8b:4c:94:97:84:3f:29:fd:de:17:
f3:23:bf:b6:ad:5b:22:54:ea:4e:fd:3d:8c:dd:73:c6:34:99:
1c:f3:a6:ae:ef:10:c8:9f:94:23:b3:88:21:0e:e8:4c:41:28:
23:55:98:f8:f3:10:bd:9a:31:f9:b3:32:1f:6a:ff:8c:be:4f:
ae:d8:c9:85:46:f2:43:fc:54:f0:be:b2:a9:c8:56:ec:f8:af:
0f:f4:cf:00:90:cc:11:c0:51:8f:9c:b2:87:5d:d0:22:15:f7:
70:69:ac:e4:8a:ac:93:ba:16:fa:ce:b3:ca:81:8f:ae:da:82:
5f:95:c6:05:36:7a:d7:6c:b0:2e:c4:af:75:b3:1d:07:46:37:
b4:5d:a5:35:a8:0b:a4:65:46:ca:9e:37:cc:bf:8d:f3:eb:9c:
64:be:36:a6:e5:a5:e6:99:d5:d0:87:77:68:1b:4c:4e:9f:98:
4c:d2:03:b7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVr3HZ/A0JhJH69vfTjILBXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMjFiOTI1YjRjNGJjYzMwZjc3YzljNDFiYThkMDQwYWM5
NWRmYzYwHhcNMjMwMTAxMDU0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDgzMjExMjgwZjQyMmI3YTM1ODMxNWEyZTgyZTc1MWM3YjYxZmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUXrzYWrw53dVGgx1tLN8yxLaK42
a6fMXyEIsg58MvVxwERbLD05fTCHSpmeSOOP74LbYIDuDzGpLh4STuNu24qdbREF
r/84nV02Znb6I/0ADNDTyQVHAAGrCZnnpLoIjKVfOEoCMSg/hRkpu4nmXf8cgRZj
PumEqUaYinXRpjprXCa2jC2w83DZXkwrmSccWyZ4KKpHvs4oHU2VrUEgQPbMtbVN
yJWFzX7yX3rVz/w67wPQyjW/K0WWyO93H1txGQVPZWxHYJ2K+/IV4rjZCN0OURko
dUXsfMUs+p7olrHeAfd4MYbNa4gOSagPBrOt0juwUH2G5/7Y0fOMpSjoZwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG2DIRKA9CK3o1gxWi6C51HHth+1MB8GA1UdIwQY
MBaAFAwhuSW0xLzDD3fJxBuo0ECsld/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2Ut
YTM0NzU2NDE1OGY4LzEvYllNaEVvRDBJcmVqV0RGYUxvTG5VY2UySDdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2UtYTM0NzU2NDE1OGY4
LzEvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg8GBxBS
AwcEKg8GBxEAMA0GCSqGSIb3DQEBCwUAA4IBAQA3/OlgizsWAN9csy6+D396Pfun
AYshcD9aPFJiU7g8RXNdg0aKzWphGZtAnQxBD4UrujkQ7QHHr/rawYmC2MniWCte
+DhsFatd06mSHyPI8ItMlJeEPyn93hfzI7+2rVsiVOpO/T2M3XPGNJkc86au7xDI
n5Qjs4ghDuhMQSgjVZj48xC9mjH5szIfav+Mvk+u2MmFRvJD/FTwvrKpyFbs+K8P
9M8AkMwRwFGPnLKHXdAiFfdwaazkiqyTuhb6zrPKgY+u2oJflcYFNnrXbLAuxK91
sx0HRje0XaU1qAukZUbKnjfMv43z65xkvjam5aXmmdXQh3doG0xOn5hM0gO3
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:46 2024 by rpki-client on console-fra.rpki-client.org