Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/wYHzZy9u1XWMOJTKQaaVcf342yU.roa
File: wYHzZy9u1XWMOJTKQaaVcf342yU.roa (raw, json)
Hash identifier: wVPcwYcHYmw5FQxc7JHur3uURI2aWItVEiYm5N7kneo=
Subject key identifier: C1:81:F3:67:2F:6E:D5:75:8C:38:94:CA:41:A6:95:71:FD:F8:DB:25
Certificate issuer: /CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Certificate serial: 01856BDC6E4164BE8D1F62C7972587CDDDFB
Authority key identifier: 0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/wYHzZy9u1XWMOJTKQaaVcf342yU.roa
Signing time: Sun 01 Jan 2023 05:44:46 +0000
ROA not before: Sun 01 Jan 2023 05:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138181
IP address blocks: 2a0f:607:1300::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:6e:41:64:be:8d:1f:62:c7:97:25:87:cd:dd:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Validity
Not Before: Jan 1 05:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c181f3672f6ed5758c3894ca41a69571fdf8db25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f2:3d:35:d9:a1:b3:36:9e:bc:82:11:09:4a:
2b:1b:01:51:3a:28:f4:82:22:f8:05:9d:fe:5c:6e:
0a:a7:0e:3a:0e:33:55:58:ee:ae:b2:74:cb:58:e8:
be:39:64:c8:7e:dd:99:7b:de:9a:f5:bb:30:f3:08:
75:be:b0:05:18:d0:bd:cd:46:bd:43:2c:38:00:7a:
b3:bc:27:b6:e3:11:8b:b4:bc:b0:fa:28:42:49:f7:
04:d3:f7:7c:90:34:1a:3f:df:cb:64:eb:72:79:b8:
f2:6b:ce:80:92:ff:94:cf:ab:e8:08:6f:06:ad:6d:
5a:46:77:69:25:42:ce:9c:09:dd:0d:37:52:e5:d2:
5b:6d:cf:0a:16:6b:32:ea:00:e2:9c:76:90:49:93:
53:48:2a:14:d6:c4:b1:8a:a9:6e:ca:38:ed:11:89:
76:d3:68:ad:43:0f:69:aa:96:6b:08:71:da:cb:65:
4d:fc:50:1f:27:ea:c5:00:2a:78:1e:00:26:a7:d2:
37:78:79:49:f0:4f:bc:8e:4c:c5:95:99:30:57:71:
c3:e1:bb:e3:5f:89:4f:6d:73:5e:65:23:00:12:5f:
d1:25:42:53:ae:01:99:24:f2:5c:ce:66:56:2a:b6:
35:a2:52:fc:cc:12:ff:ed:93:3a:da:87:11:9d:3a:
12:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:81:F3:67:2F:6E:D5:75:8C:38:94:CA:41:A6:95:71:FD:F8:DB:25
X509v3 Authority Key Identifier:
keyid:0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/wYHzZy9u1XWMOJTKQaaVcf342yU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/DCG5JbTEvMMPd8nEG6jQQKyV38Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:607:1300::/44
Signature Algorithm: sha256WithRSAEncryption
b5:9f:43:2f:7c:df:e2:00:b2:10:2e:b6:10:c2:7a:28:e1:32:
b0:a6:a3:7c:e4:8c:0c:18:0e:a2:6f:87:d4:cf:12:5a:87:72:
bc:63:81:ff:0d:c0:55:88:e2:00:2c:dd:a3:68:d3:2b:2a:c6:
82:27:f7:84:43:05:a6:c5:a7:fa:af:46:ea:14:3b:22:a0:79:
61:42:2c:a1:3e:46:6d:73:96:1b:af:c9:5c:a1:ac:82:50:d2:
18:61:49:36:d4:3f:2d:c9:9c:1b:cd:06:2d:f5:95:b6:5a:15:
b6:20:c4:b4:9b:91:46:30:36:b3:b0:ca:66:79:da:70:95:7d:
a5:ad:d2:66:60:6f:3b:7a:f1:d0:f8:9c:fb:16:12:91:cf:58:
c1:33:40:ec:5f:f3:bc:13:d9:64:57:d6:a9:1e:19:39:11:1d:
19:ec:fb:f8:a4:60:28:a9:6d:f4:66:67:ef:27:5e:a1:fa:af:
05:48:05:46:4c:98:69:3e:73:98:58:9e:d5:3e:7a:7c:06:04:
a2:24:90:3a:ca:2b:04:17:32:5f:0a:cf:dd:bd:0c:4b:df:91:
35:73:7d:ef:e5:1f:d6:4a:0c:fa:8c:e1:bd:50:6b:38:a4:f5:
2f:36:09:6c:28:dd:c6:4e:d4:d3:57:7a:9b:90:47:47:7d:1e:
9e:0a:ae:d9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVr3G5BZL6NH2LHlyWHzd37MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMjFiOTI1YjRjNGJjYzMwZjc3YzljNDFiYThkMDQwYWM5
NWRmYzYwHhcNMjMwMTAxMDU0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTgxZjM2NzJmNmVkNTc1OGMzODk0Y2E0MWE2OTU3MWZkZjhkYjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPI9NdmhszaevIIRCUorGwFROij0
giL4BZ3+XG4Kpw46DjNVWO6usnTLWOi+OWTIft2Ze96a9bsw8wh1vrAFGNC9zUa9
Qyw4AHqzvCe24xGLtLyw+ihCSfcE0/d8kDQaP9/LZOtyebjya86Akv+Uz6voCG8G
rW1aRndpJULOnAndDTdS5dJbbc8KFmsy6gDinHaQSZNTSCoU1sSxiqluyjjtEYl2
02itQw9pqpZrCHHay2VN/FAfJ+rFACp4HgAmp9I3eHlJ8E+8jkzFlZkwV3HD4bvj
X4lPbXNeZSMAEl/RJUJTrgGZJPJczmZWKrY1olL8zBL/7ZM62ocRnToSmQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMGB82cvbtV1jDiUykGmlXH9+NslMB8GA1UdIwQY
MBaAFAwhuSW0xLzDD3fJxBuo0ECsld/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2Ut
YTM0NzU2NDE1OGY4LzEvd1lIelp5OXUxWFdNT0pUS1FhYVZjZjM0MnlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2UtYTM0NzU2NDE1OGY4
LzEvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg8GBxMA
MA0GCSqGSIb3DQEBCwUAA4IBAQC1n0MvfN/iALIQLrYQwnoo4TKwpqN85IwMGA6i
b4fUzxJah3K8Y4H/DcBViOIALN2jaNMrKsaCJ/eEQwWmxaf6r0bqFDsioHlhQiyh
PkZtc5Ybr8lcoayCUNIYYUk21D8tyZwbzQYt9ZW2WhW2IMS0m5FGMDazsMpmedpw
lX2lrdJmYG87evHQ+Jz7FhKRz1jBM0DsX/O8E9lkV9apHhk5ER0Z7Pv4pGAoqW30
ZmfvJ16h+q8FSAVGTJhpPnOYWJ7VPnp8BgSiJJA6yisEFzJfCs/dvQxL35E1c33v
5R/WSgz6jOG9UGs4pPUvNglsKN3GTtTTV3qbkEdHfR6eCq7Z
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:17:01 2024 by rpki-client on console-ams.rpki-client.org