Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/9R56zSRUmhrF6aksnm6S9LwJvc0.roa
File: 9R56zSRUmhrF6aksnm6S9LwJvc0.roa (raw, json)
Hash identifier: tcAa1/DRvmmHRrMofgQNGo/OUZGfqmIpUYTcjzw2VU8=
Subject key identifier: F5:1E:7A:CD:24:54:9A:1A:C5:E9:A9:2C:9E:6E:92:F4:BC:09:BD:CD
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 0189BDF550D041E12B369588CB07D610358D
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/9R56zSRUmhrF6aksnm6S9LwJvc0.roa
Signing time: Fri 04 Aug 2023 00:31:58 +0000
ROA not before: Fri 04 Aug 2023 00:31:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199613
IP address blocks: 2a0f:7803:ff70::/44 maxlen: 48
2a0f:7802:1000::/36 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bd:f5:50:d0:41:e1:2b:36:95:88:cb:07:d6:10:35:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: Aug 4 00:31:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f51e7acd24549a1ac5e9a92c9e6e92f4bc09bdcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:5e:aa:5d:7c:09:7e:e5:0d:a1:8e:c9:d9:37:
cd:ab:e9:db:c3:5e:16:7e:61:40:44:1a:1f:42:b6:
ec:71:4c:b2:1c:66:d6:29:3e:60:50:13:8a:3b:97:
9b:26:d1:f1:39:39:5b:3e:ef:1e:57:b0:e1:4d:0d:
99:cf:57:5a:74:a7:0e:b1:91:34:7e:92:62:d5:70:
d0:10:7a:51:bb:55:51:6d:74:b2:ee:68:a2:49:80:
50:60:ff:0a:88:d9:a4:6c:47:28:48:ab:fa:b6:b1:
3b:dc:d0:4a:1c:a9:17:5f:21:ed:20:62:75:3d:b5:
6f:c2:40:3f:d5:61:bc:e6:3e:26:bc:a4:6b:3c:3d:
4c:9c:32:c4:67:12:3a:41:ae:aa:d0:24:2e:38:ed:
77:d1:5a:99:78:06:ab:97:b1:fd:31:42:00:32:12:
5c:82:bf:df:e1:4a:02:a9:53:3b:b1:4e:b1:dd:11:
3a:6e:7b:e3:73:87:fd:83:90:2d:96:df:f0:58:9f:
03:7e:00:61:25:59:28:95:f2:bf:84:67:f4:2b:6c:
01:0a:ee:a7:43:03:e3:46:62:33:56:aa:7b:2f:74:
4c:36:ef:34:79:a3:43:f3:c8:6a:33:73:81:a7:9d:
68:e3:5b:dd:8b:57:a4:34:ed:62:af:f7:d6:cc:dd:
4b:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:1E:7A:CD:24:54:9A:1A:C5:E9:A9:2C:9E:6E:92:F4:BC:09:BD:CD
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/9R56zSRUmhrF6aksnm6S9LwJvc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7802:1000::/36
2a0f:7803:ff70::/44
Signature Algorithm: sha256WithRSAEncryption
88:dd:34:26:2a:82:3d:05:31:76:ca:2c:93:55:15:6c:88:d4:
ff:d4:04:a3:64:f1:51:c8:49:2b:46:b3:c3:b1:c7:44:c7:e5:
06:78:c7:c2:81:ea:0b:5f:bb:e1:35:d1:4c:b7:3e:c6:23:a1:
4b:0c:77:3a:ef:ae:3f:af:b6:49:bb:be:7a:48:bd:a7:12:46:
02:26:65:6d:90:48:f9:67:3f:cb:7d:95:70:c2:89:0d:84:2f:
0b:98:fb:18:d8:97:a0:e3:77:4c:cf:11:a6:0a:20:13:1c:35:
9c:59:76:c6:2f:ed:20:d1:eb:d6:bd:0d:bb:45:65:b7:7d:70:
71:1a:ce:3e:fb:21:5b:e4:2b:27:61:87:2c:ab:7e:d2:a7:47:
7a:eb:dc:80:17:3a:53:b8:bf:6b:d8:32:08:d8:be:1b:fa:2c:
44:53:76:4f:3a:06:6d:57:bf:56:ea:6e:01:64:bd:65:93:83:
47:ed:5a:0c:9a:b9:05:53:fe:71:94:09:3b:4a:ce:2e:b7:a3:
4c:a0:52:03:20:e4:f0:c4:3a:87:04:bb:17:c8:0a:6e:26:62:
be:79:f1:c2:fa:cd:8f:40:eb:98:ca:c2:1a:ef:64:5c:35:d7:
ef:41:d6:9a:2e:70:8c:f4:42:a8:c1:f9:8a:50:95:c8:4d:80:
76:08:38:d3
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYm99VDQQeErNpWIywfWEDWNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjMwODA0MDAzMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTFlN2FjZDI0NTQ5YTFhYzVlOWE5MmM5ZTZlOTJmNGJjMDliZGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgV6qXXwJfuUNoY7J2TfNq+nbw14W
fmFARBofQrbscUyyHGbWKT5gUBOKO5ebJtHxOTlbPu8eV7DhTQ2Zz1dadKcOsZE0
fpJi1XDQEHpRu1VRbXSy7miiSYBQYP8KiNmkbEcoSKv6trE73NBKHKkXXyHtIGJ1
PbVvwkA/1WG85j4mvKRrPD1MnDLEZxI6Qa6q0CQuOO130VqZeAarl7H9MUIAMhJc
gr/f4UoCqVM7sU6x3RE6bnvjc4f9g5Atlt/wWJ8DfgBhJVkolfK/hGf0K2wBCu6n
QwPjRmIzVqp7L3RMNu80eaND88hqM3OBp51o41vdi1ekNO1ir/fWzN1LAwIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFPUees0kVJoaxempLJ5ukvS8Cb3NMB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvOVI1NnpTUlVtaHJGNmFrc25tNlM5THdKdmMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwYEKg94AhAD
BwQqD3gD/3AwDQYJKoZIhvcNAQELBQADggEBAIjdNCYqgj0FMXbKLJNVFWyI1P/U
BKNk8VHISStGs8Oxx0TH5QZ4x8KB6gtfu+E10Uy3PsYjoUsMdzrvrj+vtkm7vnpI
vacSRgImZW2QSPlnP8t9lXDCiQ2ELwuY+xjYl6Djd0zPEaYKIBMcNZxZdsYv7SDR
69a9DbtFZbd9cHEazj77IVvkKydhhyyrftKnR3rr3IAXOlO4v2vYMgjYvhv6LERT
dk86Bm1Xv1bqbgFkvWWTg0ftWgyauQVT/nGUCTtKzi63o0ygUgMg5PDEOocEuxfI
Cm4mYr558cL6zY9A65jKwhrvZFw11+9B1poucIz0QqjB+YpQlchNgHYIONM=
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:16:26 2024 by rpki-client on console-ams.rpki-client.org