Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/f35432-cf99-4f19-a76e-07b7fef0858f/1/RQAprImY4SukHCIQuKKeNG4kn5U.roa
File: RQAprImY4SukHCIQuKKeNG4kn5U.roa (raw, json)
Hash identifier: hijmdj264f1/LNvJBcrYb3Cj8+hxoOwrIM00iv5stCQ=
Subject key identifier: 45:00:29:AC:89:98:E1:2B:A4:1C:22:10:B8:A2:9E:34:6E:24:9F:95
Certificate issuer: /CN=c9b232958097b5863eafd047bb315171eaa01fb7
Certificate serial: 01856FC278EC446FEA6F5D3D317F84EEB347
Authority key identifier: C9:B2:32:95:80:97:B5:86:3E:AF:D0:47:BB:31:51:71:EA:A0:1F:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ybIylYCXtYY-r9BHuzFRceqgH7c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/f35432-cf99-4f19-a76e-07b7fef0858f/1/RQAprImY4SukHCIQuKKeNG4kn5U.roa
Signing time: Sun 01 Jan 2023 23:54:53 +0000
ROA not before: Sun 01 Jan 2023 23:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12672
IP address blocks: 2a00:ff0:8888::/48 maxlen: 48
2a00:ff0:9999::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:78:ec:44:6f:ea:6f:5d:3d:31:7f:84:ee:b3:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9b232958097b5863eafd047bb315171eaa01fb7
Validity
Not Before: Jan 1 23:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=450029ac8998e12ba41c2210b8a29e346e249f95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:28:41:cd:2d:71:e9:04:c6:14:19:8c:1a:47:
67:ad:a0:a7:97:44:a3:62:87:83:0a:18:71:27:5b:
77:54:d0:88:9c:ea:19:36:89:5a:81:e0:3f:dc:27:
19:af:ba:d9:27:07:b9:92:4f:ea:43:05:bb:fe:f0:
75:1c:2c:90:d4:9b:4f:d3:91:df:b2:77:f7:0e:b3:
df:40:a9:4a:eb:33:94:d6:b7:c1:05:d6:d1:27:88:
9c:e1:03:29:b7:ab:ca:88:37:23:2c:02:8c:f1:01:
c0:30:c9:3f:94:2b:0c:23:7c:f9:ee:f9:85:32:9c:
7a:c4:c7:b0:31:45:cf:3f:38:f9:0f:99:6a:43:92:
22:53:54:33:30:b6:98:3e:f4:fe:b7:67:e1:9d:5c:
b8:1a:d7:24:5b:0d:77:d2:21:28:53:0d:24:14:dc:
80:7a:a3:f8:87:42:3f:e3:f6:e4:f6:ad:4e:67:b3:
30:c0:d1:9e:bb:d2:a4:42:0b:01:3c:a7:f2:e4:cc:
10:53:ae:8a:82:7d:4b:49:12:59:41:8f:11:26:88:
99:f1:43:cf:39:50:da:00:3b:46:54:f6:5f:7b:aa:
a2:bc:e2:18:fa:f4:9c:58:df:5e:7f:3a:94:2a:a2:
f9:c8:6d:5a:f0:a9:7d:59:94:b1:38:e2:b3:b8:df:
82:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:00:29:AC:89:98:E1:2B:A4:1C:22:10:B8:A2:9E:34:6E:24:9F:95
X509v3 Authority Key Identifier:
keyid:C9:B2:32:95:80:97:B5:86:3E:AF:D0:47:BB:31:51:71:EA:A0:1F:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ybIylYCXtYY-r9BHuzFRceqgH7c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f35432-cf99-4f19-a76e-07b7fef0858f/1/RQAprImY4SukHCIQuKKeNG4kn5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f35432-cf99-4f19-a76e-07b7fef0858f/1/ybIylYCXtYY-r9BHuzFRceqgH7c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:ff0:8888::/48
2a00:ff0:9999::/48
Signature Algorithm: sha256WithRSAEncryption
32:c2:b3:ba:15:b2:6c:6c:d7:31:20:ca:55:b3:09:ab:45:07:
21:43:59:1e:94:53:ad:95:8b:30:7d:d6:b0:6f:60:d0:83:4e:
d0:3d:1c:13:c2:63:fd:88:6e:7b:48:08:42:ff:bb:65:34:49:
b1:31:d6:ee:a6:ff:5a:29:7e:9e:7a:95:c7:20:f2:3a:59:ff:
22:44:b2:72:02:86:e3:ac:e3:99:79:9a:7b:4f:98:d3:be:f9:
8f:b1:26:49:f2:2f:ee:1b:0f:48:bf:7b:8b:98:92:e4:63:1f:
5f:16:39:86:d8:3e:31:d3:09:19:a4:62:86:51:aa:8d:a8:0a:
e3:9a:66:a8:26:ef:3b:ff:64:41:e8:1f:b3:80:9a:73:d9:e5:
12:fd:51:67:5e:86:56:d0:a7:b1:c6:78:c3:6f:32:9a:5f:2b:
1a:a5:8b:29:56:92:c9:5d:0f:b0:8c:bc:cb:e2:bc:9a:fc:27:
be:eb:90:58:95:15:f7:bd:03:72:fa:3d:e3:7b:90:1d:07:e3:
fd:7b:a1:60:f1:27:fb:46:e6:a0:0f:1a:1a:fa:b9:76:b9:6d:
16:ba:4e:b5:71:f8:41:7b:ba:af:60:08:26:e5:fa:3b:14:91:
ff:48:26:0b:b3:ce:cb:df:a4:76:50:b8:f4:21:89:b3:d5:9a:
60:72:d0:f9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvwnjsRG/qb109MX+E7rNHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YjIzMjk1ODA5N2I1ODYzZWFmZDA0N2JiMzE1MTcxZWFh
MDFmYjcwHhcNMjMwMTAxMjM1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTAwMjlhYzg5OThlMTJiYTQxYzIyMTBiOGEyOWUzNDZlMjQ5Zjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkShBzS1x6QTGFBmMGkdnraCnl0Sj
YoeDChhxJ1t3VNCInOoZNolageA/3CcZr7rZJwe5kk/qQwW7/vB1HCyQ1JtP05Hf
snf3DrPfQKlK6zOU1rfBBdbRJ4ic4QMpt6vKiDcjLAKM8QHAMMk/lCsMI3z57vmF
Mpx6xMewMUXPPzj5D5lqQ5IiU1QzMLaYPvT+t2fhnVy4GtckWw130iEoUw0kFNyA
eqP4h0I/4/bk9q1OZ7MwwNGeu9KkQgsBPKfy5MwQU66Kgn1LSRJZQY8RJoiZ8UPP
OVDaADtGVPZfe6qivOIY+vScWN9efzqUKqL5yG1a8Kl9WZSxOOKzuN+CfQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEUAKayJmOErpBwiELiinjRuJJ+VMB8GA1UdIwQY
MBaAFMmyMpWAl7WGPq/QR7sxUXHqoB+3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWJJeWxZQ1h0WVktcjlCSHV6RlJjZXFnSDdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mMzU0MzItY2Y5OS00ZjE5LWE3NmUt
MDdiN2ZlZjA4NThmLzEvUlFBcHJJbVk0U3VrSENJUXVLS2VORzRrbjVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9mMzU0MzItY2Y5OS00ZjE5LWE3NmUtMDdiN2ZlZjA4NThm
LzEveWJJeWxZQ1h0WVktcjlCSHV6RlJjZXFnSDdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgAP8IiI
AwcAKgAP8JmZMA0GCSqGSIb3DQEBCwUAA4IBAQAywrO6FbJsbNcxIMpVswmrRQch
Q1kelFOtlYswfdawb2DQg07QPRwTwmP9iG57SAhC/7tlNEmxMdbupv9aKX6eepXH
IPI6Wf8iRLJyAobjrOOZeZp7T5jTvvmPsSZJ8i/uGw9Iv3uLmJLkYx9fFjmG2D4x
0wkZpGKGUaqNqArjmmaoJu87/2RB6B+zgJpz2eUS/VFnXoZW0KexxnjDbzKaXysa
pYspVpLJXQ+wjLzL4rya/Ce+65BYlRX3vQNy+j3je5AdB+P9e6Fg8Sf7RuagDxoa
+rl2uW0Wuk61cfhBe7qvYAgm5fo7FJH/SCYLs87L36R2ULj0IYmz1ZpgctD5
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:54 2024 by rpki-client on console-ams.rpki-client.org