Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/N8yf-GjUPHFkz2Vi0A2Ts7WH1DY.roa
File: N8yf-GjUPHFkz2Vi0A2Ts7WH1DY.roa (raw, json)
Hash identifier: fO/dNabOmdbtZNKquJrVwT/majkAGkdNHV7Usc4GohM=
Subject key identifier: 37:CC:9F:F8:68:D4:3C:71:64:CF:65:62:D0:0D:93:B3:B5:87:D4:36
Certificate issuer: /CN=d60f45f7cc4b691fd4a31c1f1c0b4f605d77a6ef
Certificate serial: 01856FCBC0911BC985DD6DBB3C8462924343
Authority key identifier: D6:0F:45:F7:CC:4B:69:1F:D4:A3:1C:1F:1C:0B:4F:60:5D:77:A6:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1g9F98xLaR_UoxwfHAtPYF13pu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/N8yf-GjUPHFkz2Vi0A2Ts7WH1DY.roa
Signing time: Mon 02 Jan 2023 00:05:02 +0000
ROA not before: Mon 02 Jan 2023 00:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212972
IP address blocks: 2a0e:e704:43::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:c0:91:1b:c9:85:dd:6d:bb:3c:84:62:92:43:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60f45f7cc4b691fd4a31c1f1c0b4f605d77a6ef
Validity
Not Before: Jan 2 00:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37cc9ff868d43c7164cf6562d00d93b3b587d436
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:98:fd:cd:3e:97:e5:e2:72:1d:c8:87:f5:e3:
04:21:2a:ba:d3:44:2a:f3:94:30:60:13:9f:91:9b:
c7:29:b5:7e:7f:b8:75:e5:92:aa:6c:94:83:08:f9:
d0:87:45:06:ef:57:e3:c0:02:f6:3f:8a:c0:48:d0:
50:77:2a:8a:3f:8a:e3:36:1a:a6:08:67:df:11:b9:
c5:89:da:f4:6a:9d:e6:31:bc:21:1a:98:1b:30:4f:
93:2e:6a:91:73:40:85:be:5f:a6:e3:d2:4c:08:2d:
c6:64:00:08:d6:da:ac:63:f8:b4:0f:b5:0d:b0:6b:
f3:5c:62:5e:02:fa:27:90:9d:d5:63:63:52:58:3e:
e7:35:43:43:a2:2b:df:d3:0d:ee:a9:60:28:31:c9:
01:ce:d5:0b:68:8c:82:b9:c0:80:a6:6c:b4:f1:f2:
06:75:0e:f6:16:3d:64:e5:af:8a:fa:52:44:5c:03:
b5:88:5b:70:84:71:b2:10:c8:f8:c5:76:cd:7b:b2:
34:03:d7:ae:98:ee:be:06:66:74:14:fb:3c:3d:e0:
51:6d:a3:99:13:88:d9:ad:3c:97:2d:ab:14:38:8b:
5c:15:5c:9c:d8:d6:af:4c:db:7a:68:60:c5:8a:45:
0f:f2:c7:b5:71:b8:86:f8:5b:5f:e4:9b:1a:6b:5c:
b0:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:CC:9F:F8:68:D4:3C:71:64:CF:65:62:D0:0D:93:B3:B5:87:D4:36
X509v3 Authority Key Identifier:
keyid:D6:0F:45:F7:CC:4B:69:1F:D4:A3:1C:1F:1C:0B:4F:60:5D:77:A6:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1g9F98xLaR_UoxwfHAtPYF13pu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/N8yf-GjUPHFkz2Vi0A2Ts7WH1DY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/1g9F98xLaR_UoxwfHAtPYF13pu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:e704:43::/48
Signature Algorithm: sha256WithRSAEncryption
b0:74:76:82:22:c4:7d:9f:53:16:73:58:c8:23:6c:43:6a:98:
cf:0c:77:17:88:da:19:75:7d:bb:79:98:c0:f9:26:36:35:c7:
5d:69:63:bb:a8:16:d1:8a:05:bd:4e:be:7a:28:0e:3f:69:cf:
6e:cf:87:00:0e:e0:42:97:24:1e:96:e9:28:33:2b:7a:9d:d9:
04:ca:fe:eb:4d:47:a8:66:9e:f0:05:b8:76:ed:7b:60:76:f6:
c1:ca:63:8e:db:d7:e7:03:fc:5d:6e:2e:44:08:64:fa:d6:17:
24:30:fa:73:a1:6b:be:11:48:d6:29:22:28:38:52:52:40:bb:
1c:fc:09:17:4f:06:5d:4c:3f:55:fd:85:df:da:ed:f4:94:06:
49:a5:c6:47:64:76:8f:51:d6:ea:aa:0f:b4:46:43:98:5d:f9:
2e:99:15:2e:d3:9f:2b:13:6c:59:81:63:d7:7e:74:2b:b3:c0:
21:ff:e0:a2:e0:04:bf:1a:88:b4:6c:6a:7b:07:dc:2a:55:e3:
8c:ac:f6:f1:a2:89:93:7d:b2:ac:3d:6c:de:3d:4b:8a:e5:54:
f4:b6:4d:32:80:dc:fc:b1:5e:e1:50:be:d0:15:1a:78:07:c1:
4a:79:7f:ca:6b:b3:de:28:c3:12:a3:13:69:7e:d3:29:9e:bb:
36:51:bf:8a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvy8CRG8mF3W27PIRikkNDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MGY0NWY3Y2M0YjY5MWZkNGEzMWMxZjFjMGI0ZjYwNWQ3
N2E2ZWYwHhcNMjMwMTAyMDAwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2NjOWZmODY4ZDQzYzcxNjRjZjY1NjJkMDBkOTNiM2I1ODdkNDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJj9zT6X5eJyHciH9eMEISq600Qq
85QwYBOfkZvHKbV+f7h15ZKqbJSDCPnQh0UG71fjwAL2P4rASNBQdyqKP4rjNhqm
CGffEbnFidr0ap3mMbwhGpgbME+TLmqRc0CFvl+m49JMCC3GZAAI1tqsY/i0D7UN
sGvzXGJeAvonkJ3VY2NSWD7nNUNDoivf0w3uqWAoMckBztULaIyCucCApmy08fIG
dQ72Fj1k5a+K+lJEXAO1iFtwhHGyEMj4xXbNe7I0A9eumO6+BmZ0FPs8PeBRbaOZ
E4jZrTyXLasUOItcFVyc2NavTNt6aGDFikUP8se1cbiG+Ftf5Jsaa1ywnQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDfMn/ho1DxxZM9lYtANk7O1h9Q2MB8GA1UdIwQY
MBaAFNYPRffMS2kf1KMcHxwLT2Bdd6bvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWc5Rjk4eExhUl9Vb3h3ZkhBdFBZRjEzcHU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hZDMwNDQtY2RjZS00NmNmLTkyYzkt
YTk1NGQwNTM5OTRhLzEvTjh5Zi1HalVQSEZrejJWaTBBMlRzN1dIMURZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hZDMwNDQtY2RjZS00NmNmLTkyYzktYTk1NGQwNTM5OTRh
LzEvMWc5Rjk4eExhUl9Vb3h3ZkhBdFBZRjEzcHU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg7nBABD
MA0GCSqGSIb3DQEBCwUAA4IBAQCwdHaCIsR9n1MWc1jII2xDapjPDHcXiNoZdX27
eZjA+SY2NcddaWO7qBbRigW9Tr56KA4/ac9uz4cADuBClyQelukoMyt6ndkEyv7r
TUeoZp7wBbh27XtgdvbBymOO29fnA/xdbi5ECGT61hckMPpzoWu+EUjWKSIoOFJS
QLsc/AkXTwZdTD9V/YXf2u30lAZJpcZHZHaPUdbqqg+0RkOYXfkumRUu058rE2xZ
gWPXfnQrs8Ah/+Ci4AS/Goi0bGp7B9wqVeOMrPbxoomTfbKsPWzePUuK5VT0tk0y
gNz8sV7hUL7QFRp4B8FKeX/Ka7PeKMMSoxNpftMpnrs2Ub+K
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:19 2024 by rpki-client on console-ams.rpki-client.org