Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/i0W-4f8qC1tXgermwUTF4GjzeqM.roa
File: i0W-4f8qC1tXgermwUTF4GjzeqM.roa (raw, json)
Hash identifier: 4vyPSPuN3NifzrGz/nPny55qL8yc6t2kK7FcN98DYHk=
Subject key identifier: 8B:45:BE:E1:FF:2A:0B:5B:57:81:EA:E6:C1:44:C5:E0:68:F3:7A:A3
Certificate issuer: /CN=01626ffd800eafa336bdf343141f03f7c393c364
Certificate serial: 01856D018FC1FE4BD866FC3283620ADF1A82
Authority key identifier: 01:62:6F:FD:80:0E:AF:A3:36:BD:F3:43:14:1F:03:F7:C3:93:C3:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/i0W-4f8qC1tXgermwUTF4GjzeqM.roa
Signing time: Sun 01 Jan 2023 11:04:56 +0000
ROA not before: Sun 01 Jan 2023 11:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3573
IP address blocks: 2a02:ee80:4066::/48 maxlen: 48
2a02:ee80:4066::/47 maxlen: 47
2a02:ee80:4171::/48 maxlen: 48
2a02:ee80:415c::/47 maxlen: 47
2a02:ee80:4067::/48 maxlen: 48
2a02:ee80:404a::/48 maxlen: 48
2a02:ee80:404a::/47 maxlen: 47
2a02:ee80:4170::/48 maxlen: 48
2a02:ee80:41a8::/47 maxlen: 47
2a02:ee80:4170::/47 maxlen: 47
2a02:ee80:404b::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:8f:c1:fe:4b:d8:66:fc:32:83:62:0a:df:1a:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01626ffd800eafa336bdf343141f03f7c393c364
Validity
Not Before: Jan 1 11:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b45bee1ff2a0b5b5781eae6c144c5e068f37aa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:bc:49:e1:ca:44:60:be:fc:0e:1d:dd:78:e2:
58:ee:ad:50:3f:9f:c5:f1:1c:2e:6a:b2:f6:0d:26:
5f:89:15:f0:5e:ce:61:d3:cf:a0:4a:bc:5d:f8:03:
22:2a:81:65:f0:4b:88:a9:62:30:00:68:5d:a5:63:
cc:27:95:ae:2f:5f:2c:35:4f:d5:25:bd:73:de:bd:
eb:e8:8a:38:68:83:e4:82:1a:a6:c5:fa:dc:dd:fe:
2b:e1:7a:8d:b5:9d:07:52:1f:bb:15:d8:4d:e4:ca:
22:1b:b4:1f:1a:9b:31:a7:8d:0b:58:b5:fa:e7:eb:
db:c8:72:e4:77:2e:12:5e:9f:ed:f7:9b:e4:e0:77:
32:65:bb:d4:87:22:04:44:66:71:12:60:fa:b4:ee:
90:72:63:83:2c:73:d4:8a:25:8f:bf:07:26:84:87:
07:49:73:2c:7f:c3:4d:1a:2e:71:f2:91:77:4e:f1:
b9:0f:08:a5:ec:c7:d1:9e:80:54:ab:7f:69:c1:e5:
f8:e8:71:38:79:34:e1:88:85:21:01:95:f9:f6:fb:
b0:08:4b:b0:f7:4f:f1:a9:5d:4a:85:e2:c3:5f:75:
6e:a4:d1:a1:14:00:39:c2:d1:4e:af:be:43:bc:49:
86:81:38:e5:90:86:f6:da:38:98:59:f2:f1:12:74:
56:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:45:BE:E1:FF:2A:0B:5B:57:81:EA:E6:C1:44:C5:E0:68:F3:7A:A3
X509v3 Authority Key Identifier:
keyid:01:62:6F:FD:80:0E:AF:A3:36:BD:F3:43:14:1F:03:F7:C3:93:C3:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/i0W-4f8qC1tXgermwUTF4GjzeqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/AWJv_YAOr6M2vfNDFB8D98OTw2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:ee80:404a::/47
2a02:ee80:4066::/47
2a02:ee80:415c::/47
2a02:ee80:4170::/47
2a02:ee80:41a8::/47
Signature Algorithm: sha256WithRSAEncryption
25:9e:cb:1d:3f:24:e6:d4:a2:f7:8b:82:fb:48:ca:e8:b1:f8:
00:65:28:0b:8b:3a:30:74:a0:7b:b8:9d:4c:c0:76:cb:99:e2:
6a:c6:c8:04:6b:1a:1d:01:31:27:53:a7:98:c8:be:51:3b:31:
63:c9:db:6d:f5:91:92:bc:fc:2d:54:53:8d:ff:3f:5a:96:ea:
cb:ac:2a:a3:6e:13:20:8d:4d:5f:97:da:29:fd:bc:af:72:d2:
47:a7:71:a2:22:b0:dd:e7:21:73:d6:4a:c6:11:2e:ae:d3:b3:
1c:a9:cb:fa:0c:86:42:a0:0e:04:1c:f2:50:49:85:da:53:d1:
31:9b:3d:69:8f:f9:da:3b:f9:ad:f5:b3:55:6b:8b:50:4e:3c:
62:eb:fe:02:cf:65:f4:7d:6d:ea:64:95:3b:c9:d2:9f:dd:bd:
8d:99:3a:62:f0:78:43:ee:e4:8b:6d:b9:75:50:28:5f:23:31:
62:3d:5d:65:8e:c0:e7:63:e9:3e:88:27:50:c7:3b:d5:7b:8e:
9b:d3:a9:88:68:a5:9d:d4:cb:9a:fa:62:b5:53:26:f5:d5:3d:
c3:0b:1b:c7:0e:bd:4d:30:00:fd:34:dc:ef:57:f0:f6:b9:95:
e7:a7:30:9a:84:bf:2c:e1:b1:62:47:54:c7:46:0e:24:5f:f8:
ae:59:58:b3
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVtAY/B/kvYZvwyg2IK3xqCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNjI2ZmZkODAwZWFmYTMzNmJkZjM0MzE0MWYwM2Y3YzM5
M2MzNjQwHhcNMjMwMTAxMTEwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjQ1YmVlMWZmMmEwYjViNTc4MWVhZTZjMTQ0YzVlMDY4ZjM3YWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLxJ4cpEYL78Dh3deOJY7q1QP5/F
8RwuarL2DSZfiRXwXs5h08+gSrxd+AMiKoFl8EuIqWIwAGhdpWPMJ5WuL18sNU/V
Jb1z3r3r6Io4aIPkghqmxfrc3f4r4XqNtZ0HUh+7FdhN5MoiG7QfGpsxp40LWLX6
5+vbyHLkdy4SXp/t95vk4HcyZbvUhyIERGZxEmD6tO6QcmODLHPUiiWPvwcmhIcH
SXMsf8NNGi5x8pF3TvG5Dwil7MfRnoBUq39pweX46HE4eTThiIUhAZX59vuwCEuw
90/xqV1KheLDX3VupNGhFAA5wtFOr75DvEmGgTjlkIb22jiYWfLxEnRW9wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFItFvuH/KgtbV4Hq5sFExeBo83qjMB8GA1UdIwQY
MBaAFAFib/2ADq+jNr3zQxQfA/fDk8NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVdKdl9ZQU9yNk0ydmZOREZCOEQ5OE9UdzJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jNGU1YTAtODIxOS00ZmY5LTgyODct
MWY0YmVhMjNlNGM3LzEvaTBXLTRmOHFDMXRYZ2VybXdVVEY0R2p6ZXFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jNGU1YTAtODIxOS00ZmY5LTgyODctMWY0YmVhMjNlNGM3
LzEvQVdKdl9ZQU9yNk0ydmZOREZCOEQ5OE9UdzJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAAjAtAwcBKgLugEBK
AwcBKgLugEBmAwcBKgLugEFcAwcBKgLugEFwAwcBKgLugEGoMA0GCSqGSIb3DQEB
CwUAA4IBAQAlnssdPyTm1KL3i4L7SMrosfgAZSgLizowdKB7uJ1MwHbLmeJqxsgE
axodATEnU6eYyL5ROzFjydtt9ZGSvPwtVFON/z9alurLrCqjbhMgjU1fl9op/byv
ctJHp3GiIrDd5yFz1krGES6u07Mcqcv6DIZCoA4EHPJQSYXaU9Exmz1pj/naO/mt
9bNVa4tQTjxi6/4Cz2X0fW3qZJU7ydKf3b2NmTpi8HhD7uSLbbl1UChfIzFiPV1l
jsDnY+k+iCdQxzvVe46b06mIaKWd1Mua+mK1Uyb11T3DCxvHDr1NMAD9NNzvV/D2
uZXnpzCahL8s4bFiR1THRg4kX/iuWViz
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:17:07 2024 by rpki-client on console-ams.rpki-client.org