Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/10k0s5ODnk51GxUqpYL4FS85hQs.roa
File: 10k0s5ODnk51GxUqpYL4FS85hQs.roa (raw, json)
Hash identifier: BsrCjdWNm66ru9dLcj5iQNEtKzkmAM78NP1D8ZL6qqY=
Subject key identifier: D7:49:34:B3:93:83:9E:4E:75:1B:15:2A:A5:82:F8:15:2F:39:85:0B
Certificate issuer: /CN=111d6814375271d1a3cbd12155db11d2bd41a8d3
Certificate serial: 01856DB885124AA8D65E110EF345DDD31F70
Authority key identifier: 11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/10k0s5ODnk51GxUqpYL4FS85hQs.roa
Signing time: Sun 01 Jan 2023 14:24:47 +0000
ROA not before: Sun 01 Jan 2023 14:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210075
IP address blocks: 2a06:1e00:27::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:b8:85:12:4a:a8:d6:5e:11:0e:f3:45:dd:d3:1f:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=111d6814375271d1a3cbd12155db11d2bd41a8d3
Validity
Not Before: Jan 1 14:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d74934b393839e4e751b152aa582f8152f39850b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:1d:7d:88:34:6b:d8:d8:31:37:4a:41:e8:04:
cf:a5:46:05:2a:06:74:ec:d5:b8:88:5e:95:bd:95:
01:3f:93:61:da:90:65:82:84:f5:95:84:19:df:47:
02:73:b7:fd:a8:67:1b:e6:d3:c1:e5:49:ba:63:5b:
88:45:c7:c8:0d:b1:71:e0:19:fb:91:84:9f:ed:0e:
e3:ff:69:11:e4:9c:61:78:4b:d0:21:51:dc:05:5c:
e9:71:2f:e4:3e:bd:af:a2:0c:e1:57:83:2e:c6:5b:
4d:fc:0b:0c:5b:06:2f:0f:60:c4:84:44:42:ce:50:
e8:32:fc:bc:71:f6:24:85:c1:99:d9:f7:86:b5:43:
f9:d2:19:30:95:81:19:95:79:f5:ea:ac:3d:a8:ba:
36:76:2b:d0:94:59:b4:3d:4b:3a:31:6a:e9:27:8b:
72:b1:3b:2d:39:be:4d:62:23:fc:a0:66:94:8b:8d:
82:fd:67:34:00:26:63:90:bb:fd:8d:1f:66:78:e3:
5b:7c:67:e4:8f:ae:e7:14:ec:80:ee:87:20:dd:e8:
41:7a:1c:e1:77:b1:10:d2:0e:cb:0e:0b:ae:3d:da:
db:23:b8:84:2f:f6:ba:23:8e:82:7a:29:9b:d8:26:
db:8f:49:4d:57:10:a2:08:f5:ae:be:14:e5:1c:80:
30:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:49:34:B3:93:83:9E:4E:75:1B:15:2A:A5:82:F8:15:2F:39:85:0B
X509v3 Authority Key Identifier:
keyid:11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/10k0s5ODnk51GxUqpYL4FS85hQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:1e00:27::/48
Signature Algorithm: sha256WithRSAEncryption
64:dd:35:7c:17:60:74:8a:7a:65:dc:73:60:a7:e0:3c:0a:28:
c5:88:8b:e5:64:92:bb:1a:5b:7c:b2:03:7d:f8:a6:9f:d7:ff:
8b:e7:d5:f1:b2:e0:48:87:6d:69:f4:51:cc:a1:82:ec:a7:c0:
ed:cb:19:c2:e1:34:fd:cf:81:c2:6c:18:e3:9b:a1:a7:cc:73:
54:e2:1e:38:2a:cf:f0:7b:ba:27:f6:7d:6a:78:71:ba:25:9c:
66:a0:ad:4b:48:21:35:e6:bd:c9:51:9a:73:ed:38:07:f0:95:
c4:f0:5f:ab:13:31:f9:d1:b1:10:d8:15:d1:09:fe:6e:08:ab:
89:37:52:17:e7:d0:9d:2a:f0:f4:db:46:f1:d3:a3:c9:5e:32:
8c:1a:04:a6:06:e6:82:7a:88:ae:1f:ad:b3:c2:f6:a1:36:b4:
bd:c0:9c:ff:39:53:2e:1a:c2:0b:f5:ac:6d:d0:06:fc:52:0c:
f9:18:c0:2d:c8:c9:c2:e5:78:c0:da:0a:18:7a:c0:da:ff:e4:
4c:f1:0a:f9:4c:b8:98:c6:97:11:b1:73:50:70:82:23:ca:ce:
4a:40:66:cc:60:14:8f:8b:34:d3:1d:48:9b:8e:3e:cd:71:e0:
c4:a6:cf:62:cb:af:a7:25:6b:06:3e:ea:90:1c:a6:62:46:68:
65:9a:0c:40
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtuIUSSqjWXhEO80Xd0x9wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMWQ2ODE0Mzc1MjcxZDFhM2NiZDEyMTU1ZGIxMWQyYmQ0
MWE4ZDMwHhcNMjMwMTAxMTQyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzQ5MzRiMzkzODM5ZTRlNzUxYjE1MmFhNTgyZjgxNTJmMzk4NTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiB19iDRr2NgxN0pB6ATPpUYFKgZ0
7NW4iF6VvZUBP5Nh2pBlgoT1lYQZ30cCc7f9qGcb5tPB5Um6Y1uIRcfIDbFx4Bn7
kYSf7Q7j/2kR5JxheEvQIVHcBVzpcS/kPr2vogzhV4MuxltN/AsMWwYvD2DEhERC
zlDoMvy8cfYkhcGZ2feGtUP50hkwlYEZlXn16qw9qLo2divQlFm0PUs6MWrpJ4ty
sTstOb5NYiP8oGaUi42C/Wc0ACZjkLv9jR9meONbfGfkj67nFOyA7ocg3ehBehzh
d7EQ0g7LDguuPdrbI7iEL/a6I46Ceimb2Cbbj0lNVxCiCPWuvhTlHIAwuwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNdJNLOTg55OdRsVKqWC+BUvOYULMB8GA1UdIwQY
MBaAFBEdaBQ3UnHRo8vRIVXbEdK9QajTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVIxb0ZEZFNjZEdqeTlFaFZkc1IwcjFCcU5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9hOGIxNGItZmIyNS00N2Y4LThiMGQt
MjcxZDI1ZTIwNTc0LzEvMTBrMHM1T0RuazUxR3hVcXBZTDRGUzg1aFFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9hOGIxNGItZmIyNS00N2Y4LThiMGQtMjcxZDI1ZTIwNTc0
LzEvRVIxb0ZEZFNjZEdqeTlFaFZkc1IwcjFCcU5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgYeAAAn
MA0GCSqGSIb3DQEBCwUAA4IBAQBk3TV8F2B0inpl3HNgp+A8CijFiIvlZJK7Glt8
sgN9+Kaf1/+L59XxsuBIh21p9FHMoYLsp8DtyxnC4TT9z4HCbBjjm6GnzHNU4h44
Ks/we7on9n1qeHG6JZxmoK1LSCE15r3JUZpz7TgH8JXE8F+rEzH50bEQ2BXRCf5u
CKuJN1IX59CdKvD020bx06PJXjKMGgSmBuaCeoiuH62zwvahNrS9wJz/OVMuGsIL
9axt0Ab8Ugz5GMAtyMnC5XjA2goYesDa/+RM8Qr5TLiYxpcRsXNQcIIjys5KQGbM
YBSPizTTHUibjj7NceDEps9iy6+nJWsGPuqQHKZiRmhlmgxA
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:36:10 2024 by rpki-client on console-ams.rpki-client.org