Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/Ig5dlBdI93LgE4PCebvo3fVBbYI.roa
File: Ig5dlBdI93LgE4PCebvo3fVBbYI.roa (raw, json)
Hash identifier: lSlOMu3r/rUrHLBWwEQPwZKR9uefXSmsKsdgFX8rEGs=
Subject key identifier: 22:0E:5D:94:17:48:F7:72:E0:13:83:C2:79:BB:E8:DD:F5:41:6D:82
Certificate issuer: /CN=111d6814375271d1a3cbd12155db11d2bd41a8d3
Certificate serial: 01856DB88352EC20F37A3ABCB542DF4536C9
Authority key identifier: 11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/Ig5dlBdI93LgE4PCebvo3fVBbYI.roa
Signing time: Sun 01 Jan 2023 14:24:46 +0000
ROA not before: Sun 01 Jan 2023 14:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30780
IP address blocks: 2a06:1e00:48::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:b8:83:52:ec:20:f3:7a:3a:bc:b5:42:df:45:36:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=111d6814375271d1a3cbd12155db11d2bd41a8d3
Validity
Not Before: Jan 1 14:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=220e5d941748f772e01383c279bbe8ddf5416d82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:9e:a8:d6:7f:3c:dd:20:d1:9f:11:29:49:bf:
69:18:99:b1:fa:bc:0a:70:8f:17:1c:a6:4e:d2:bc:
58:2f:3e:1f:65:62:d4:65:0b:d0:6d:ef:b7:70:4f:
04:bf:91:b7:26:e3:37:48:32:76:e6:ee:b4:45:a6:
d7:6e:83:7b:54:92:77:3f:ee:a8:7a:cc:ae:b3:9e:
29:c9:89:57:e9:ae:59:3a:e9:47:40:f2:d1:b8:ca:
8b:e5:3d:7f:e8:1f:3f:95:bd:76:95:d2:5a:f6:bc:
d9:c1:e9:2c:de:21:bd:af:d9:cf:f1:4a:01:9b:0f:
2a:55:a0:1e:d6:52:b4:d8:c6:e2:d4:dc:94:fc:1a:
3f:96:73:22:87:82:9e:d4:19:df:42:0c:f2:c7:ba:
e8:eb:4e:db:49:54:3e:92:4e:a7:77:ce:af:c1:26:
e4:7c:30:16:21:48:76:8b:ee:18:cc:82:11:4f:93:
c5:c8:49:b1:6d:1c:8c:a2:d8:d1:75:9d:2a:d7:41:
bf:60:99:c7:28:75:20:3f:e3:ad:d5:14:1e:c2:da:
27:72:6c:c2:71:02:45:cc:f3:55:c6:9b:8d:9b:13:
f6:1f:3d:f2:e5:a6:dd:a1:49:6b:9e:7c:c5:38:fc:
57:1a:9a:12:4f:3b:77:b1:85:4e:ee:2a:1b:ba:cb:
c2:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:0E:5D:94:17:48:F7:72:E0:13:83:C2:79:BB:E8:DD:F5:41:6D:82
X509v3 Authority Key Identifier:
keyid:11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/Ig5dlBdI93LgE4PCebvo3fVBbYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:1e00:48::/48
Signature Algorithm: sha256WithRSAEncryption
99:e3:60:50:24:f9:2d:da:57:f3:e9:ce:b4:33:91:10:36:13:
a6:86:8a:a6:e7:ea:53:b6:49:d9:80:51:c9:da:32:05:f6:4f:
db:01:c4:24:b7:e9:d3:b1:f8:8e:27:5a:c1:4a:57:99:20:8c:
41:92:b0:b4:37:7c:3f:09:ba:e5:d9:ac:66:fe:5d:a3:cd:50:
5a:ca:48:f7:33:7c:3e:e6:74:76:c7:ee:3b:c2:bf:0a:c7:9a:
d9:9d:bc:85:75:5e:e6:50:70:4a:34:c0:66:b8:61:ae:04:da:
2a:83:79:62:4d:9f:05:55:92:e5:45:1c:2c:85:da:3d:0a:6c:
11:6b:51:1f:ab:74:20:70:29:51:f9:4a:85:d0:7f:04:bc:e1:
cd:16:84:89:2c:ae:13:d3:56:27:54:bb:a9:6a:b0:17:df:f8:
5f:89:6c:08:5f:c9:aa:a4:4d:9b:ce:21:6f:ef:33:de:2f:78:
9f:99:19:3c:ec:d1:23:e7:86:da:0d:f6:a1:99:62:24:d8:4f:
09:a1:8d:12:53:ff:68:9b:10:e4:7d:7d:b2:5f:86:ef:db:48:
fb:ef:61:63:f0:bb:20:2c:f1:94:6b:67:7f:d8:b0:28:42:56:
87:48:45:1e:ef:b1:ab:38:3b:de:c0:f6:4c:48:5a:42:3d:8a:
09:2c:69:e7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtuINS7CDzejq8tULfRTbJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMWQ2ODE0Mzc1MjcxZDFhM2NiZDEyMTU1ZGIxMWQyYmQ0
MWE4ZDMwHhcNMjMwMTAxMTQyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjBlNWQ5NDE3NDhmNzcyZTAxMzgzYzI3OWJiZThkZGY1NDE2ZDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjp6o1n883SDRnxEpSb9pGJmx+rwK
cI8XHKZO0rxYLz4fZWLUZQvQbe+3cE8Ev5G3JuM3SDJ25u60RabXboN7VJJ3P+6o
esyus54pyYlX6a5ZOulHQPLRuMqL5T1/6B8/lb12ldJa9rzZweks3iG9r9nP8UoB
mw8qVaAe1lK02Mbi1NyU/Bo/lnMih4Ke1BnfQgzyx7ro607bSVQ+kk6nd86vwSbk
fDAWIUh2i+4YzIIRT5PFyEmxbRyMotjRdZ0q10G/YJnHKHUgP+Ot1RQewtoncmzC
cQJFzPNVxpuNmxP2Hz3y5abdoUlrnnzFOPxXGpoSTzt3sYVO7iobusvCRQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCIOXZQXSPdy4BODwnm76N31QW2CMB8GA1UdIwQY
MBaAFBEdaBQ3UnHRo8vRIVXbEdK9QajTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVIxb0ZEZFNjZEdqeTlFaFZkc1IwcjFCcU5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9hOGIxNGItZmIyNS00N2Y4LThiMGQt
MjcxZDI1ZTIwNTc0LzEvSWc1ZGxCZEk5M0xnRTRQQ2Vidm8zZlZCYllJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9hOGIxNGItZmIyNS00N2Y4LThiMGQtMjcxZDI1ZTIwNTc0
LzEvRVIxb0ZEZFNjZEdqeTlFaFZkc1IwcjFCcU5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgYeAABI
MA0GCSqGSIb3DQEBCwUAA4IBAQCZ42BQJPkt2lfz6c60M5EQNhOmhoqm5+pTtknZ
gFHJ2jIF9k/bAcQkt+nTsfiOJ1rBSleZIIxBkrC0N3w/Cbrl2axm/l2jzVBaykj3
M3w+5nR2x+47wr8Kx5rZnbyFdV7mUHBKNMBmuGGuBNoqg3liTZ8FVZLlRRwshdo9
CmwRa1Efq3QgcClR+UqF0H8EvOHNFoSJLK4T01YnVLuparAX3/hfiWwIX8mqpE2b
ziFv7zPeL3ifmRk87NEj54baDfahmWIk2E8JoY0SU/9omxDkfX2yX4bv20j772Fj
8LsgLPGUa2d/2LAoQlaHSEUe77GrODvewPZMSFpCPYoJLGnn
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:36:10 2024 by rpki-client on console-ams.rpki-client.org