Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/YJvaD_s0Lld4LFej3m3eTfe_A3A.roa
File: YJvaD_s0Lld4LFej3m3eTfe_A3A.roa (raw, json)
Hash identifier: 4nqe5bBp0l3XzBFldC+GWm1ncAGK9cfzh8vAlOxUFpM=
Subject key identifier: 60:9B:DA:0F:FB:34:2E:57:78:2C:57:A3:DE:6D:DE:4D:F7:BF:03:70
Certificate issuer: /CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Certificate serial: 01856EA6B452B902EB36889C8E8AECD1C680
Authority key identifier: 10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/YJvaD_s0Lld4LFej3m3eTfe_A3A.roa
Signing time: Sun 01 Jan 2023 18:44:56 +0000
ROA not before: Sun 01 Jan 2023 18:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39150
IP address blocks: 2a02:d0c0::/32 maxlen: 32
2a02:ec40::/29 maxlen: 29
2a02:d0c1::/32 maxlen: 32
2a02:ec40::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:b4:52:b9:02:eb:36:88:9c:8e:8a:ec:d1:c6:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Validity
Not Before: Jan 1 18:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=609bda0ffb342e57782c57a3de6dde4df7bf0370
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:34:25:fa:4b:4f:4a:d5:b0:4b:2c:3c:a3:1a:
81:dd:12:56:90:6a:d2:5f:78:19:79:88:9e:d0:0b:
55:81:e9:e9:5a:a3:33:56:09:a7:5d:e7:22:27:f2:
d5:71:b8:c5:49:fc:cf:bb:d3:4f:58:48:9b:24:0f:
51:d6:b6:d4:da:fa:58:27:c9:1a:a2:72:58:b1:d2:
fa:66:34:18:18:66:a2:65:50:06:9f:9b:d5:be:4c:
80:57:41:8e:43:bd:a1:dc:fd:f6:d1:44:f4:2b:85:
64:fd:69:cd:ce:e6:a8:f9:4c:2c:05:c9:1d:76:56:
b1:f7:80:95:2b:3e:64:12:86:27:d8:9a:ae:96:5e:
57:93:e9:27:4a:f5:61:fa:31:9a:68:b9:65:43:e0:
e3:bb:a6:d5:e2:5e:90:27:ab:92:9d:9c:35:b4:d9:
5d:06:87:2d:39:6e:72:96:67:2e:1e:1d:c4:f8:3d:
11:65:eb:19:c4:ca:37:2f:4d:df:46:c0:cd:dd:40:
df:31:c0:a0:f0:10:43:1e:32:27:e2:b2:3b:73:c0:
6d:1a:2e:16:dd:47:ac:08:67:8b:42:fe:63:ac:e7:
1f:01:af:97:b7:cb:68:10:f7:c3:9b:9f:0d:4e:18:
e2:e6:b1:8c:6a:72:37:df:b5:13:98:8b:a9:4e:8c:
f0:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:9B:DA:0F:FB:34:2E:57:78:2C:57:A3:DE:6D:DE:4D:F7:BF:03:70
X509v3 Authority Key Identifier:
keyid:10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/YJvaD_s0Lld4LFej3m3eTfe_A3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/EEXazIN3mMPmzzH00nlGozsN5mE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:d0c0::/31
2a02:ec40::/29
Signature Algorithm: sha256WithRSAEncryption
4a:39:42:81:f8:7a:2b:d8:04:ea:99:58:42:1b:71:53:de:74:
4c:53:9d:2e:1f:53:c7:e1:4d:96:1c:05:c6:79:51:cd:50:b0:
27:0a:c6:28:5c:54:3e:68:08:62:f4:b2:be:85:f8:69:e3:ff:
2c:98:75:54:a9:68:81:b9:a2:d5:c2:9a:bc:b7:e4:1b:8d:94:
05:e1:05:42:16:b7:b7:72:bc:73:47:45:f0:04:2a:11:1f:d4:
58:f5:20:99:c2:4f:6a:ee:fc:27:7f:a7:eb:38:a8:fc:93:0e:
dc:67:91:bd:9d:bf:c4:2e:8e:23:a4:3c:65:6a:b9:31:a3:f9:
89:fe:24:ed:03:74:a9:24:c1:e1:e1:b1:f0:1a:ef:ec:72:4b:
72:92:36:7c:25:cd:ee:b6:43:b6:92:b5:fa:f8:86:4e:c2:ea:
fb:f6:4f:ef:e4:49:28:28:98:c8:67:54:a7:71:f5:6a:cb:5c:
b4:02:31:ed:90:ee:bf:f4:73:2b:6c:01:8a:fc:3e:fd:06:56:
70:2c:55:87:05:06:de:6f:7f:62:9d:ea:c5:22:7b:8c:6b:a0:
52:ba:0d:9e:c0:c9:bc:c5:56:fe:b3:de:aa:74:79:96:da:f4:
62:dd:a9:0e:93:ed:8f:74:0e:25:ef:d9:cd:af:c6:19:b5:14:
c0:ce:03:4c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVuprRSuQLrNoicjors0caAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNDVkYWNjODM3Nzk4YzNlNmNmMzFmNGQyNzk0NmEzM2Iw
ZGU2NjEwHhcNMjMwMTAxMTg0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDliZGEwZmZiMzQyZTU3NzgyYzU3YTNkZTZkZGU0ZGY3YmYwMzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTQl+ktPStWwSyw8oxqB3RJWkGrS
X3gZeYie0AtVgenpWqMzVgmnXeciJ/LVcbjFSfzPu9NPWEibJA9R1rbU2vpYJ8ka
onJYsdL6ZjQYGGaiZVAGn5vVvkyAV0GOQ72h3P320UT0K4Vk/WnNzuao+UwsBckd
dlax94CVKz5kEoYn2Jqull5Xk+knSvVh+jGaaLllQ+Dju6bV4l6QJ6uSnZw1tNld
BoctOW5ylmcuHh3E+D0RZesZxMo3L03fRsDN3UDfMcCg8BBDHjIn4rI7c8BtGi4W
3UesCGeLQv5jrOcfAa+Xt8toEPfDm58NThji5rGManI337UTmIupTozwAwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGCb2g/7NC5XeCxXo95t3k33vwNwMB8GA1UdIwQY
MBaAFBBF2syDd5jD5s8x9NJ5RqM7DeZhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUVYYXpJTjNtTVBtenpIMDBubEdvenNONW1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8yNjZjYWYtM2I0My00OWUwLWI2ZTEt
OWMxNzRlNTNlNGZlLzEvWUp2YURfczBMbGQ0TEZlajNtM2VUZmVfQTNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8yNjZjYWYtM2I0My00OWUwLWI2ZTEtOWMxNzRlNTNlNGZl
LzEvRUVYYXpJTjNtTVBtenpIMDBubEdvenNONW1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUBKgLQwAMF
AyoC7EAwDQYJKoZIhvcNAQELBQADggEBAEo5QoH4eivYBOqZWEIbcVPedExTnS4f
U8fhTZYcBcZ5Uc1QsCcKxihcVD5oCGL0sr6F+Gnj/yyYdVSpaIG5otXCmry35BuN
lAXhBUIWt7dyvHNHRfAEKhEf1Fj1IJnCT2ru/Cd/p+s4qPyTDtxnkb2dv8QujiOk
PGVquTGj+Yn+JO0DdKkkweHhsfAa7+xyS3KSNnwlze62Q7aStfr4hk7C6vv2T+/k
SSgomMhnVKdx9WrLXLQCMe2Q7r/0cytsAYr8Pv0GVnAsVYcFBt5vf2Kd6sUie4xr
oFK6DZ7AybzFVv6z3qp0eZba9GLdqQ6T7Y90DiXv2c2vxhm1FMDOA0w=
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:10:27 2024 by rpki-client on console-fra.rpki-client.org