Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/d097bf-b0f5-43e1-86a2-cfb8da549067/1/V3cLHsQL-76fbOD9yviTuxuMa1A.roa
File: V3cLHsQL-76fbOD9yviTuxuMa1A.roa (raw, json)
Hash identifier: mXujLEEBvaninAHAk65pNla0VlrecRrEDB+Aiow3fGI=
Subject key identifier: 57:77:0B:1E:C4:0B:FB:BE:9F:6C:E0:FD:CA:F8:93:BB:1B:8C:6B:50
Certificate issuer: /CN=2a1e65f8083c859bcd0d2c52a1e061eb5131f5f1
Certificate serial: 01893F99CF733D7015E0052A05A97624B6C6
Authority key identifier: 2A:1E:65:F8:08:3C:85:9B:CD:0D:2C:52:A1:E0:61:EB:51:31:F5:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kh5l-Ag8hZvNDSxSoeBh61Ex9fE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/d097bf-b0f5-43e1-86a2-cfb8da549067/1/V3cLHsQL-76fbOD9yviTuxuMa1A.roa
Signing time: Mon 10 Jul 2023 11:39:52 +0000
ROA not before: Mon 10 Jul 2023 11:39:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210972
IP address blocks: 2a03:302:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3f:99:cf:73:3d:70:15:e0:05:2a:05:a9:76:24:b6:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a1e65f8083c859bcd0d2c52a1e061eb5131f5f1
Validity
Not Before: Jul 10 11:39:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=57770b1ec40bfbbe9f6ce0fdcaf893bb1b8c6b50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ae:69:25:b4:90:ff:69:4a:89:c2:59:8c:75:
70:42:52:6f:8c:1d:cc:29:7f:2b:4e:d1:07:2f:34:
05:e4:1f:35:b3:f7:5a:0c:e4:3d:03:2e:3a:4c:85:
bc:d6:89:fa:75:fc:ee:a7:d4:58:fd:e3:99:91:73:
db:6f:cd:3f:fa:d2:e7:80:59:c7:42:ac:57:8c:be:
1f:33:63:bd:6b:06:16:f5:a3:ff:23:ea:f4:92:3f:
08:41:8a:e4:10:a5:0d:71:dd:bd:8c:02:dd:bc:82:
dd:e6:c1:af:e8:4e:cf:f6:83:f1:83:0c:f2:1d:83:
12:fc:ab:3e:ed:54:d4:73:2b:a0:0f:a1:43:e3:3c:
aa:ac:57:76:34:c3:ed:a5:a9:52:14:10:5c:ce:da:
11:89:12:05:0d:6d:f4:4c:eb:9b:c6:2f:43:6d:81:
86:77:18:84:64:9c:22:75:b9:1c:5a:f3:45:4e:eb:
c3:6e:6c:34:dd:44:45:b5:92:d6:64:38:43:a9:44:
ea:42:79:3b:e7:e0:44:1b:a2:ae:40:7c:2e:f0:75:
c1:8c:85:35:5c:f2:e9:03:20:0f:7e:7e:77:d8:f0:
9c:64:eb:37:ba:10:a1:2b:6d:55:2a:97:64:b2:da:
76:bf:e8:83:a7:2a:c5:bd:bb:46:80:2f:1b:06:b8:
c7:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:77:0B:1E:C4:0B:FB:BE:9F:6C:E0:FD:CA:F8:93:BB:1B:8C:6B:50
X509v3 Authority Key Identifier:
keyid:2A:1E:65:F8:08:3C:85:9B:CD:0D:2C:52:A1:E0:61:EB:51:31:F5:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kh5l-Ag8hZvNDSxSoeBh61Ex9fE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/d097bf-b0f5-43e1-86a2-cfb8da549067/1/V3cLHsQL-76fbOD9yviTuxuMa1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/d097bf-b0f5-43e1-86a2-cfb8da549067/1/Kh5l-Ag8hZvNDSxSoeBh61Ex9fE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:302:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
59:ae:c7:60:32:dc:0c:ee:fd:46:f8:74:ea:a3:12:1a:86:ed:
58:fa:d6:34:f7:e1:32:5d:a3:24:cf:0a:e2:5f:c1:b1:c0:09:
02:cd:8a:50:21:ef:0c:0e:ec:d2:a1:42:04:c8:66:3b:89:fc:
95:47:74:33:28:a7:74:67:f7:8c:72:47:04:25:50:a2:f5:98:
12:a6:29:46:2a:2b:f7:93:00:3f:48:f5:ae:25:5b:79:ed:39:
74:a2:a6:1a:ca:59:cd:7b:25:4a:80:b7:26:6b:64:b4:bc:e6:
fe:52:2e:93:85:75:17:49:7b:de:c3:47:54:81:29:7a:1f:8b:
61:c7:f8:6d:2c:d0:8a:ba:e1:46:bb:d0:eb:a4:fe:45:75:c7:
22:1b:4a:d8:64:7f:3a:9a:a0:a6:be:f0:7c:f0:c4:5d:38:f7:
a7:e0:aa:9b:7b:f5:a5:35:49:2e:6f:fe:42:e7:94:3a:77:63:
ed:0c:20:3b:28:f5:77:21:87:7e:b1:58:8d:fb:ce:d5:06:4c:
75:3b:91:65:d9:08:b6:40:dd:56:61:c6:16:68:91:3d:07:e5:
01:29:b7:6d:94:14:77:90:d7:aa:15:e2:5f:dc:a5:a3:b3:74:
3e:3c:43:30:1a:d6:a2:3f:aa:d4:57:41:82:4f:36:5b:a3:30:
5d:3b:20:da
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYk/mc9zPXAV4AUqBal2JLbGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMWU2NWY4MDgzYzg1OWJjZDBkMmM1MmExZTA2MWViNTEz
MWY1ZjEwHhcNMjMwNzEwMTEzOTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Nzc3MGIxZWM0MGJmYmJlOWY2Y2UwZmRjYWY4OTNiYjFiOGM2YjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg65pJbSQ/2lKicJZjHVwQlJvjB3M
KX8rTtEHLzQF5B81s/daDOQ9Ay46TIW81on6dfzup9RY/eOZkXPbb80/+tLngFnH
QqxXjL4fM2O9awYW9aP/I+r0kj8IQYrkEKUNcd29jALdvILd5sGv6E7P9oPxgwzy
HYMS/Ks+7VTUcyugD6FD4zyqrFd2NMPtpalSFBBcztoRiRIFDW30TOubxi9DbYGG
dxiEZJwidbkcWvNFTuvDbmw03URFtZLWZDhDqUTqQnk75+BEG6KuQHwu8HXBjIU1
XPLpAyAPfn532PCcZOs3uhChK21VKpdkstp2v+iDpyrFvbtGgC8bBrjHbwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFd3Cx7EC/u+n2zg/cr4k7sbjGtQMB8GA1UdIwQY
MBaAFCoeZfgIPIWbzQ0sUqHgYetRMfXxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2g1bC1BZzhoWnZORFN4U29lQmg2MUV4OWZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9kMDk3YmYtYjBmNS00M2UxLTg2YTIt
Y2ZiOGRhNTQ5MDY3LzEvVjNjTEhzUUwtNzZmYk9EOXl2aVR1eHVNYTFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9kMDk3YmYtYjBmNS00M2UxLTg2YTItY2ZiOGRhNTQ5MDY3
LzEvS2g1bC1BZzhoWnZORFN4U29lQmg2MUV4OWZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgMDAv//
MA0GCSqGSIb3DQEBCwUAA4IBAQBZrsdgMtwM7v1G+HTqoxIahu1Y+tY09+EyXaMk
zwriX8GxwAkCzYpQIe8MDuzSoUIEyGY7ifyVR3QzKKd0Z/eMckcEJVCi9ZgSpilG
Kiv3kwA/SPWuJVt57Tl0oqYaylnNeyVKgLcma2S0vOb+Ui6ThXUXSXvew0dUgSl6
H4thx/htLNCKuuFGu9DrpP5FdcciG0rYZH86mqCmvvB88MRdOPen4Kqbe/WlNUku
b/5C55Q6d2PtDCA7KPV3IYd+sViN+87VBkx1O5Fl2Qi2QN1WYcYWaJE9B+UBKbdt
lBR3kNeqFeJf3KWjs3Q+PEMwGtaiP6rUV0GCTzZbozBdOyDa
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:53 2024 by rpki-client on console-fra.rpki-client.org