Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/Lb9IxBEjMPwdZQu28mPUcjytXzA.roa
File: Lb9IxBEjMPwdZQu28mPUcjytXzA.roa (raw, json)
Hash identifier: oEmMk1StC++9QJbrYRo1Yg6I7IIKh/HWbpgRaRyjqIM=
Subject key identifier: 2D:BF:48:C4:11:23:30:FC:1D:65:0B:B6:F2:63:D4:72:3C:AD:5F:30
Certificate issuer: /CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Certificate serial: 018BECEF83D0313DD3AF25B6E1B1639827E9
Authority key identifier: D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/Lb9IxBEjMPwdZQu28mPUcjytXzA.roa
Signing time: Mon 20 Nov 2023 13:33:21 +0000
ROA not before: Mon 20 Nov 2023 13:33:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197961
IP address blocks: 2a10:f780:fffe::/48 maxlen: 48
2a10:f782::/48 maxlen: 56
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ec:ef:83:d0:31:3d:d3:af:25:b6:e1:b1:63:98:27:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Validity
Not Before: Nov 20 13:33:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2dbf48c4112330fc1d650bb6f263d4723cad5f30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:56:0c:47:05:03:7d:e5:fa:f4:49:f5:df:2a:
4b:86:49:ee:8a:75:c3:86:eb:6c:7a:7d:40:a9:55:
a9:63:ff:cd:74:f1:28:d8:3a:c0:4b:99:af:12:64:
6f:47:06:95:fe:77:fe:02:92:4c:ef:4c:0a:b9:13:
1c:c5:bc:38:0a:3a:2c:10:0a:21:65:cd:fb:3f:a6:
80:2f:c3:6d:85:95:3a:af:b9:7c:f9:7b:f6:cc:12:
ca:12:a2:f9:c4:ca:4b:41:70:da:c5:93:27:92:8b:
22:49:9b:78:ce:71:e2:d7:60:93:56:fb:26:8e:e5:
cf:09:32:2b:50:30:82:e3:de:f0:5f:88:bb:48:b9:
39:0a:6a:5f:46:60:e6:4f:62:60:f7:71:10:71:0f:
c7:06:0f:2c:3a:44:1c:c0:6b:66:ad:c8:d1:03:52:
2c:9d:f9:2a:e9:2b:22:07:46:2d:68:60:91:95:27:
5a:2d:28:4a:79:ef:3a:d4:4b:fc:62:f2:b9:54:bc:
bc:c3:0b:3d:1b:74:ab:af:72:99:2a:74:88:96:e0:
53:f1:20:4e:9c:04:3a:7c:9d:cc:94:65:5d:3b:b1:
03:74:7f:48:a1:87:f5:7f:fd:f0:f9:a5:0b:79:28:
8b:16:e7:41:d0:67:07:f4:c0:cd:fb:8c:23:2d:52:
0e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:BF:48:C4:11:23:30:FC:1D:65:0B:B6:F2:63:D4:72:3C:AD:5F:30
X509v3 Authority Key Identifier:
keyid:D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/Lb9IxBEjMPwdZQu28mPUcjytXzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/09VvB74YTLpS9v3ASegRTSYWwyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:f780:fffe::/48
2a10:f782::/48
Signature Algorithm: sha256WithRSAEncryption
21:c8:3f:fa:28:98:75:d2:ef:bd:e9:e3:a5:e8:5e:15:7c:21:
e2:77:b4:79:d6:5a:e3:74:82:ff:43:e6:3c:67:3d:f9:54:be:
49:ae:a2:ec:5c:0b:91:f7:91:38:af:be:9c:eb:20:7b:74:38:
2f:2e:4c:cf:4c:42:dc:3e:f0:08:52:20:a9:75:78:06:4d:bb:
e7:47:b2:8b:7a:84:2e:f3:bc:e9:9d:ca:fb:71:3a:c1:dd:33:
ad:6a:89:de:ef:b6:9b:28:3e:f5:7d:97:35:2a:d8:23:0b:30:
16:a8:0b:9f:8a:25:26:22:a7:f2:86:31:ee:d3:99:75:a8:cc:
2b:f8:2c:72:56:31:f2:c2:ba:77:e0:db:e1:30:97:54:f2:d6:
ff:5d:0f:d6:8e:76:9e:57:55:57:90:19:90:6f:6d:f8:4b:e0:
6f:05:a5:9d:7e:95:cd:7b:f3:e5:01:3b:07:65:fd:af:35:86:
b4:b5:c3:94:a1:9e:f7:66:b6:af:c1:81:2c:13:28:54:d7:a9:
ea:c4:b2:de:d4:d0:8c:a7:71:26:c8:50:c7:97:77:ec:a1:35:
2a:e5:6d:82:17:f3:de:1b:03:5c:55:d3:15:97:7b:bc:fa:a7:
9c:99:22:dc:45:46:4a:e8:57:a7:17:f0:d6:e6:fe:26:24:8d:
49:90:06:ba
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvs74PQMT3TryW24bFjmCfpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZDU2ZjA3YmUxODRjYmE1MmY2ZmRjMDQ5ZTgxMTRkMjYx
NmMzMmEwHhcNMjMxMTIwMTMzMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGJmNDhjNDExMjMzMGZjMWQ2NTBiYjZmMjYzZDQ3MjNjYWQ1ZjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1YMRwUDfeX69En13ypLhknuinXD
hutsen1AqVWpY//NdPEo2DrAS5mvEmRvRwaV/nf+ApJM70wKuRMcxbw4CjosEAoh
Zc37P6aAL8NthZU6r7l8+Xv2zBLKEqL5xMpLQXDaxZMnkosiSZt4znHi12CTVvsm
juXPCTIrUDCC497wX4i7SLk5CmpfRmDmT2Jg93EQcQ/HBg8sOkQcwGtmrcjRA1Is
nfkq6SsiB0YtaGCRlSdaLShKee861Ev8YvK5VLy8wws9G3Srr3KZKnSIluBT8SBO
nAQ6fJ3MlGVdO7EDdH9IoYf1f/3w+aULeSiLFudB0GcH9MDN+4wjLVIOGQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC2/SMQRIzD8HWULtvJj1HI8rV8wMB8GA1UdIwQY
MBaAFNPVbwe+GEy6Uvb9wEnoEU0mFsMqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYt
MWIwNmQxYzcwNGMxLzEvTGI5SXhCRWpNUHdkWlF1MjhtUFVjanl0WHpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYtMWIwNmQxYzcwNGMx
LzEvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhD3gP/+
AwcAKhD3ggAAMA0GCSqGSIb3DQEBCwUAA4IBAQAhyD/6KJh10u+96eOl6F4VfCHi
d7R51lrjdIL/Q+Y8Zz35VL5JrqLsXAuR95E4r76c6yB7dDgvLkzPTELcPvAIUiCp
dXgGTbvnR7KLeoQu87zpncr7cTrB3TOtaone77abKD71fZc1KtgjCzAWqAufiiUm
IqfyhjHu05l1qMwr+CxyVjHywrp34NvhMJdU8tb/XQ/WjnaeV1VXkBmQb234S+Bv
BaWdfpXNe/PlATsHZf2vNYa0tcOUoZ73ZravwYEsEyhU16nqxLLe1NCMp3EmyFDH
l3fsoTUq5W2CF/PeGwNcVdMVl3u8+qecmSLcRUZK6FenF/DW5v4mJI1JkAa6
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:17:15 2024 by rpki-client on console-ams.rpki-client.org