Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/51f699-a0a2-434b-89b8-5339f37ffc77/1/v8P2h0LCSMjD3FfGJWzLD3gMQuc.roa
File: v8P2h0LCSMjD3FfGJWzLD3gMQuc.roa (raw, json)
Hash identifier: Qa6ZP8rbS4mf5HORIM+uLQAvoR/FzwYJUvnus0GuGS0=
Subject key identifier: BF:C3:F6:87:42:C2:48:C8:C3:DC:57:C6:25:6C:CB:0F:78:0C:42:E7
Certificate issuer: /CN=9b5841b07ccf6399799b3586a1b22885923df8bf
Certificate serial: 01857321FC315A910DE6D63536089E0F7B01
Authority key identifier: 9B:58:41:B0:7C:CF:63:99:79:9B:35:86:A1:B2:28:85:92:3D:F8:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m1hBsHzPY5l5mzWGobIohZI9-L8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/51f699-a0a2-434b-89b8-5339f37ffc77/1/v8P2h0LCSMjD3FfGJWzLD3gMQuc.roa
Signing time: Mon 02 Jan 2023 15:38:04 +0000
ROA not before: Mon 02 Jan 2023 15:38:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42135
IP address blocks: 2001:678:494::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:21:fc:31:5a:91:0d:e6:d6:35:36:08:9e:0f:7b:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b5841b07ccf6399799b3586a1b22885923df8bf
Validity
Not Before: Jan 2 15:38:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bfc3f68742c248c8c3dc57c6256ccb0f780c42e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:34:eb:db:4b:53:09:fc:8a:3c:d1:cf:ca:33:
1a:77:cc:1b:97:90:b4:b6:db:cf:04:c4:97:01:be:
1e:51:e6:94:ce:90:1e:fe:a3:76:78:ab:d9:ac:c0:
3e:12:6d:81:f3:09:43:6a:93:85:d1:65:5f:88:71:
28:de:b5:67:45:85:61:d7:c7:0b:13:a9:e6:3a:f0:
96:1b:d8:02:a7:34:4b:3a:3c:66:f5:ad:14:1c:50:
70:04:41:2b:fd:1b:32:91:d9:39:e4:e6:0f:04:43:
83:e8:da:c9:21:d4:4d:49:3c:69:60:e8:b6:43:60:
91:22:79:7f:2b:25:c3:23:27:68:23:20:fc:64:4b:
9e:11:79:9f:ee:2b:84:2d:1c:2c:f8:ae:80:64:2c:
7e:87:b0:c9:56:84:86:bd:a5:7a:97:73:d8:23:82:
21:f0:3a:0c:51:3e:0f:5e:14:90:48:d7:c3:67:e0:
db:c8:7f:46:1b:92:31:3c:e9:c5:12:60:01:db:e8:
db:4a:39:11:60:dd:05:8c:7a:78:e8:a2:89:61:04:
eb:b8:db:00:f1:e3:af:00:30:98:c1:20:92:2c:02:
2f:fc:aa:88:c2:6a:e0:cf:9f:27:68:29:26:72:74:
f0:a4:fe:46:fd:dc:26:ac:3b:13:4a:ea:19:66:99:
e0:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:C3:F6:87:42:C2:48:C8:C3:DC:57:C6:25:6C:CB:0F:78:0C:42:E7
X509v3 Authority Key Identifier:
keyid:9B:58:41:B0:7C:CF:63:99:79:9B:35:86:A1:B2:28:85:92:3D:F8:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m1hBsHzPY5l5mzWGobIohZI9-L8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/51f699-a0a2-434b-89b8-5339f37ffc77/1/v8P2h0LCSMjD3FfGJWzLD3gMQuc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/51f699-a0a2-434b-89b8-5339f37ffc77/1/m1hBsHzPY5l5mzWGobIohZI9-L8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:494::/48
Signature Algorithm: sha256WithRSAEncryption
10:89:a9:f0:27:9b:aa:51:8c:11:0b:69:c0:38:2a:33:d9:6b:
65:0c:c6:01:aa:79:d1:d9:9f:02:36:3e:62:9d:f2:ac:80:96:
27:e7:04:e3:f3:16:00:26:4c:2b:e1:f6:ae:63:60:b9:f3:92:
69:a7:07:48:9f:ff:22:38:05:4c:ac:99:43:ab:a9:4b:55:61:
2b:05:f1:ee:0c:c9:f3:ed:81:4f:ba:9a:f4:be:4b:cc:d9:86:
03:67:d3:37:32:24:60:35:90:a2:88:2e:5e:8c:63:a0:3d:d7:
5d:62:d3:55:09:24:e4:6c:15:56:e2:b0:76:8c:b1:1c:65:3a:
88:81:c8:c0:fc:51:80:01:a8:53:43:34:be:8f:7d:eb:39:1a:
a7:c2:f1:e5:20:98:7d:6b:c4:8b:06:80:10:f2:6e:b9:91:d5:
95:27:06:19:89:df:85:58:e3:1b:8b:12:7f:d1:ef:48:bf:28:
c2:ac:e5:51:da:4c:d9:e3:1a:c0:b9:66:04:d5:94:aa:be:27:
70:b8:07:20:4f:7b:b9:c3:72:3e:99:80:df:53:7c:ed:eb:b2:
e4:73:ae:22:c2:2f:2b:b6:3f:4c:05:95:63:a4:1e:9e:fd:a2:
f8:90:03:30:cf:a0:94:7a:5f:d1:39:0a:f1:c9:cf:c5:31:e8:
4a:0a:6c:66
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzIfwxWpEN5tY1NgieD3sBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliNTg0MWIwN2NjZjYzOTk3OTliMzU4NmExYjIyODg1OTIz
ZGY4YmYwHhcNMjMwMTAyMTUzODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmMzZjY4NzQyYzI0OGM4YzNkYzU3YzYyNTZjY2IwZjc4MGM0MmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDTr20tTCfyKPNHPyjMad8wbl5C0
ttvPBMSXAb4eUeaUzpAe/qN2eKvZrMA+Em2B8wlDapOF0WVfiHEo3rVnRYVh18cL
E6nmOvCWG9gCpzRLOjxm9a0UHFBwBEEr/Rsykdk55OYPBEOD6NrJIdRNSTxpYOi2
Q2CRInl/KyXDIydoIyD8ZEueEXmf7iuELRws+K6AZCx+h7DJVoSGvaV6l3PYI4Ih
8DoMUT4PXhSQSNfDZ+DbyH9GG5IxPOnFEmAB2+jbSjkRYN0FjHp46KKJYQTruNsA
8eOvADCYwSCSLAIv/KqIwmrgz58naCkmcnTwpP5G/dwmrDsTSuoZZpng3QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFL/D9odCwkjIw9xXxiVsyw94DELnMB8GA1UdIwQY
MBaAFJtYQbB8z2OZeZs1hqGyKIWSPfi/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTFoQnNIelBZNWw1bXpXR29iSW9oWkk5LUw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81MWY2OTktYTBhMi00MzRiLTg5Yjgt
NTMzOWYzN2ZmYzc3LzEvdjhQMmgwTENTTWpEM0ZmR0pXekxEM2dNUXVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81MWY2OTktYTBhMi00MzRiLTg5YjgtNTMzOWYzN2ZmYzc3
LzEvbTFoQnNIelBZNWw1bXpXR29iSW9oWkk5LUw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeASU
MA0GCSqGSIb3DQEBCwUAA4IBAQAQianwJ5uqUYwRC2nAOCoz2WtlDMYBqnnR2Z8C
Nj5infKsgJYn5wTj8xYAJkwr4fauY2C585JppwdIn/8iOAVMrJlDq6lLVWErBfHu
DMnz7YFPupr0vkvM2YYDZ9M3MiRgNZCiiC5ejGOgPdddYtNVCSTkbBVW4rB2jLEc
ZTqIgcjA/FGAAahTQzS+j33rORqnwvHlIJh9a8SLBoAQ8m65kdWVJwYZid+FWOMb
ixJ/0e9IvyjCrOVR2kzZ4xrAuWYE1ZSqvidwuAcgT3u5w3I+mYDfU3zt67Lkc64i
wi8rtj9MBZVjpB6e/aL4kAMwz6CUel/ROQrxyc/FMehKCmxm
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:55:36 2024 by rpki-client on console.sobornost.net