Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/AjiREUz5L6pQDBI33GvOXly-nic.roa
File: AjiREUz5L6pQDBI33GvOXly-nic.roa (raw, json)
Hash identifier: Va0tanx1JYwqIY8DbG3pTuR9BR8LLwg4Gn7sVhdNmFI=
Subject key identifier: 02:38:91:11:4C:F9:2F:AA:50:0C:12:37:DC:6B:CE:5E:5C:BE:9E:27
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCAF428B0FBD6CEEAA0A25E605F8362
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/AjiREUz5L6pQDBI33GvOXly-nic.roa
Signing time: Sun 01 Jan 2023 14:44:55 +0000
ROA not before: Sun 01 Jan 2023 14:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211221
IP address blocks: 2a02:2698:7600::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:f4:28:b0:fb:d6:ce:ea:a0:a2:5e:60:5f:83:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=023891114cf92faa500c1237dc6bce5e5cbe9e27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ff:d8:a1:1a:4a:99:75:a3:cc:6a:12:e9:60:
66:89:03:f9:e9:ba:15:d1:c8:13:a5:b7:20:da:ab:
ae:fa:64:cd:f2:31:57:8f:a3:e5:85:f3:29:49:6f:
17:0b:23:6c:a0:ee:db:26:95:39:c0:e6:d1:86:b4:
bd:94:c3:4f:ba:5e:a7:2c:a2:2e:17:9b:78:60:b0:
6a:54:6e:0f:16:e1:4e:97:42:dc:21:1b:4b:79:16:
56:cc:27:ab:3a:cf:52:bb:2d:26:44:21:df:b4:49:
f1:95:78:6d:f0:76:e5:3a:34:4b:99:bb:f5:c8:39:
49:af:f5:2a:e8:93:f0:0a:3e:a2:1a:f4:87:e7:02:
9f:94:88:2e:c7:69:5b:0e:8f:ec:92:6f:e1:a7:cd:
a8:37:d1:19:50:ee:57:4f:ad:e1:b4:e0:75:da:79:
89:89:66:7e:2e:46:f8:ba:8a:de:0b:0c:4c:58:56:
92:13:26:ea:2c:7c:69:50:b0:9b:1d:da:54:34:e2:
af:53:9c:fc:7c:87:d8:1e:bb:2f:25:18:fd:2a:9e:
59:67:3a:72:40:5c:76:00:9a:0c:e4:2e:71:97:e9:
46:d8:7e:d1:8a:ff:f4:b5:61:02:29:ee:c3:6b:c3:
40:84:2b:b5:ab:20:01:72:cc:26:c9:61:ff:17:89:
02:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:38:91:11:4C:F9:2F:AA:50:0C:12:37:DC:6B:CE:5E:5C:BE:9E:27
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/AjiREUz5L6pQDBI33GvOXly-nic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:7600::/48
Signature Algorithm: sha256WithRSAEncryption
8c:2d:77:89:2c:f6:c8:e5:81:b7:b5:de:49:ef:d0:bc:c9:b9:
af:3f:ac:ff:3b:5e:03:4d:fd:5e:d7:c0:3a:bf:68:0f:dc:9e:
b9:49:06:6c:3a:a9:f2:5d:0e:c5:8b:66:fe:cf:c7:85:fb:a5:
5a:80:82:a9:85:1d:92:b1:e7:8b:f4:bc:39:06:05:72:d3:0e:
d0:15:fd:4e:88:ae:84:49:f3:f7:18:4c:e7:db:39:9c:a3:03:
cc:b9:5b:51:24:1f:26:14:9d:27:44:fc:83:c2:d8:eb:ae:d4:
1b:29:19:6f:c8:10:40:1e:da:64:ee:d2:3b:09:18:00:cb:d5:
d9:22:ce:62:1b:fa:94:c7:49:53:f3:39:f5:bd:05:74:2b:03:
ea:23:28:a3:d3:d0:95:c3:72:10:7b:39:24:a8:5c:c2:6f:90:
28:b8:ce:68:63:de:27:5f:d9:de:be:c4:12:e6:64:b8:89:44:
11:0e:2f:61:ca:b3:94:df:79:cb:ac:57:ab:45:0f:2d:bc:dd:
f9:fe:18:7a:b2:39:28:f0:35:3e:32:d0:b4:f1:c5:64:6f:67:
66:fb:fb:5c:18:e1:72:1b:a4:47:b0:5a:b4:74:85:d1:8b:13:
3c:18:cc:22:a4:af:6e:58:23:d0:ac:23:7e:c5:5f:c8:66:aa:
c6:c9:ca:91
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtyvQosPvWzuqgol5gX4NiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjM4OTExMTRjZjkyZmFhNTAwYzEyMzdkYzZiY2U1ZTVjYmU5ZTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg//YoRpKmXWjzGoS6WBmiQP56boV
0cgTpbcg2quu+mTN8jFXj6PlhfMpSW8XCyNsoO7bJpU5wObRhrS9lMNPul6nLKIu
F5t4YLBqVG4PFuFOl0LcIRtLeRZWzCerOs9Suy0mRCHftEnxlXht8HblOjRLmbv1
yDlJr/Uq6JPwCj6iGvSH5wKflIgux2lbDo/skm/hp82oN9EZUO5XT63htOB12nmJ
iWZ+Lkb4uoreCwxMWFaSEybqLHxpULCbHdpUNOKvU5z8fIfYHrsvJRj9Kp5ZZzpy
QFx2AJoM5C5xl+lG2H7Riv/0tWECKe7Da8NAhCu1qyABcswmyWH/F4kCiwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAI4kRFM+S+qUAwSN9xrzl5cvp4nMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvQWppUkVVejVMNnBRREJJMzNHdk9YbHktbmljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgImmHYA
MA0GCSqGSIb3DQEBCwUAA4IBAQCMLXeJLPbI5YG3td5J79C8ybmvP6z/O14DTf1e
18A6v2gP3J65SQZsOqnyXQ7Fi2b+z8eF+6VagIKphR2SseeL9Lw5BgVy0w7QFf1O
iK6ESfP3GEzn2zmcowPMuVtRJB8mFJ0nRPyDwtjrrtQbKRlvyBBAHtpk7tI7CRgA
y9XZIs5iG/qUx0lT8zn1vQV0KwPqIyij09CVw3IQezkkqFzCb5AouM5oY94nX9ne
vsQS5mS4iUQRDi9hyrOU33nLrFerRQ8tvN35/hh6sjko8DU+MtC08cVkb2dm+/tc
GOFyG6RHsFq0dIXRixM8GMwipK9uWCPQrCN+xV/IZqrGycqR
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:15:17 2024 by rpki-client on console.sobornost.net