Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/u6AI2hEW82-qGEPqmYbhJy7x_zs.roa
File: u6AI2hEW82-qGEPqmYbhJy7x_zs.roa (raw, json)
Hash identifier: u8ZTzMOf6muqJJek5SucuXmyPmnPc0AFqZKngiXK0dc=
Subject key identifier: BB:A0:08:DA:11:16:F3:6F:AA:18:43:EA:99:86:E1:27:2E:F1:FF:3B
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCADAAB87AAEA9714592423E4C1ACF2
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/u6AI2hEW82-qGEPqmYbhJy7x_zs.roa
Signing time: Sun 01 Jan 2023 14:44:48 +0000
ROA not before: Sun 01 Jan 2023 14:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34150
IP address blocks: 2a02:2698:9c00::/38 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:da:ab:87:aa:ea:97:14:59:24:23:e4:c1:ac:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bba008da1116f36faa1843ea9986e1272ef1ff3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8c:01:0c:8c:02:60:58:2e:74:e3:b1:fb:df:
b3:7e:07:d4:ee:96:01:0b:6c:fe:b1:c3:5f:66:a6:
dc:60:e5:e7:13:46:cc:76:9b:d8:69:1d:98:ac:9d:
73:f3:bf:3b:c2:7f:25:a1:13:d5:b0:c9:52:b9:3b:
f5:fd:7a:c4:4a:c4:26:1e:5d:b6:92:3e:1c:30:b7:
b2:e9:6a:d0:90:d7:87:8d:5f:b2:04:da:ea:a1:26:
a8:1a:7d:b4:14:25:ad:1c:18:e7:d0:0a:e7:63:91:
ed:a4:85:3f:1c:f8:83:bd:7a:4b:b6:69:8c:9c:8c:
e5:cb:4c:56:42:1d:f1:40:ee:68:33:17:c1:fa:e7:
84:ac:86:70:20:f4:46:1a:01:e7:88:c1:64:83:4e:
e4:96:d1:e4:8d:64:ec:39:6c:ad:e6:d4:38:d2:32:
5b:d5:0f:cd:71:8c:10:7d:b3:eb:34:89:c3:09:69:
46:8e:f1:db:54:aa:25:2d:19:59:05:5c:1d:bd:1a:
17:e7:f2:ad:a5:0c:62:03:1d:25:48:19:5f:8e:59:
a4:b8:a4:b2:34:a0:b2:13:23:a7:cd:5b:3f:6a:ca:
f4:0d:f6:f8:a8:45:5f:1e:34:1c:d7:ed:51:d8:18:
05:28:20:15:b2:81:f5:dc:cb:5c:89:4c:b7:cf:2a:
86:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:A0:08:DA:11:16:F3:6F:AA:18:43:EA:99:86:E1:27:2E:F1:FF:3B
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/u6AI2hEW82-qGEPqmYbhJy7x_zs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:9c00::/38
Signature Algorithm: sha256WithRSAEncryption
1a:2b:c0:77:2b:f9:ef:10:5f:9f:6c:60:91:d3:95:18:ac:67:
b7:09:7f:c5:f7:97:6e:ab:47:df:6e:fa:4c:ca:6a:3f:23:43:
40:d4:cb:cf:a6:47:3d:25:7c:f2:29:89:b8:89:43:a7:c2:75:
34:90:9d:5b:b0:30:61:14:a3:59:a6:b1:14:ca:cb:cd:c5:ef:
b9:d1:e9:58:e6:ed:82:75:6f:a5:e3:90:34:e0:36:f0:7b:58:
6d:f1:6f:be:68:f2:8a:52:18:b1:fe:a5:27:18:8b:08:97:fb:
7a:0d:d9:c8:2e:d2:6c:92:48:59:84:25:9a:78:ca:f8:88:e1:
77:cc:63:82:39:88:42:84:13:d7:ea:32:9b:b4:53:f5:95:fd:
8c:94:7c:6a:c0:2b:a5:5d:32:1a:3d:b3:b4:11:aa:52:13:c5:
17:51:1c:b1:59:2f:68:23:80:f6:67:fd:b0:2e:ad:b6:76:95:
e1:a2:3e:4d:fa:4c:79:5b:76:91:74:a6:fa:b1:e1:30:a9:3c:
50:d4:52:e7:6b:8b:9a:9b:21:44:2d:7a:4f:89:0d:2e:ea:59:
33:a4:44:55:6b:fc:0e:31:7e:74:eb:82:62:97:54:02:10:25:
9a:d5:4d:64:52:ef:87:f0:68:b2:e1:62:ef:61:e4:31:34:60:
72:24:d6:55
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtytqrh6rqlxRZJCPkwazyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmEwMDhkYTExMTZmMzZmYWExODQzZWE5OTg2ZTEyNzJlZjFmZjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvowBDIwCYFgudOOx+9+zfgfU7pYB
C2z+scNfZqbcYOXnE0bMdpvYaR2YrJ1z8787wn8loRPVsMlSuTv1/XrESsQmHl22
kj4cMLey6WrQkNeHjV+yBNrqoSaoGn20FCWtHBjn0ArnY5HtpIU/HPiDvXpLtmmM
nIzly0xWQh3xQO5oMxfB+ueErIZwIPRGGgHniMFkg07kltHkjWTsOWyt5tQ40jJb
1Q/NcYwQfbPrNInDCWlGjvHbVKolLRlZBVwdvRoX5/KtpQxiAx0lSBlfjlmkuKSy
NKCyEyOnzVs/asr0Dfb4qEVfHjQc1+1R2BgFKCAVsoH13MtciUy3zyqGAQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFLugCNoRFvNvqhhD6pmG4Scu8f87MB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvdTZBSTJoRVc4Mi1xR0VQcW1ZYmhKeTd4X3pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmJww
DQYJKoZIhvcNAQELBQADggEBABorwHcr+e8QX59sYJHTlRisZ7cJf8X3l26rR99u
+kzKaj8jQ0DUy8+mRz0lfPIpibiJQ6fCdTSQnVuwMGEUo1mmsRTKy83F77nR6Vjm
7YJ1b6XjkDTgNvB7WG3xb75o8opSGLH+pScYiwiX+3oN2cgu0mySSFmEJZp4yviI
4XfMY4I5iEKEE9fqMpu0U/WV/YyUfGrAK6VdMho9s7QRqlITxRdRHLFZL2gjgPZn
/bAurbZ2leGiPk36THlbdpF0pvqx4TCpPFDUUudri5qbIUQtek+JDS7qWTOkRFVr
/A4xfnTrgmKXVAIQJZrVTWRS74fwaLLhYu9h5DE0YHIk1lU=
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:15:17 2024 by rpki-client on console.sobornost.net