Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/if5Hjsx2qIb40bY6KR6tRhfVl0Y.roa
File: if5Hjsx2qIb40bY6KR6tRhfVl0Y.roa (raw, json)
Hash identifier: MGM4/JYsBc9S9f+vVb3f84TGbIx41g67NSkCpfrax6I=
Subject key identifier: 89:FE:47:8E:CC:76:A8:86:F8:D1:B6:3A:29:1E:AD:46:17:D5:97:46
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 018BD8F1B8008E847346BB449A37931B1C98
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/if5Hjsx2qIb40bY6KR6tRhfVl0Y.roa
Signing time: Thu 16 Nov 2023 16:23:21 +0000
ROA not before: Thu 16 Nov 2023 16:23:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12430
IP address blocks: 2a01:800::/32 maxlen: 32
2a01:807::/32 maxlen: 32
2a01:801::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:f1:b8:00:8e:84:73:46:bb:44:9a:37:93:1b:1c:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Nov 16 16:23:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89fe478ecc76a886f8d1b63a291ead4617d59746
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:bd:1f:25:9f:e5:c0:14:6c:2b:9e:97:a9:b0:
22:3c:b9:41:93:45:14:60:f1:e1:11:df:cc:d6:b7:
5a:71:ac:a2:e7:1f:25:72:2e:ba:58:7e:c5:a1:91:
c4:ce:20:41:db:34:93:06:60:a5:b6:e6:51:f6:36:
1c:96:9b:51:22:b4:ce:79:79:2c:59:6c:61:0f:a9:
e5:e3:8c:5e:9b:42:c0:72:bc:ef:dd:ac:e8:96:cc:
ed:7e:02:ca:52:3c:8d:3a:37:ae:4a:58:6a:58:ae:
70:a8:42:13:dc:1f:92:d9:3a:23:ba:c7:03:63:ff:
68:3f:da:42:2f:11:d0:8b:8e:57:55:67:21:a4:3b:
37:2e:b9:9e:42:4c:38:bd:fb:48:c9:7c:f2:9e:2e:
d7:a9:4c:03:f3:ea:5f:84:fa:5c:2d:6c:30:c9:d2:
80:db:b8:e1:e9:bf:83:47:58:50:92:b5:3e:9f:ba:
a3:bf:d6:6d:b6:35:a1:78:e0:82:2f:b4:35:ec:87:
85:9f:be:26:2c:fa:50:0f:47:a6:b3:dc:44:02:f7:
eb:8c:e5:3d:15:12:47:12:57:ee:bf:95:55:c1:6f:
7a:c2:f4:6f:70:07:33:9e:77:e5:be:6d:d0:bc:c3:
ae:31:87:60:24:a6:69:ed:ec:5c:ad:6a:d3:60:ff:
14:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:FE:47:8E:CC:76:A8:86:F8:D1:B6:3A:29:1E:AD:46:17:D5:97:46
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/if5Hjsx2qIb40bY6KR6tRhfVl0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:800::/31
2a01:807::/32
Signature Algorithm: sha256WithRSAEncryption
84:4a:af:42:18:ed:f6:ba:df:ca:8e:20:37:23:8c:c2:a8:72:
fa:5e:de:67:bc:77:7e:f4:48:0c:46:90:c4:4e:0d:bb:cd:aa:
89:70:10:63:d4:a2:c1:e4:85:15:b8:b9:dd:1c:00:0a:99:ec:
26:e1:aa:68:07:67:79:7e:4c:0f:e3:d0:c8:a3:36:0f:12:14:
13:74:a1:73:a0:d8:bc:a0:1d:c8:18:d1:9d:01:b4:4c:23:43:
ad:46:bd:8d:36:23:ae:08:67:94:66:39:1c:26:bd:ca:c6:71:
be:53:9f:13:49:4a:c4:28:74:44:8a:76:50:cf:15:1f:f6:a2:
27:ea:17:8f:40:ec:0f:17:e6:c3:e8:cf:86:55:72:82:75:54:
d0:ec:c3:e2:ec:39:8f:b3:59:2e:ac:c7:ff:07:5b:7f:70:3c:
32:26:4c:48:99:a6:67:f3:97:ae:44:93:a5:3e:45:9b:93:9d:
b9:ef:5b:9f:b7:74:6b:65:af:c3:ec:0b:dd:f9:71:d7:36:21:
00:5c:55:65:99:bb:39:87:9f:fd:30:03:e4:d6:fa:bd:b8:e1:
44:eb:bb:06:bd:3a:ab:1e:08:de:46:06:58:3c:23:01:2f:51:
f4:8e:57:0f:84:aa:80:ec:66:12:60:b2:e1:f5:a2:f0:a6:31:
e5:40:86:8f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYvY8bgAjoRzRrtEmjeTGxyYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjMxMTE2MTYyMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWZlNDc4ZWNjNzZhODg2ZjhkMWI2M2EyOTFlYWQ0NjE3ZDU5NzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArb0fJZ/lwBRsK56XqbAiPLlBk0UU
YPHhEd/M1rdacayi5x8lci66WH7FoZHEziBB2zSTBmCltuZR9jYclptRIrTOeXks
WWxhD6nl44xem0LAcrzv3azolsztfgLKUjyNOjeuSlhqWK5wqEIT3B+S2TojuscD
Y/9oP9pCLxHQi45XVWchpDs3LrmeQkw4vftIyXzyni7XqUwD8+pfhPpcLWwwydKA
27jh6b+DR1hQkrU+n7qjv9ZttjWheOCCL7Q17IeFn74mLPpQD0ems9xEAvfrjOU9
FRJHElfuv5VVwW96wvRvcAcznnflvm3QvMOuMYdgJKZp7excrWrTYP8UeQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIn+R47MdqiG+NG2OikerUYX1ZdGMB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvaWY1SGpzeDJxSWI0MGJZNktSNnRSaGZWbDBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUBKgEIAAMF
ACoBCAcwDQYJKoZIhvcNAQELBQADggEBAIRKr0IY7fa638qOIDcjjMKocvpe3me8
d370SAxGkMRODbvNqolwEGPUosHkhRW4ud0cAAqZ7CbhqmgHZ3l+TA/j0MijNg8S
FBN0oXOg2LygHcgY0Z0BtEwjQ61GvY02I64IZ5RmORwmvcrGcb5TnxNJSsQodESK
dlDPFR/2oifqF49A7A8X5sPoz4ZVcoJ1VNDsw+LsOY+zWS6sx/8HW39wPDImTEiZ
pmfzl65Ek6U+RZuTnbnvW5+3dGtlr8PsC935cdc2IQBcVWWZuzmHn/0wA+TW+r24
4UTruwa9OqseCN5GBlg8IwEvUfSOVw+EqoDsZhJgsuH1ovCmMeVAho8=
-----END CERTIFICATE-----
Generated at Tue Jan 2 16:35:25 2024 by rpki-client on console.sobornost.net