Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/V9IIUkgWI7dThP5PmaoQpn-X7IY.roa
File: V9IIUkgWI7dThP5PmaoQpn-X7IY.roa (raw, json)
Hash identifier: eSRYw6WlTCtnDrvzMrVMbrPpgG1ZRoXbKa2AHtPWqMg=
Subject key identifier: 57:D2:08:52:48:16:23:B7:53:84:FE:4F:99:AA:10:A6:7F:97:EC:86
Certificate issuer: /CN=ab9dc85f94ca647de0db64d74d3139947cc449ba
Certificate serial: 01856D81A1E05F39759B803B52FE4938C0FE
Authority key identifier: AB:9D:C8:5F:94:CA:64:7D:E0:DB:64:D7:4D:31:39:94:7C:C4:49:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/V9IIUkgWI7dThP5PmaoQpn-X7IY.roa
Signing time: Sun 01 Jan 2023 13:24:50 +0000
ROA not before: Sun 01 Jan 2023 13:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20705
IP address blocks: 2a0c:6c40:c840::/47 maxlen: 48
2a0c:6c40:c82e::/47 maxlen: 48
2a0c:6c40:a4ee::/47 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:a1:e0:5f:39:75:9b:80:3b:52:fe:49:38:c0:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab9dc85f94ca647de0db64d74d3139947cc449ba
Validity
Not Before: Jan 1 13:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=57d20852481623b75384fe4f99aa10a67f97ec86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5c:c0:17:d8:5f:75:c0:25:9c:a0:03:23:19:
5e:84:0b:d1:6b:6a:c1:78:f9:d0:5d:b6:ce:6e:e9:
e7:52:d6:f7:14:c6:c9:3f:06:82:55:4a:2a:ed:f7:
51:8b:14:23:db:ed:d9:e3:b2:e5:dd:25:60:57:f4:
01:21:43:38:96:f4:df:fb:b6:f0:c9:8c:1f:bd:8a:
2f:b5:85:8f:9b:41:ac:f7:53:15:00:e3:00:24:1c:
13:c4:cd:7c:37:b5:1b:ab:ab:f8:1d:e0:13:44:3f:
d9:fc:65:b2:57:23:e4:74:83:bf:5b:c8:12:cc:8c:
30:84:c6:dd:93:76:36:58:01:ff:99:9d:3a:29:90:
80:b1:9c:21:82:8d:37:f2:60:d4:34:29:1e:19:22:
c8:9d:04:4e:00:09:6a:38:4c:c5:d6:fb:86:d8:90:
82:63:57:ac:41:28:d8:8f:e0:aa:4f:28:c3:7a:e2:
bd:1e:e1:ce:08:53:9a:63:9d:06:69:87:21:a3:69:
d7:d0:79:40:e2:81:77:c6:df:4d:e7:50:70:1c:b4:
23:28:e9:9e:d9:6e:14:a2:9d:bb:4f:63:df:02:ae:
57:09:18:c2:e8:20:03:91:56:4c:4e:05:5b:c0:a3:
f8:ea:78:3f:23:e3:ae:83:44:70:21:da:2c:7e:d0:
2f:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:D2:08:52:48:16:23:B7:53:84:FE:4F:99:AA:10:A6:7F:97:EC:86
X509v3 Authority Key Identifier:
keyid:AB:9D:C8:5F:94:CA:64:7D:E0:DB:64:D7:4D:31:39:94:7C:C4:49:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/V9IIUkgWI7dThP5PmaoQpn-X7IY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:6c40:a4ee::/47
2a0c:6c40:c82e::/47
2a0c:6c40:c840::/47
Signature Algorithm: sha256WithRSAEncryption
04:37:eb:bc:40:e4:77:1b:61:31:4a:3d:51:e8:77:da:90:e1:
2a:42:36:06:33:93:8c:e7:a0:d8:32:64:0c:be:81:91:8e:58:
de:96:73:67:50:c3:6e:00:2a:bb:ee:5f:ff:1d:bc:09:83:e3:
ec:ef:c4:e8:d2:e0:b9:6f:25:11:9d:06:bf:64:cb:53:bf:fb:
99:8a:2e:3f:e5:f6:f2:35:1f:09:59:16:c9:da:47:65:49:de:
8f:b7:82:29:ec:d3:9d:e0:5f:39:3a:be:19:7a:fe:b2:61:69:
0a:9a:71:82:e5:f8:74:15:c2:9e:d8:2a:47:53:64:0f:15:97:
ed:49:c8:8d:f2:9e:95:1f:ac:8e:dc:6f:16:24:04:1d:43:17:
df:07:85:50:02:68:68:83:40:02:29:ce:41:13:13:cf:f7:81:
f4:fd:a7:f0:24:72:73:2c:8d:36:b8:c5:aa:44:20:5e:d6:a5:
cd:42:bb:a7:dc:41:37:3b:2d:2e:b0:95:bd:88:87:08:95:c1:
6c:ff:06:d2:f5:5b:0f:c1:af:f6:c2:b3:dd:e2:42:d9:24:46:
7c:aa:d5:b4:f5:bb:8e:56:f0:f9:b0:9e:67:9b:f8:92:f1:c9:
f0:a6:4b:53:66:a0:65:d0:db:a6:d0:67:1a:2f:42:2f:b6:4f:
0b:45:0d:97
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtgaHgXzl1m4A7Uv5JOMD+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOWRjODVmOTRjYTY0N2RlMGRiNjRkNzRkMzEzOTk0N2Nj
NDQ5YmEwHhcNMjMwMTAxMTMyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2QyMDg1MjQ4MTYyM2I3NTM4NGZlNGY5OWFhMTBhNjdmOTdlYzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVzAF9hfdcAlnKADIxlehAvRa2rB
ePnQXbbObunnUtb3FMbJPwaCVUoq7fdRixQj2+3Z47Ll3SVgV/QBIUM4lvTf+7bw
yYwfvYovtYWPm0Gs91MVAOMAJBwTxM18N7Ubq6v4HeATRD/Z/GWyVyPkdIO/W8gS
zIwwhMbdk3Y2WAH/mZ06KZCAsZwhgo038mDUNCkeGSLInQROAAlqOEzF1vuG2JCC
Y1esQSjYj+CqTyjDeuK9HuHOCFOaY50GaYcho2nX0HlA4oF3xt9N51BwHLQjKOme
2W4Uop27T2PfAq5XCRjC6CADkVZMTgVbwKP46ng/I+Oug0RwIdosftAvpwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFfSCFJIFiO3U4T+T5mqEKZ/l+yGMB8GA1UdIwQY
MBaAFKudyF+UymR94Ntk100xOZR8xEm6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy85YzgzYTUtM2E5YS00NzE1LTliMTYt
NDA0NjMyNDk3MGFmLzEvVjlJSVVrZ1dJN2RUaFA1UG1hb1Fwbi1YN0lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy85YzgzYTUtM2E5YS00NzE1LTliMTYtNDA0NjMyNDk3MGFm
LzEvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcBKgxsQKTu
AwcBKgxsQMguAwcBKgxsQMhAMA0GCSqGSIb3DQEBCwUAA4IBAQAEN+u8QOR3G2Ex
Sj1R6HfakOEqQjYGM5OM56DYMmQMvoGRjljelnNnUMNuACq77l//HbwJg+Ps78To
0uC5byURnQa/ZMtTv/uZii4/5fbyNR8JWRbJ2kdlSd6Pt4Ip7NOd4F85Or4Zev6y
YWkKmnGC5fh0FcKe2CpHU2QPFZftSciN8p6VH6yO3G8WJAQdQxffB4VQAmhog0AC
Kc5BExPP94H0/afwJHJzLI02uMWqRCBe1qXNQrun3EE3Oy0usJW9iIcIlcFs/wbS
9VsPwa/2wrPd4kLZJEZ8qtW09buOVvD5sJ5nm/iS8cnwpktTZqBl0Num0GcaL0Iv
tk8LRQ2X
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:01:31 2024 by rpki-client on console.sobornost.net