Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/6ea16c-b92f-4041-a508-bb5893a6ac91/1/SbqpkOpsYRQ60pVddNK73tlvMa0.roa
File: SbqpkOpsYRQ60pVddNK73tlvMa0.roa (raw, json)
Hash identifier: JZh3aRX4sh86xXzFEIAPBBt2vMnz9qD7bMbkhCSg1KE=
Subject key identifier: 49:BA:A9:90:EA:6C:61:14:3A:D2:95:5D:74:D2:BB:DE:D9:6F:31:AD
Certificate issuer: /CN=81ae70dfd43052736fe85f00d2984ce376b76eb3
Certificate serial: 018A1C764AA61022BFC31F2B8F3C691B1151
Authority key identifier: 81:AE:70:DF:D4:30:52:73:6F:E8:5F:00:D2:98:4C:E3:76:B7:6E:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ga5w39QwUnNv6F8A0phM43a3brM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/6ea16c-b92f-4041-a508-bb5893a6ac91/1/SbqpkOpsYRQ60pVddNK73tlvMa0.roa
Signing time: Tue 22 Aug 2023 08:57:08 +0000
ROA not before: Tue 22 Aug 2023 08:57:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12843
IP address blocks: 2001:67c:2388::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1c:76:4a:a6:10:22:bf:c3:1f:2b:8f:3c:69:1b:11:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81ae70dfd43052736fe85f00d2984ce376b76eb3
Validity
Not Before: Aug 22 08:57:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49baa990ea6c61143ad2955d74d2bbded96f31ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d1:31:66:dd:76:74:15:ce:a8:e3:3e:b8:44:
6b:fc:de:e5:03:fd:33:7f:c4:43:38:a3:d8:72:58:
c1:61:ed:9f:c8:9a:aa:a8:5f:52:05:cc:b8:4e:e4:
67:53:99:e0:c6:d1:8e:d5:97:55:37:99:6c:5c:39:
b1:17:e7:ff:57:17:d3:d3:16:fe:b4:e5:02:94:a3:
35:9e:fe:71:0f:49:48:c9:5c:99:f2:18:c2:f6:42:
1b:a0:b7:dc:dd:55:5e:2a:3b:f9:71:5a:0c:a8:9f:
b7:c9:76:43:32:19:8d:33:a6:9b:9d:3b:63:b6:ae:
e6:45:b0:b8:ec:67:95:2e:00:84:20:89:4f:fa:59:
e3:1f:0f:f4:0a:9f:ba:d6:d4:0c:3f:e7:41:9d:8f:
6c:c6:6e:f0:18:ee:41:29:d8:10:5b:e8:90:58:f6:
e9:85:99:58:80:b0:13:9b:bb:f6:9f:5b:0b:34:83:
d3:3b:26:b1:f8:78:e6:27:f5:93:7c:29:71:ea:9f:
19:4f:d3:65:30:d8:a6:36:89:e3:ac:cc:a4:80:d3:
0c:87:68:05:66:6b:3c:19:ec:40:98:04:17:0b:08:
8f:66:bd:a1:3d:e7:1d:46:04:52:d3:17:ef:aa:96:
94:87:a7:df:fc:ed:ee:e8:34:f8:d5:80:ef:dd:da:
f4:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:BA:A9:90:EA:6C:61:14:3A:D2:95:5D:74:D2:BB:DE:D9:6F:31:AD
X509v3 Authority Key Identifier:
keyid:81:AE:70:DF:D4:30:52:73:6F:E8:5F:00:D2:98:4C:E3:76:B7:6E:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ga5w39QwUnNv6F8A0phM43a3brM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/6ea16c-b92f-4041-a508-bb5893a6ac91/1/SbqpkOpsYRQ60pVddNK73tlvMa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/6ea16c-b92f-4041-a508-bb5893a6ac91/1/ga5w39QwUnNv6F8A0phM43a3brM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2388::/48
Signature Algorithm: sha256WithRSAEncryption
1f:b5:e6:ee:8c:f1:8d:4b:e0:40:2c:f2:ca:75:2c:a9:3d:cb:
8c:cf:4c:c3:07:62:53:bb:eb:c9:a3:b1:b2:0c:00:be:89:85:
74:c3:13:cd:16:60:e4:71:50:c7:ed:aa:91:bd:82:24:e7:48:
a2:b8:a6:6c:6d:6a:33:7d:7e:de:14:7a:40:13:45:87:af:72:
75:6c:0a:5c:4f:f8:fc:4e:8f:e2:f0:d7:56:96:c4:54:e2:45:
f7:2b:8c:f4:58:cd:1e:49:c1:cb:21:e0:3d:ac:ef:ab:a6:ae:
67:17:77:80:ff:e3:b6:54:3a:ca:64:1d:45:d8:6b:a5:94:cd:
ed:25:71:45:bf:bb:12:9d:ea:8c:2c:7f:0a:fe:16:51:07:75:
d4:18:eb:86:45:61:8f:db:a3:84:6b:ee:96:f0:e6:28:b9:1e:
c4:a3:9b:d2:40:9a:97:38:6e:e4:90:9a:2e:5e:15:99:d3:58:
f0:bc:c4:43:6a:20:df:cc:80:c1:ff:2c:f6:32:97:dc:84:48:
8a:72:47:42:e6:6b:b8:ee:04:92:cf:30:86:86:65:40:6b:f6:
2a:e7:8e:2d:7d:88:68:3e:50:47:09:9c:bc:68:30:af:1e:1f:
89:4c:9d:5d:5d:e8:4d:34:b0:ee:9f:77:3a:d0:3e:58:00:94:
fb:e7:4d:13
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYocdkqmECK/wx8rjzxpGxFRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYWU3MGRmZDQzMDUyNzM2ZmU4NWYwMGQyOTg0Y2UzNzZi
NzZlYjMwHhcNMjMwODIyMDg1NzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWJhYTk5MGVhNmM2MTE0M2FkMjk1NWQ3NGQyYmJkZWQ5NmYzMWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNExZt12dBXOqOM+uERr/N7lA/0z
f8RDOKPYcljBYe2fyJqqqF9SBcy4TuRnU5ngxtGO1ZdVN5lsXDmxF+f/VxfT0xb+
tOUClKM1nv5xD0lIyVyZ8hjC9kIboLfc3VVeKjv5cVoMqJ+3yXZDMhmNM6abnTtj
tq7mRbC47GeVLgCEIIlP+lnjHw/0Cp+61tQMP+dBnY9sxm7wGO5BKdgQW+iQWPbp
hZlYgLATm7v2n1sLNIPTOyax+HjmJ/WTfClx6p8ZT9NlMNimNonjrMykgNMMh2gF
Zms8GexAmAQXCwiPZr2hPecdRgRS0xfvqpaUh6ff/O3u6DT41YDv3dr0ewIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEm6qZDqbGEUOtKVXXTSu97ZbzGtMB8GA1UdIwQY
MBaAFIGucN/UMFJzb+hfANKYTON2t26zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2E1dzM5UXdVbk52NkY4QTBwaE00M2EzYnJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS82ZWExNmMtYjkyZi00MDQxLWE1MDgt
YmI1ODkzYTZhYzkxLzEvU2JxcGtPcHNZUlE2MHBWZGROSzczdGx2TWEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS82ZWExNmMtYjkyZi00MDQxLWE1MDgtYmI1ODkzYTZhYzkx
LzEvZ2E1dzM5UXdVbk52NkY4QTBwaE00M2EzYnJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCOI
MA0GCSqGSIb3DQEBCwUAA4IBAQAftebujPGNS+BALPLKdSypPcuMz0zDB2JTu+vJ
o7GyDAC+iYV0wxPNFmDkcVDH7aqRvYIk50iiuKZsbWozfX7eFHpAE0WHr3J1bApc
T/j8To/i8NdWlsRU4kX3K4z0WM0eScHLIeA9rO+rpq5nF3eA/+O2VDrKZB1F2Gul
lM3tJXFFv7sSneqMLH8K/hZRB3XUGOuGRWGP26OEa+6W8OYouR7Eo5vSQJqXOG7k
kJouXhWZ01jwvMRDaiDfzIDB/yz2MpfchEiKckdC5mu47gSSzzCGhmVAa/Yq544t
fYhoPlBHCZy8aDCvHh+JTJ1dXehNNLDun3c60D5YAJT7500T
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:01:40 2024 by rpki-client on console.sobornost.net