Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/3f5ea4-1868-4a0b-9218-87e9f21b418b/1/z6mbCLpD_XG0u9rL0w1LYHsfnyo.roa
File: z6mbCLpD_XG0u9rL0w1LYHsfnyo.roa (raw, json)
Hash identifier: DMHye0AKRLPQFQOkwO9I1FaHwooUa7qOhUgRaynsu9w=
Subject key identifier: CF:A9:9B:08:BA:43:FD:71:B4:BB:DA:CB:D3:0D:4B:60:7B:1F:9F:2A
Certificate issuer: /CN=3b604ec0cfee966c419b3a6d5f082b563c1868bd
Certificate serial: 01860C6332F465ADEE4B5202A560A809C83D
Authority key identifier: 3B:60:4E:C0:CF:EE:96:6C:41:9B:3A:6D:5F:08:2B:56:3C:18:68:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O2BOwM_ulmxBmzptXwgrVjwYaL0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/3f5ea4-1868-4a0b-9218-87e9f21b418b/1/z6mbCLpD_XG0u9rL0w1LYHsfnyo.roa
Signing time: Wed 01 Feb 2023 09:51:13 +0000
ROA not before: Wed 01 Feb 2023 09:51:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212900
IP address blocks: 2001:67c:abc::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0c:63:32:f4:65:ad:ee:4b:52:02:a5:60:a8:09:c8:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b604ec0cfee966c419b3a6d5f082b563c1868bd
Validity
Not Before: Feb 1 09:51:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cfa99b08ba43fd71b4bbdacbd30d4b607b1f9f2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:05:77:54:46:04:29:49:40:4a:6d:46:6c:5e:
7d:1e:7f:28:3e:ce:66:6a:49:3a:d0:f3:ee:ea:a7:
18:cd:c8:88:4b:d1:c3:8b:01:b3:01:76:4d:38:c5:
af:69:c1:c9:3a:ba:83:7c:89:3f:2a:97:b6:f7:52:
fa:bf:ed:ec:61:43:fe:36:a5:1d:84:d4:db:40:0c:
6d:1a:8f:94:47:0c:af:91:3f:73:54:0f:8f:ea:62:
47:56:d9:85:dc:2e:74:1c:52:2f:93:5f:cc:d3:d3:
b9:93:a2:d0:19:e3:ff:fd:68:36:7e:e2:ae:4b:62:
d0:f9:8c:71:68:c4:94:99:97:ff:ed:60:d7:bb:20:
87:b1:bf:7c:6e:ec:f4:bf:07:37:57:92:55:46:c7:
db:ca:20:f2:47:fb:17:ee:f1:cf:8d:62:3a:12:22:
93:c8:c7:97:d7:0c:6d:97:e1:39:fe:d3:8b:a7:01:
76:ee:00:1c:00:ab:74:ae:b3:9e:83:1f:bc:e7:10:
30:c2:50:10:e4:e3:17:76:f6:9c:b4:19:67:21:ba:
52:17:5a:77:ea:22:cd:70:ef:4d:d9:fa:88:b7:3f:
db:ce:c4:51:24:0b:86:c1:01:f6:d4:72:b2:90:35:
e2:f9:08:4f:6a:be:c9:b3:8d:bb:57:74:b1:3c:1e:
cb:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:A9:9B:08:BA:43:FD:71:B4:BB:DA:CB:D3:0D:4B:60:7B:1F:9F:2A
X509v3 Authority Key Identifier:
keyid:3B:60:4E:C0:CF:EE:96:6C:41:9B:3A:6D:5F:08:2B:56:3C:18:68:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O2BOwM_ulmxBmzptXwgrVjwYaL0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/3f5ea4-1868-4a0b-9218-87e9f21b418b/1/z6mbCLpD_XG0u9rL0w1LYHsfnyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/3f5ea4-1868-4a0b-9218-87e9f21b418b/1/O2BOwM_ulmxBmzptXwgrVjwYaL0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:abc::/48
Signature Algorithm: sha256WithRSAEncryption
6f:21:31:73:89:b8:56:c2:28:af:ad:64:31:1f:b5:f4:4e:32:
7f:9c:fe:ed:6a:eb:24:bd:2c:e2:2f:5b:53:97:49:be:1d:8c:
97:96:c4:32:72:f5:6e:06:fc:61:73:15:6d:ee:9f:89:c4:c3:
04:3f:c4:7a:a5:aa:4a:e2:2f:0e:d9:4a:b5:6a:6e:45:ad:34:
4a:a8:44:86:50:6f:6a:ec:8d:e2:9a:7d:8a:60:8e:c2:6b:39:
26:df:e0:0f:27:5f:9d:cb:0f:7b:9a:47:e3:61:94:ec:7e:ed:
bf:5b:31:3f:25:c0:e0:24:97:9b:4d:94:f2:01:9c:d7:55:5b:
70:b2:37:6b:c4:a7:f1:78:e1:71:fa:ce:91:8e:5c:f6:a5:f6:
ca:1f:f8:c1:11:23:47:1c:be:e5:8a:ca:2f:01:5c:9e:48:3f:
fa:1a:82:61:f6:c0:f4:b5:8c:84:2c:dd:fd:8b:9a:1a:d5:76:
8d:92:7f:1d:01:6f:e8:7e:9f:1d:bb:3f:73:e5:11:d6:c8:19:
0e:7a:81:8e:71:32:b3:fa:b9:62:06:c5:67:61:56:3a:ed:06:
2e:00:a7:6a:a5:06:2c:36:b2:03:75:d8:99:d4:67:0b:41:a7:
5f:e0:13:84:39:c8:b5:dd:84:18:03:08:2b:c5:9e:f1:27:d9:
4f:62:d9:48
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYYMYzL0Za3uS1ICpWCoCcg9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNjA0ZWMwY2ZlZTk2NmM0MTliM2E2ZDVmMDgyYjU2M2Mx
ODY4YmQwHhcNMjMwMjAxMDk1MTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmE5OWIwOGJhNDNmZDcxYjRiYmRhY2JkMzBkNGI2MDdiMWY5ZjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAV3VEYEKUlASm1GbF59Hn8oPs5m
akk60PPu6qcYzciIS9HDiwGzAXZNOMWvacHJOrqDfIk/Kpe291L6v+3sYUP+NqUd
hNTbQAxtGo+URwyvkT9zVA+P6mJHVtmF3C50HFIvk1/M09O5k6LQGeP//Wg2fuKu
S2LQ+YxxaMSUmZf/7WDXuyCHsb98buz0vwc3V5JVRsfbyiDyR/sX7vHPjWI6EiKT
yMeX1wxtl+E5/tOLpwF27gAcAKt0rrOegx+85xAwwlAQ5OMXdvactBlnIbpSF1p3
6iLNcO9N2fqItz/bzsRRJAuGwQH21HKykDXi+QhPar7Js427V3SxPB7LQwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFM+pmwi6Q/1xtLvay9MNS2B7H58qMB8GA1UdIwQY
MBaAFDtgTsDP7pZsQZs6bV8IK1Y8GGi9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzJCT3dNX3VsbXhCbXpwdFh3Z3JWandZYUwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8zZjVlYTQtMTg2OC00YTBiLTkyMTgt
ODdlOWYyMWI0MThiLzEvejZtYkNMcERfWEcwdTlyTDB3MUxZSHNmbnlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8zZjVlYTQtMTg2OC00YTBiLTkyMTgtODdlOWYyMWI0MThi
LzEvTzJCT3dNX3VsbXhCbXpwdFh3Z3JWandZYUwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAq8
MA0GCSqGSIb3DQEBCwUAA4IBAQBvITFzibhWwiivrWQxH7X0TjJ/nP7tauskvSzi
L1tTl0m+HYyXlsQycvVuBvxhcxVt7p+JxMMEP8R6papK4i8O2Uq1am5FrTRKqESG
UG9q7I3imn2KYI7Cazkm3+APJ1+dyw97mkfjYZTsfu2/WzE/JcDgJJebTZTyAZzX
VVtwsjdrxKfxeOFx+s6Rjlz2pfbKH/jBESNHHL7lisovAVyeSD/6GoJh9sD0tYyE
LN39i5oa1XaNkn8dAW/ofp8duz9z5RHWyBkOeoGOcTKz+rliBsVnYVY67QYuAKdq
pQYsNrIDddiZ1GcLQadf4BOEOci13YQYAwgrxZ7xJ9lPYtlI
-----END CERTIFICATE-----
Generated at Tue Jan 2 02:56:31 2024 by rpki-client on console.sobornost.net