Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/9ca8b2-5ec8-4d2a-b994-c4c94b88071b/1/dh7wsCxmPuRPGkJrlzHOZi6xdfY.roa
File: dh7wsCxmPuRPGkJrlzHOZi6xdfY.roa (raw, json)
Hash identifier: A3Q6NVSrpdHyNsppKIzipTqS81t0KdhudD2ldwASOgA=
Subject key identifier: 76:1E:F0:B0:2C:66:3E:E4:4F:1A:42:6B:97:31:CE:66:2E:B1:75:F6
Certificate issuer: /CN=16a321215a4d35ed2298b073971db408864fd362
Certificate serial: 01856F798C36C0DC5773CC2A3EB24137F2FA
Authority key identifier: 16:A3:21:21:5A:4D:35:ED:22:98:B0:73:97:1D:B4:08:86:4F:D3:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FqMhIVpNNe0imLBzlx20CIZP02I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/9ca8b2-5ec8-4d2a-b994-c4c94b88071b/1/dh7wsCxmPuRPGkJrlzHOZi6xdfY.roa
Signing time: Sun 01 Jan 2023 22:35:14 +0000
ROA not before: Sun 01 Jan 2023 22:35:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212704
IP address blocks: 2001:678:4d8::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:8c:36:c0:dc:57:73:cc:2a:3e:b2:41:37:f2:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16a321215a4d35ed2298b073971db408864fd362
Validity
Not Before: Jan 1 22:35:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=761ef0b02c663ee44f1a426b9731ce662eb175f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:2d:20:28:47:ee:fc:cb:5a:c9:4d:4d:ef:be:
1e:f3:53:1f:aa:6a:2a:b5:c8:a8:25:49:d8:91:bb:
14:7b:d9:c0:7b:f7:d5:15:7f:59:9f:74:35:61:24:
e5:a8:c2:bb:5a:04:a0:d8:d3:64:ac:8d:ab:5b:0c:
d9:2f:c4:3d:be:26:34:d0:37:34:92:00:71:b4:1f:
84:d4:b1:1b:2e:71:08:22:66:cf:c3:38:95:c5:34:
65:c4:85:7b:41:70:d2:c8:26:47:3a:ac:c5:33:05:
46:85:cf:fc:79:4b:38:c9:73:a4:44:f8:1d:d2:8d:
41:ac:4f:7b:0e:da:e9:e5:2c:ce:3b:3e:d3:df:66:
f8:46:cd:a8:1b:ed:76:e0:f4:d0:ed:63:43:b7:b3:
19:aa:73:da:58:dd:68:8d:72:e0:65:b7:45:c7:9a:
ed:1a:5d:4d:28:61:44:5a:f0:04:e6:69:f7:8b:0d:
55:bb:b4:97:68:49:85:1b:c8:dc:40:0d:e9:f0:21:
7f:7a:ec:25:e4:60:e3:f1:84:6e:a9:30:42:56:e4:
c4:20:0e:ac:c2:83:8c:b2:82:4d:69:85:43:8d:b1:
cb:a3:bd:26:4e:e6:de:c1:93:10:5f:1a:f1:99:63:
e5:50:ed:c3:c0:fa:4c:bb:c3:f3:b6:50:af:92:72:
e6:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:1E:F0:B0:2C:66:3E:E4:4F:1A:42:6B:97:31:CE:66:2E:B1:75:F6
X509v3 Authority Key Identifier:
keyid:16:A3:21:21:5A:4D:35:ED:22:98:B0:73:97:1D:B4:08:86:4F:D3:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FqMhIVpNNe0imLBzlx20CIZP02I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/9ca8b2-5ec8-4d2a-b994-c4c94b88071b/1/dh7wsCxmPuRPGkJrlzHOZi6xdfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/9ca8b2-5ec8-4d2a-b994-c4c94b88071b/1/FqMhIVpNNe0imLBzlx20CIZP02I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:4d8::/48
Signature Algorithm: sha256WithRSAEncryption
55:ba:5e:bd:40:de:f9:11:4b:97:fb:b3:37:29:9a:da:aa:39:
d4:70:a5:20:3c:29:60:bb:1a:e6:e2:4f:f7:51:aa:da:30:05:
bb:94:83:34:51:04:11:28:fd:63:f6:ec:6b:fa:d9:9f:92:29:
08:5c:19:b9:10:5d:2b:b3:28:3e:7c:90:a5:05:f9:5c:84:f5:
75:ac:a5:c8:e5:26:f2:e6:92:04:8e:70:47:e9:93:06:f6:c1:
3d:4c:ff:32:6c:ad:1b:f9:fe:5c:76:07:50:34:b5:92:12:3d:
c0:ff:e3:b1:70:da:7d:14:66:6b:0a:bf:f2:9f:d5:3e:20:8d:
aa:c3:22:57:d4:d4:d3:86:69:b9:35:77:67:64:0d:a0:fe:f5:
b8:8f:a3:42:87:88:ec:3f:d0:d8:86:d0:d9:17:20:4e:e7:1c:
dd:b1:8e:83:74:fd:19:3d:f2:ea:5c:f8:35:2e:81:b9:21:54:
2b:21:9c:83:c8:56:93:fe:44:a1:a6:18:5e:76:25:65:d2:92:
c3:4a:e3:bf:93:67:25:fd:9f:7a:78:38:f5:bc:bc:63:3a:de:
c2:31:da:02:f6:7b:57:75:76:58:8b:75:27:c4:fc:d1:3a:c3:
0b:c1:40:09:b9:66:11:93:be:da:bf:24:92:72:6a:3c:65:d6:
7c:df:05:38
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVveYw2wNxXc8wqPrJBN/L6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2YTMyMTIxNWE0ZDM1ZWQyMjk4YjA3Mzk3MWRiNDA4ODY0
ZmQzNjIwHhcNMjMwMTAxMjIzNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjFlZjBiMDJjNjYzZWU0NGYxYTQyNmI5NzMxY2U2NjJlYjE3NWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhC0gKEfu/MtayU1N774e81Mfqmoq
tcioJUnYkbsUe9nAe/fVFX9Zn3Q1YSTlqMK7WgSg2NNkrI2rWwzZL8Q9viY00Dc0
kgBxtB+E1LEbLnEIImbPwziVxTRlxIV7QXDSyCZHOqzFMwVGhc/8eUs4yXOkRPgd
0o1BrE97Dtrp5SzOOz7T32b4Rs2oG+124PTQ7WNDt7MZqnPaWN1ojXLgZbdFx5rt
Gl1NKGFEWvAE5mn3iw1Vu7SXaEmFG8jcQA3p8CF/euwl5GDj8YRuqTBCVuTEIA6s
woOMsoJNaYVDjbHLo70mTubewZMQXxrxmWPlUO3DwPpMu8PztlCvknLmawIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHYe8LAsZj7kTxpCa5cxzmYusXX2MB8GA1UdIwQY
MBaAFBajISFaTTXtIpiwc5cdtAiGT9NiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnFNaElWcE5OZTBpbUxCemx4MjBDSVpQMDJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi85Y2E4YjItNWVjOC00ZDJhLWI5OTQt
YzRjOTRiODgwNzFiLzEvZGg3d3NDeG1QdVJQR2tKcmx6SE9aaTZ4ZGZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi85Y2E4YjItNWVjOC00ZDJhLWI5OTQtYzRjOTRiODgwNzFi
LzEvRnFNaElWcE5OZTBpbUxCemx4MjBDSVpQMDJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeATY
MA0GCSqGSIb3DQEBCwUAA4IBAQBVul69QN75EUuX+7M3KZraqjnUcKUgPClguxrm
4k/3UaraMAW7lIM0UQQRKP1j9uxr+tmfkikIXBm5EF0rsyg+fJClBflchPV1rKXI
5Sby5pIEjnBH6ZMG9sE9TP8ybK0b+f5cdgdQNLWSEj3A/+OxcNp9FGZrCr/yn9U+
II2qwyJX1NTThmm5NXdnZA2g/vW4j6NCh4jsP9DYhtDZFyBO5xzdsY6DdP0ZPfLq
XPg1LoG5IVQrIZyDyFaT/kShphhediVl0pLDSuO/k2cl/Z96eDj1vLxjOt7CMdoC
9ntXdXZYi3UnxPzROsMLwUAJuWYRk77avySScmo8ZdZ83wU4
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:18:09 2024 by rpki-client on console.sobornost.net