Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/2f45cf-1eb2-4339-ad33-c0566af62e98/1/W3YAprVqDT6fjJix02JRcOn6xNA.roa
File: W3YAprVqDT6fjJix02JRcOn6xNA.roa (raw, json)
Hash identifier: IIjkezImTeF+S8kiGkeQs2WXpGOsJiIpr7tDNe8ixPE=
Subject key identifier: 5B:76:00:A6:B5:6A:0D:3E:9F:8C:98:B1:D3:62:51:70:E9:FA:C4:D0
Certificate issuer: /CN=70f8b2dbb03cecc4f214564709149614c48d7085
Certificate serial: 018572CCD1CBCCBFAE0C6A0AA5114722F7F5
Authority key identifier: 70:F8:B2:DB:B0:3C:EC:C4:F2:14:56:47:09:14:96:14:C4:8D:70:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cPiy27A87MTyFFZHCRSWFMSNcIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/2f45cf-1eb2-4339-ad33-c0566af62e98/1/W3YAprVqDT6fjJix02JRcOn6xNA.roa
Signing time: Mon 02 Jan 2023 14:05:03 +0000
ROA not before: Mon 02 Jan 2023 14:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22773
IP address blocks: 2a12:d880::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:d1:cb:cc:bf:ae:0c:6a:0a:a5:11:47:22:f7:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70f8b2dbb03cecc4f214564709149614c48d7085
Validity
Not Before: Jan 2 14:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5b7600a6b56a0d3e9f8c98b1d3625170e9fac4d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:6c:c4:c6:e1:b0:92:4c:7f:29:c6:70:59:7e:
4e:98:dc:4f:a9:7f:e1:e7:2e:e9:a4:bb:23:e2:11:
aa:39:db:7b:4c:41:78:37:76:03:f4:75:ce:23:40:
53:7d:fc:a4:ea:70:d7:19:27:a3:19:ca:03:86:5d:
e3:7a:a4:35:c3:da:4b:e3:87:b2:86:03:1c:aa:7a:
d2:03:c2:96:dc:2c:f3:4c:da:a0:48:f3:d0:f1:76:
aa:6d:ae:a1:eb:19:fb:d8:8f:83:82:6c:36:a0:e7:
b7:40:f6:cc:cc:ae:dc:c0:79:52:e2:79:3e:2a:ea:
88:91:c8:9c:df:a9:ce:81:e7:97:22:23:67:77:e9:
38:04:03:79:ca:19:b4:4c:b1:52:07:9b:45:bc:ff:
be:25:3c:d4:5e:c9:8e:a0:e7:b4:ef:d0:90:22:ff:
dc:a3:ec:bb:3c:b4:2f:84:a4:c7:e1:74:7a:a5:45:
83:55:81:88:7f:60:ab:fb:98:a4:56:48:1b:b8:3a:
dd:b1:22:00:98:7d:95:9e:b0:ea:7a:51:be:7d:fd:
90:de:26:91:23:a5:bd:8b:f6:7f:1c:21:61:1f:80:
a8:d5:cc:14:82:f7:c3:8b:c4:42:45:e4:97:f5:d4:
4c:78:e7:01:29:0b:7b:24:eb:4d:a2:48:f5:70:d8:
e8:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:76:00:A6:B5:6A:0D:3E:9F:8C:98:B1:D3:62:51:70:E9:FA:C4:D0
X509v3 Authority Key Identifier:
keyid:70:F8:B2:DB:B0:3C:EC:C4:F2:14:56:47:09:14:96:14:C4:8D:70:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cPiy27A87MTyFFZHCRSWFMSNcIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/2f45cf-1eb2-4339-ad33-c0566af62e98/1/W3YAprVqDT6fjJix02JRcOn6xNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/2f45cf-1eb2-4339-ad33-c0566af62e98/1/cPiy27A87MTyFFZHCRSWFMSNcIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:d880::/29
Signature Algorithm: sha256WithRSAEncryption
d2:79:cd:87:63:1e:99:fe:28:10:5e:34:ee:57:5a:b0:7d:40:
e7:ee:bd:82:17:a1:1f:87:90:8c:12:0e:7f:0a:f1:61:ce:41:
44:e8:42:2c:02:59:64:a3:81:9a:47:90:82:b3:69:8b:96:12:
03:c5:5c:31:d1:5a:df:96:85:0c:9a:22:2d:9b:75:1a:bc:a5:
80:f8:ca:15:6c:1e:01:1b:fa:0f:b0:c4:09:bd:ff:2c:26:51:
10:32:8a:e9:d5:64:80:b4:1a:33:d7:07:0e:ea:ff:2c:0a:20:
13:69:82:a3:4b:05:c0:e0:af:66:18:47:03:df:77:e9:15:5a:
54:de:cf:bd:e0:a8:2b:fb:a3:ef:b5:98:c7:d7:5d:9c:cc:01:
ea:17:8a:e9:c1:e9:5c:32:76:00:0e:da:31:e3:ca:9e:75:0d:
80:b4:5a:8d:17:84:a7:cd:36:22:e9:7e:b8:23:f7:a8:41:72:
47:d9:1a:51:08:a3:5c:5c:63:57:5d:68:d1:8e:cb:42:9c:6b:
4d:4a:a0:e6:b6:96:af:3e:91:39:a5:6f:ea:db:aa:ec:fd:ab:
b7:f8:3e:e5:01:55:d5:6d:5f:f9:72:3b:96:d2:57:ce:c9:33:
ba:9e:b2:6d:f4:35:26:96:9d:69:b4:18:e2:0a:6b:09:8a:15:
5f:26:00:5c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVyzNHLzL+uDGoKpRFHIvf1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZjhiMmRiYjAzY2VjYzRmMjE0NTY0NzA5MTQ5NjE0YzQ4
ZDcwODUwHhcNMjMwMTAyMTQwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yjc2MDBhNmI1NmEwZDNlOWY4Yzk4YjFkMzYyNTE3MGU5ZmFjNGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2zExuGwkkx/KcZwWX5OmNxPqX/h
5y7ppLsj4hGqOdt7TEF4N3YD9HXOI0BTffyk6nDXGSejGcoDhl3jeqQ1w9pL44ey
hgMcqnrSA8KW3CzzTNqgSPPQ8Xaqba6h6xn72I+Dgmw2oOe3QPbMzK7cwHlS4nk+
KuqIkcic36nOgeeXIiNnd+k4BAN5yhm0TLFSB5tFvP++JTzUXsmOoOe079CQIv/c
o+y7PLQvhKTH4XR6pUWDVYGIf2Cr+5ikVkgbuDrdsSIAmH2VnrDqelG+ff2Q3iaR
I6W9i/Z/HCFhH4Co1cwUgvfDi8RCReSX9dRMeOcBKQt7JOtNokj1cNjoswIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFt2AKa1ag0+n4yYsdNiUXDp+sTQMB8GA1UdIwQY
MBaAFHD4stuwPOzE8hRWRwkUlhTEjXCFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1BpeTI3QTg3TVR5RkZaSENSU1dGTVNOY0lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8yZjQ1Y2YtMWViMi00MzM5LWFkMzMt
YzA1NjZhZjYyZTk4LzEvVzNZQXByVnFEVDZmakppeDAySlJjT242eE5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8yZjQ1Y2YtMWViMi00MzM5LWFkMzMtYzA1NjZhZjYyZTk4
LzEvY1BpeTI3QTg3TVR5RkZaSENSU1dGTVNOY0lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhLYgDAN
BgkqhkiG9w0BAQsFAAOCAQEA0nnNh2Memf4oEF407ldasH1A5+69ghehH4eQjBIO
fwrxYc5BROhCLAJZZKOBmkeQgrNpi5YSA8VcMdFa35aFDJoiLZt1GrylgPjKFWwe
ARv6D7DECb3/LCZREDKK6dVkgLQaM9cHDur/LAogE2mCo0sFwOCvZhhHA9936RVa
VN7PveCoK/uj77WYx9ddnMwB6heK6cHpXDJ2AA7aMePKnnUNgLRajReEp802Iul+
uCP3qEFyR9kaUQijXFxjV11o0Y7LQpxrTUqg5raWrz6ROaVv6tuq7P2rt/g+5QFV
1W1f+XI7ltJXzskzup6ybfQ1JpadabQY4gprCYoVXyYAXA==
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:17:08 2024 by rpki-client on console.sobornost.net