Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/48157e-d4f8-4f2d-b96d-2d6d56d9ff4e/1/xYizl-ykaqY6rksvvdbVRKvOxIg.roa
File: xYizl-ykaqY6rksvvdbVRKvOxIg.roa (raw, json)
Hash identifier: aiZ7EkzR/JJlnAekey4R6Gmwsa3+LlD8ADmqnlWSZ18=
Subject key identifier: C5:88:B3:97:EC:A4:6A:A6:3A:AE:4B:2F:BD:D6:D5:44:AB:CE:C4:88
Certificate issuer: /CN=83dce373c18b940a978390b272700279b32fee3a
Certificate serial: 01856E2685FBFBBCA5FDC9FD3EC91B9B789A
Authority key identifier: 83:DC:E3:73:C1:8B:94:0A:97:83:90:B2:72:70:02:79:B3:2F:EE:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g9zjc8GLlAqXg5CycnACebMv7jo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/48157e-d4f8-4f2d-b96d-2d6d56d9ff4e/1/xYizl-ykaqY6rksvvdbVRKvOxIg.roa
Signing time: Sun 01 Jan 2023 16:24:56 +0000
ROA not before: Sun 01 Jan 2023 16:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207910
IP address blocks: 2001:678:984::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:85:fb:fb:bc:a5:fd:c9:fd:3e:c9:1b:9b:78:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83dce373c18b940a978390b272700279b32fee3a
Validity
Not Before: Jan 1 16:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c588b397eca46aa63aae4b2fbdd6d544abcec488
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:bc:8f:93:70:6b:69:27:fd:c9:9f:a7:1f:12:
94:f4:25:44:1f:b9:a5:54:cb:a7:1a:5d:84:be:85:
a8:58:eb:df:e1:b5:31:8e:b6:f3:00:2e:cb:92:b0:
a9:a9:fa:d9:aa:78:dd:09:b6:ee:6e:f2:4a:db:fc:
2d:48:b7:17:fa:2e:47:ec:6c:7b:7c:18:d9:7b:0c:
11:07:40:7d:eb:c7:f7:0f:15:8f:fd:d1:76:c4:f3:
49:52:79:9b:2b:32:19:ec:f9:f8:7c:89:46:f4:d3:
c1:43:fa:bc:eb:65:23:34:39:f6:42:0f:3c:88:28:
00:24:a8:b2:56:6c:96:11:41:45:0a:ca:7b:aa:b0:
e6:57:74:8b:dc:a9:95:7f:fc:3f:09:6b:90:82:c4:
b4:9c:77:ff:25:8e:85:1a:f1:20:4b:5e:d3:8c:e9:
bc:01:23:f6:84:84:e7:cd:7d:e3:64:9a:bb:60:f1:
88:25:3d:ce:8e:1c:b6:5c:54:27:01:c8:2f:0c:a8:
27:1b:4c:7e:ec:6e:80:69:33:4d:0e:10:bb:aa:6c:
7b:eb:b0:4e:e9:5b:1b:03:c8:52:22:48:9f:a9:fe:
11:3d:c4:76:c9:a4:0d:68:8f:13:b8:63:d3:a4:8f:
70:27:20:c8:4a:c9:c5:0e:24:65:6e:0a:83:f8:b0:
64:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:88:B3:97:EC:A4:6A:A6:3A:AE:4B:2F:BD:D6:D5:44:AB:CE:C4:88
X509v3 Authority Key Identifier:
keyid:83:DC:E3:73:C1:8B:94:0A:97:83:90:B2:72:70:02:79:B3:2F:EE:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g9zjc8GLlAqXg5CycnACebMv7jo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/48157e-d4f8-4f2d-b96d-2d6d56d9ff4e/1/xYizl-ykaqY6rksvvdbVRKvOxIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/48157e-d4f8-4f2d-b96d-2d6d56d9ff4e/1/g9zjc8GLlAqXg5CycnACebMv7jo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:984::/48
Signature Algorithm: sha256WithRSAEncryption
8b:d4:c7:63:cf:65:50:f0:34:e5:71:3a:07:bd:a8:69:bf:2b:
57:90:47:7f:47:bd:e7:3b:c8:5a:18:ba:b9:69:6d:01:68:69:
e8:dd:db:54:35:5d:0b:32:5e:5f:d7:ff:f4:dd:71:04:73:94:
42:f5:7e:a4:57:27:7a:9a:31:01:bb:23:37:f8:02:dd:fa:49:
52:cb:65:0a:ba:89:2a:04:1f:48:68:e4:e5:1c:28:eb:b2:5c:
25:2f:9d:65:0c:55:d2:1a:12:5f:df:ec:60:3e:1d:01:2d:58:
6c:31:53:00:05:e1:a6:e7:64:51:09:17:14:b0:21:a2:b8:c9:
bd:55:a6:20:ac:d8:80:f6:61:a5:05:5d:5b:5a:5f:43:70:56:
c2:72:ad:db:a1:e2:f2:c4:e5:c9:fe:f1:00:60:b5:87:31:3c:
2a:68:3f:39:a4:81:74:b5:58:2b:4d:f4:ce:e7:db:03:a5:2e:
09:02:1e:e5:bb:10:98:ac:12:77:bd:53:a0:de:b3:02:11:f4:
fa:04:be:c3:d7:64:b0:81:62:ba:68:90:56:f5:e4:61:03:57:
15:b2:5a:d4:84:40:1f:ad:a2:87:18:66:95:4e:49:fd:ab:cc:
66:09:51:ce:53:e2:e8:ec:47:92:73:88:a7:b9:c5:a7:17:c1:
50:a8:7e:e7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVuJoX7+7yl/cn9Pskbm3iaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZGNlMzczYzE4Yjk0MGE5NzgzOTBiMjcyNzAwMjc5YjMy
ZmVlM2EwHhcNMjMwMTAxMTYyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTg4YjM5N2VjYTQ2YWE2M2FhZTRiMmZiZGQ2ZDU0NGFiY2VjNDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqryPk3BraSf9yZ+nHxKU9CVEH7ml
VMunGl2EvoWoWOvf4bUxjrbzAC7LkrCpqfrZqnjdCbbubvJK2/wtSLcX+i5H7Gx7
fBjZewwRB0B968f3DxWP/dF2xPNJUnmbKzIZ7Pn4fIlG9NPBQ/q862UjNDn2Qg88
iCgAJKiyVmyWEUFFCsp7qrDmV3SL3KmVf/w/CWuQgsS0nHf/JY6FGvEgS17TjOm8
ASP2hITnzX3jZJq7YPGIJT3Ojhy2XFQnAcgvDKgnG0x+7G6AaTNNDhC7qmx767BO
6VsbA8hSIkifqf4RPcR2yaQNaI8TuGPTpI9wJyDISsnFDiRlbgqD+LBkBwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMWIs5fspGqmOq5LL73W1USrzsSIMB8GA1UdIwQY
MBaAFIPc43PBi5QKl4OQsnJwAnmzL+46MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzl6amM4R0xsQXFYZzVDeWNuQUNlYk12N2pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC80ODE1N2UtZDRmOC00ZjJkLWI5NmQt
MmQ2ZDU2ZDlmZjRlLzEveFlpemwteWthcVk2cmtzdnZkYlZSS3ZPeElnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC80ODE1N2UtZDRmOC00ZjJkLWI5NmQtMmQ2ZDU2ZDlmZjRl
LzEvZzl6amM4R0xsQXFYZzVDeWNuQUNlYk12N2pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAmE
MA0GCSqGSIb3DQEBCwUAA4IBAQCL1Mdjz2VQ8DTlcToHvahpvytXkEd/R73nO8ha
GLq5aW0BaGno3dtUNV0LMl5f1//03XEEc5RC9X6kVyd6mjEBuyM3+ALd+klSy2UK
uokqBB9IaOTlHCjrslwlL51lDFXSGhJf3+xgPh0BLVhsMVMABeGm52RRCRcUsCGi
uMm9VaYgrNiA9mGlBV1bWl9DcFbCcq3boeLyxOXJ/vEAYLWHMTwqaD85pIF0tVgr
TfTO59sDpS4JAh7luxCYrBJ3vVOg3rMCEfT6BL7D12SwgWK6aJBW9eRhA1cVslrU
hEAfraKHGGaVTkn9q8xmCVHOU+Lo7EeSc4inucWnF8FQqH7n
-----END CERTIFICATE-----
Generated at Mon Jan 1 07:05:09 2024 by rpki-client on console.sobornost.net