Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/7wRSH2dB4AN9K_rzJq4P9wg14bg.roa
File: 7wRSH2dB4AN9K_rzJq4P9wg14bg.roa (raw, json)
Hash identifier: Aq8K5f8XTYcGS31qegoLUsW8EVMh77ZCQJiaaAdDHtE=
Subject key identifier: EF:04:52:1F:67:41:E0:03:7D:2B:FA:F3:26:AE:0F:F7:08:35:E1:B8
Certificate issuer: /CN=dbd4f8e4762377f86b07a8753f6e98f6f4b6b792
Certificate serial: 01856F9DB0040B22AF36F920DCD216928A07
Authority key identifier: DB:D4:F8:E4:76:23:77:F8:6B:07:A8:75:3F:6E:98:F6:F4:B6:B7:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/7wRSH2dB4AN9K_rzJq4P9wg14bg.roa
Signing time: Sun 01 Jan 2023 23:14:43 +0000
ROA not before: Sun 01 Jan 2023 23:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3209
IP address blocks: 2a02:45c0:17::/48 maxlen: 48
2a02:45c0:16::/48 maxlen: 48
2a02:45c0:14::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:b0:04:0b:22:af:36:f9:20:dc:d2:16:92:8a:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbd4f8e4762377f86b07a8753f6e98f6f4b6b792
Validity
Not Before: Jan 1 23:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef04521f6741e0037d2bfaf326ae0ff70835e1b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b8:3f:5e:a3:8a:f4:63:37:cc:c9:2b:69:00:
3c:7c:93:49:3e:61:27:ff:30:af:6b:af:e6:90:42:
49:05:4d:71:03:cd:f0:c2:22:df:89:73:af:ba:9c:
19:3d:fe:36:69:7b:59:f0:15:3b:6a:5d:e4:1d:49:
ec:83:80:5f:d6:ab:8b:12:86:f4:0d:f7:48:74:43:
93:26:bc:95:b7:aa:3b:ef:d2:d6:d0:79:80:dc:52:
dc:db:cf:00:c7:09:70:0e:0e:80:87:70:53:29:d9:
55:b5:b2:73:8f:fb:25:03:08:88:75:14:93:65:7d:
f6:9f:34:d9:3d:af:a4:de:c8:b4:36:e3:26:fb:2b:
15:39:c4:d2:57:98:63:a0:5e:d4:1e:56:13:7c:88:
49:77:a7:82:fc:71:82:c2:0e:66:73:d4:1e:6c:74:
13:d7:6e:fe:fd:6a:e6:49:5b:99:1f:6b:41:15:09:
37:8c:4f:38:16:2c:ca:4f:99:14:41:fa:a5:e1:4c:
e1:60:64:ba:39:54:3f:06:72:c0:3e:5a:bf:b7:98:
fa:ba:49:b9:c5:a7:df:aa:f7:d3:c5:29:50:06:0b:
f5:16:4c:29:cf:36:56:3b:2f:cf:80:ac:fb:42:d8:
60:e7:c1:64:45:fa:fe:d1:8f:26:6a:a5:21:0c:6b:
5a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:04:52:1F:67:41:E0:03:7D:2B:FA:F3:26:AE:0F:F7:08:35:E1:B8
X509v3 Authority Key Identifier:
keyid:DB:D4:F8:E4:76:23:77:F8:6B:07:A8:75:3F:6E:98:F6:F4:B6:B7:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/7wRSH2dB4AN9K_rzJq4P9wg14bg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/29T45HYjd_hrB6h1P26Y9vS2t5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:45c0:14::/48
2a02:45c0:16::/47
Signature Algorithm: sha256WithRSAEncryption
a7:69:45:f7:a8:96:16:62:6d:a1:41:08:fb:c2:38:27:60:70:
56:ca:90:37:e2:4a:0b:6d:00:29:37:d2:16:3a:e2:66:bc:d3:
91:ea:01:89:92:7d:a1:d2:91:84:5a:ac:e2:e0:53:e5:56:7b:
d5:62:ef:10:ef:dd:ac:e7:66:b6:54:52:fb:48:e9:8c:c1:d5:
ba:11:e3:5a:10:90:05:c9:85:e1:6e:29:ca:02:2b:4e:f1:6c:
4a:5f:82:9d:a5:22:c6:78:bf:d2:4c:07:2a:d1:1a:51:d7:c2:
64:90:33:19:bf:71:56:04:77:b8:e1:b6:47:fc:00:5b:c9:42:
66:aa:a9:ec:4a:83:fb:0f:39:5a:ae:f2:4d:dc:9c:76:84:f2:
2e:cc:df:37:c4:b9:f3:d3:75:35:be:db:24:be:18:36:ed:19:
fb:49:31:dd:4b:3d:b5:05:7e:ab:22:85:f7:91:42:2f:1b:be:
fa:c8:84:bb:e8:3b:c2:ce:49:62:9c:93:f6:71:a8:d8:ad:a1:
11:c5:97:8c:f2:47:7a:86:7f:d0:36:33:7c:f8:9c:f6:28:07:
9e:e0:ce:90:ef:e5:1b:09:70:7d:cb:90:42:9e:ed:2e:6d:7a:
5f:d4:9c:ae:88:95:94:90:29:f7:75:79:69:00:fe:62:24:35:
41:e0:8d:9a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvnbAECyKvNvkg3NIWkooHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDRmOGU0NzYyMzc3Zjg2YjA3YTg3NTNmNmU5OGY2ZjRi
NmI3OTIwHhcNMjMwMTAxMjMxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjA0NTIxZjY3NDFlMDAzN2QyYmZhZjMyNmFlMGZmNzA4MzVlMWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurg/XqOK9GM3zMkraQA8fJNJPmEn
/zCva6/mkEJJBU1xA83wwiLfiXOvupwZPf42aXtZ8BU7al3kHUnsg4Bf1quLEob0
DfdIdEOTJryVt6o779LW0HmA3FLc288AxwlwDg6Ah3BTKdlVtbJzj/slAwiIdRST
ZX32nzTZPa+k3si0NuMm+ysVOcTSV5hjoF7UHlYTfIhJd6eC/HGCwg5mc9QebHQT
127+/WrmSVuZH2tBFQk3jE84FizKT5kUQfql4UzhYGS6OVQ/BnLAPlq/t5j6ukm5
xaffqvfTxSlQBgv1FkwpzzZWOy/PgKz7Qthg58FkRfr+0Y8maqUhDGtarQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFO8EUh9nQeADfSv68yauD/cINeG4MB8GA1UdIwQY
MBaAFNvU+OR2I3f4aweodT9umPb0treSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlUNDVIWWpkX2hyQjZoMVAyNlk5dlMydDVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9kM2Y2NWQtYWZhYi00ZDI4LWI0NmUt
NjIwYTc5Y2Y3OTJiLzEvN3dSU0gyZEI0QU45S19yekpxNFA5d2cxNGJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9kM2Y2NWQtYWZhYi00ZDI4LWI0NmUtNjIwYTc5Y2Y3OTJi
LzEvMjlUNDVIWWpkX2hyQjZoMVAyNlk5dlMydDVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgJFwAAU
AwcBKgJFwAAWMA0GCSqGSIb3DQEBCwUAA4IBAQCnaUX3qJYWYm2hQQj7wjgnYHBW
ypA34koLbQApN9IWOuJmvNOR6gGJkn2h0pGEWqzi4FPlVnvVYu8Q792s52a2VFL7
SOmMwdW6EeNaEJAFyYXhbinKAitO8WxKX4KdpSLGeL/STAcq0RpR18JkkDMZv3FW
BHe44bZH/ABbyUJmqqnsSoP7DzlarvJN3Jx2hPIuzN83xLnz03U1vtskvhg27Rn7
STHdSz21BX6rIoX3kUIvG776yIS76DvCzklinJP2cajYraERxZeM8kd6hn/QNjN8
+Jz2KAee4M6Q7+UbCXB9y5BCnu0ubXpf1JyuiJWUkCn3dXlpAP5iJDVB4I2a
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:09:57 2024 by rpki-client on console.sobornost.net