Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/AyS3myOu98T4aWqLxkWUxloOPic.roa
File: AyS3myOu98T4aWqLxkWUxloOPic.roa (raw, json)
Hash identifier: 2eHFeS0PRcCML2CKM8mNaaC+kvTmJwj0b7mt1a7V028=
Subject key identifier: 03:24:B7:9B:23:AE:F7:C4:F8:69:6A:8B:C6:45:94:C6:5A:0E:3E:27
Certificate issuer: /CN=4776afb74fad5baf0a6180b49510d8b8497df8d3
Certificate serial: 018571DE8CD32F8A8892F6AAAA05486FAAD5
Authority key identifier: 47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/AyS3myOu98T4aWqLxkWUxloOPic.roa
Signing time: Mon 02 Jan 2023 09:44:48 +0000
ROA not before: Mon 02 Jan 2023 09:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212222
IP address blocks: 2a04:2b00:14cc::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:8c:d3:2f:8a:88:92:f6:aa:aa:05:48:6f:aa:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4776afb74fad5baf0a6180b49510d8b8497df8d3
Validity
Not Before: Jan 2 09:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0324b79b23aef7c4f8696a8bc64594c65a0e3e27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:1e:2d:d4:ee:22:db:2b:86:28:ab:83:f0:5d:
86:49:e7:c6:65:c7:36:04:09:4c:3f:38:d8:3f:8f:
93:0d:88:f9:ac:1e:41:c4:cc:b5:1e:d1:ac:e6:5d:
3b:d3:a3:fc:06:f6:4c:74:cf:39:78:9a:59:10:17:
61:82:6b:af:6f:35:c4:a0:80:6d:46:c5:9c:3e:77:
43:c3:71:1a:f5:7e:87:d1:32:a0:64:02:32:da:d2:
70:19:e2:2c:96:52:e5:f3:07:ff:68:eb:ea:b8:cd:
57:43:bf:3c:c4:1d:59:8a:1e:4e:c8:55:87:86:f9:
70:46:39:1b:de:96:a3:14:ef:fa:04:28:48:6a:83:
d2:5e:4b:fb:4a:98:3b:30:2e:ea:96:b4:3e:c8:b6:
e5:8f:bf:12:e0:ab:f8:c6:78:0e:44:1c:86:17:fa:
b4:7f:75:25:a5:8f:87:fa:30:b5:9d:da:bf:83:a8:
94:3e:7d:f8:4e:b2:1b:4b:08:eb:3a:8d:8f:41:37:
37:b2:26:b2:ab:2b:10:d3:b2:f0:e3:86:90:30:e0:
af:5b:b1:77:95:0d:ae:99:45:12:ca:8a:e8:2c:a8:
d2:88:d4:46:0a:6f:e6:07:a4:91:c2:df:d0:ca:d7:
90:21:2c:28:a5:5f:76:0e:32:19:68:df:83:b4:93:
ae:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:24:B7:9B:23:AE:F7:C4:F8:69:6A:8B:C6:45:94:C6:5A:0E:3E:27
X509v3 Authority Key Identifier:
keyid:47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/AyS3myOu98T4aWqLxkWUxloOPic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/R3avt0-tW68KYYC0lRDYuEl9-NM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:2b00:14cc::/48
Signature Algorithm: sha256WithRSAEncryption
37:0f:33:16:83:41:78:7f:d8:3d:12:e5:88:0d:2c:c9:d2:d5:
6f:d2:21:f9:e1:ba:c8:83:34:83:16:c9:b2:cc:fa:e4:36:d0:
c3:77:34:df:64:c5:b8:01:ed:5b:3d:a0:74:7e:62:e7:f8:eb:
9d:86:94:97:50:8e:c9:37:7d:cf:d0:0d:b5:02:c3:04:61:19:
b1:b6:d3:f6:97:d9:b8:32:ef:0a:32:b4:dd:12:5d:40:d5:0b:
7e:a5:f1:4b:36:1b:14:3f:66:93:a6:f6:0a:44:29:70:e7:42:
a2:ee:3a:25:98:0d:a1:8d:91:4d:98:ec:cc:cd:81:f0:2e:81:
f7:59:dc:8d:98:fd:78:2f:ff:a4:e6:1b:28:b2:96:ab:25:10:
66:31:ec:63:85:a4:99:0c:0c:72:57:60:2a:79:eb:1a:f9:aa:
47:d6:6b:4e:c0:3d:ed:17:b3:ae:39:07:bc:fa:00:c5:db:bd:
d3:98:fa:65:7a:9d:86:e4:d6:34:bd:e4:bd:26:85:a3:aa:09:
62:53:4c:4f:8c:87:9f:7e:5a:98:3e:a8:6a:16:05:61:38:d0:
3e:6d:c0:57:af:6c:16:d4:89:54:79:43:94:d4:d0:98:1b:22:
c2:40:db:2b:a8:96:89:16:ac:87:66:2a:66:0a:f1:af:41:59:
65:f2:8a:f5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVx3ozTL4qIkvaqqgVIb6rVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NzZhZmI3NGZhZDViYWYwYTYxODBiNDk1MTBkOGI4NDk3
ZGY4ZDMwHhcNMjMwMTAyMDk0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzI0Yjc5YjIzYWVmN2M0Zjg2OTZhOGJjNjQ1OTRjNjVhMGUzZTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAih4t1O4i2yuGKKuD8F2GSefGZcc2
BAlMPzjYP4+TDYj5rB5BxMy1HtGs5l0706P8BvZMdM85eJpZEBdhgmuvbzXEoIBt
RsWcPndDw3Ea9X6H0TKgZAIy2tJwGeIsllLl8wf/aOvquM1XQ788xB1Zih5OyFWH
hvlwRjkb3pajFO/6BChIaoPSXkv7Spg7MC7qlrQ+yLblj78S4Kv4xngORByGF/q0
f3UlpY+H+jC1ndq/g6iUPn34TrIbSwjrOo2PQTc3siayqysQ07Lw44aQMOCvW7F3
lQ2umUUSyoroLKjSiNRGCm/mB6SRwt/QyteQISwopV92DjIZaN+DtJOu6QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAMkt5sjrvfE+Glqi8ZFlMZaDj4nMB8GA1UdIwQY
MBaAFEd2r7dPrVuvCmGAtJUQ2LhJffjTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjNhdnQwLXRXNjhLWVlDMGxSRFl1RWw5LU5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9mNzFjYzItYjcxZC00NjY4LTg2NjEt
MDUzOGU5NWYzZjEyLzEvQXlTM215T3U5OFQ0YVdxTHhrV1V4bG9PUGljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9mNzFjYzItYjcxZC00NjY4LTg2NjEtMDUzOGU5NWYzZjEy
LzEvUjNhdnQwLXRXNjhLWVlDMGxSRFl1RWw5LU5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgQrABTM
MA0GCSqGSIb3DQEBCwUAA4IBAQA3DzMWg0F4f9g9EuWIDSzJ0tVv0iH54brIgzSD
FsmyzPrkNtDDdzTfZMW4Ae1bPaB0fmLn+OudhpSXUI7JN33P0A21AsMEYRmxttP2
l9m4Mu8KMrTdEl1A1Qt+pfFLNhsUP2aTpvYKRClw50Ki7jolmA2hjZFNmOzMzYHw
LoH3WdyNmP14L/+k5hsosparJRBmMexjhaSZDAxyV2Aqeesa+apH1mtOwD3tF7Ou
OQe8+gDF273TmPplep2G5NY0veS9JoWjqgliU0xPjIefflqYPqhqFgVhONA+bcBX
r2wW1IlUeUOU1NCYGyLCQNsrqJaJFqyHZipmCvGvQVll8or1
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:02:40 2024 by rpki-client on console.sobornost.net