Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/43cd98-6f8a-44cf-95bd-420f9c8eafa4/1/xwYkgYnCHWOnjOV_3-lBOE85IM4.roa
File: xwYkgYnCHWOnjOV_3-lBOE85IM4.roa (raw, json)
Hash identifier: HZtSLPJmhMy6j5BUJZsdYj1NMKnZbnVRRyS0RjL7CG0=
Subject key identifier: C7:06:24:81:89:C2:1D:63:A7:8C:E5:7F:DF:E9:41:38:4F:39:20:CE
Certificate issuer: /CN=0268b930beeca51fbf3543fe79f9b19345cf13d5
Certificate serial: 01868218EEB4AF9F8A1A4301A76D95856DB6
Authority key identifier: 02:68:B9:30:BE:EC:A5:1F:BF:35:43:FE:79:F9:B1:93:45:CF:13:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ami5ML7spR-_NUP-efmxk0XPE9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/43cd98-6f8a-44cf-95bd-420f9c8eafa4/1/xwYkgYnCHWOnjOV_3-lBOE85IM4.roa
Signing time: Fri 24 Feb 2023 06:25:17 +0000
ROA not before: Fri 24 Feb 2023 06:25:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204091
IP address blocks: 2a13:3700:30::/44 maxlen: 44
2a13:3700:20::/44 maxlen: 44
2a13:3700:10::/44 maxlen: 44
2a13:3700::/44 maxlen: 44
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:82:18:ee:b4:af:9f:8a:1a:43:01:a7:6d:95:85:6d:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0268b930beeca51fbf3543fe79f9b19345cf13d5
Validity
Not Before: Feb 24 06:25:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c706248189c21d63a78ce57fdfe941384f3920ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:dd:e4:e2:a5:65:a5:65:20:fe:54:be:92:49:
11:1e:76:84:a1:31:7f:2e:31:85:52:9a:13:a5:d8:
c6:00:1a:ba:0d:db:cd:31:ee:ee:2f:88:7f:98:72:
99:a3:f6:28:56:01:ae:44:e9:67:69:0e:3a:1e:03:
48:c6:30:19:a4:95:1a:ca:c4:b5:a8:20:e1:fe:7c:
95:37:90:e1:56:9d:7a:2d:43:26:2c:59:ba:70:26:
06:d8:29:9b:05:ee:af:c1:c5:96:27:f8:c6:07:22:
5b:7b:fe:6b:92:e1:a8:47:3e:22:f2:be:c6:e8:75:
99:9e:59:2b:de:40:07:77:e3:e7:9e:ef:84:25:3c:
bc:71:af:af:f3:36:68:e8:de:8e:c5:13:e5:4e:75:
7e:93:65:7a:c7:c6:f3:2f:a4:cc:94:9f:76:76:71:
7d:0c:9b:03:e6:f1:05:e4:e0:7e:8a:8e:41:81:36:
9f:7c:25:9d:50:bf:58:3d:78:89:e7:16:86:63:72:
b6:47:ba:0f:f9:08:a2:40:68:ab:2e:fa:9b:88:7d:
ae:f4:74:3e:4d:29:f2:20:4d:8f:25:94:9a:d4:44:
27:d4:89:36:86:77:43:c2:ac:33:2a:2b:eb:bc:7e:
fc:7a:1d:51:f2:fc:7b:29:fe:3f:2e:8f:b7:86:55:
d7:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:06:24:81:89:C2:1D:63:A7:8C:E5:7F:DF:E9:41:38:4F:39:20:CE
X509v3 Authority Key Identifier:
keyid:02:68:B9:30:BE:EC:A5:1F:BF:35:43:FE:79:F9:B1:93:45:CF:13:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ami5ML7spR-_NUP-efmxk0XPE9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/43cd98-6f8a-44cf-95bd-420f9c8eafa4/1/xwYkgYnCHWOnjOV_3-lBOE85IM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/43cd98-6f8a-44cf-95bd-420f9c8eafa4/1/Ami5ML7spR-_NUP-efmxk0XPE9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:3700::/42
Signature Algorithm: sha256WithRSAEncryption
6a:a3:f8:31:5e:7e:4f:1f:c2:c3:41:d3:35:31:a3:f6:ef:ea:
27:83:ff:a7:c8:cf:19:be:36:e6:10:68:80:78:13:03:43:59:
e0:99:16:93:3a:32:90:0a:a3:d1:0c:52:6e:88:dd:c0:31:f7:
36:60:6e:b2:52:fd:77:f2:cd:76:92:1d:49:a3:52:60:13:94:
4b:88:11:06:f7:d2:9c:b3:65:d3:a9:01:3c:8b:3f:ee:10:b3:
29:a6:81:24:23:b0:ec:fc:67:1d:91:91:20:0d:bc:1b:14:59:
7e:6c:07:57:42:4d:51:a5:10:d7:d5:36:08:68:21:03:ef:f1:
94:78:08:2f:3f:1c:57:7d:b9:09:44:bd:de:03:70:72:38:9f:
a8:85:99:bd:46:30:f6:d9:c4:85:e8:35:6f:3b:67:cd:b0:2e:
5a:47:aa:da:79:fb:06:79:c3:ba:50:c9:f3:93:12:21:0e:3e:
45:82:1a:9e:76:82:b5:36:34:bb:dc:cd:77:ad:b1:eb:52:ba:
a1:67:a2:fe:18:69:cc:cc:af:23:f4:6d:a0:21:e7:05:36:3f:
a1:94:00:e7:3a:67:5b:ae:7d:32:24:8d:85:b1:72:b5:ef:1d:
6f:a5:a0:0e:c6:25:61:51:c1:7c:ce:09:87:6c:49:28:a9:73:
c7:82:50:11
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYaCGO60r5+KGkMBp22VhW22MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNjhiOTMwYmVlY2E1MWZiZjM1NDNmZTc5ZjliMTkzNDVj
ZjEzZDUwHhcNMjMwMjI0MDYyNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzA2MjQ4MTg5YzIxZDYzYTc4Y2U1N2ZkZmU5NDEzODRmMzkyMGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz93k4qVlpWUg/lS+kkkRHnaEoTF/
LjGFUpoTpdjGABq6DdvNMe7uL4h/mHKZo/YoVgGuROlnaQ46HgNIxjAZpJUaysS1
qCDh/nyVN5DhVp16LUMmLFm6cCYG2CmbBe6vwcWWJ/jGByJbe/5rkuGoRz4i8r7G
6HWZnlkr3kAHd+Pnnu+EJTy8ca+v8zZo6N6OxRPlTnV+k2V6x8bzL6TMlJ92dnF9
DJsD5vEF5OB+io5BgTaffCWdUL9YPXiJ5xaGY3K2R7oP+QiiQGirLvqbiH2u9HQ+
TSnyIE2PJZSa1EQn1Ik2hndDwqwzKivrvH78eh1R8vx7Kf4/Lo+3hlXXeQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMcGJIGJwh1jp4zlf9/pQThPOSDOMB8GA1UdIwQY
MBaAFAJouTC+7KUfvzVD/nn5sZNFzxPVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW1pNU1MN3NwUi1fTlVQLWVmbXhrMFhQRTlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi80M2NkOTgtNmY4YS00NGNmLTk1YmQt
NDIwZjljOGVhZmE0LzEveHdZa2dZbkNIV09uak9WXzMtbEJPRTg1SU00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi80M2NkOTgtNmY4YS00NGNmLTk1YmQtNDIwZjljOGVhZmE0
LzEvQW1pNU1MN3NwUi1fTlVQLWVmbXhrMFhQRTlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcGKhM3AAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBqo/gxXn5PH8LDQdM1MaP27+ong/+nyM8Zvjbm
EGiAeBMDQ1ngmRaTOjKQCqPRDFJuiN3AMfc2YG6yUv138s12kh1Jo1JgE5RLiBEG
99Kcs2XTqQE8iz/uELMppoEkI7Ds/GcdkZEgDbwbFFl+bAdXQk1RpRDX1TYIaCED
7/GUeAgvPxxXfbkJRL3eA3ByOJ+ohZm9RjD22cSF6DVvO2fNsC5aR6raefsGecO6
UMnzkxIhDj5FghqedoK1NjS73M13rbHrUrqhZ6L+GGnMzK8j9G2gIecFNj+hlADn
Omdbrn0yJI2FsXK17x1vpaAOxiVhUcF8zgmHbEkoqXPHglAR
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:12 2024 by rpki-client on console.sobornost.net