Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/IsqXr4Ds63lljwxNZ10qpUKZYwo.roa
File: IsqXr4Ds63lljwxNZ10qpUKZYwo.roa (raw, json)
Hash identifier: /BPS0udwNSVwrdeIPYATumBbMMCxICrlbXqf388JhJE=
Subject key identifier: 22:CA:97:AF:80:EC:EB:79:65:8F:0C:4D:67:5D:2A:A5:42:99:63:0A
Certificate issuer: /CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Certificate serial: 0185708C8FB478D3DA1140AE7406A6D5124B
Authority key identifier: 3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/IsqXr4Ds63lljwxNZ10qpUKZYwo.roa
Signing time: Mon 02 Jan 2023 03:35:38 +0000
ROA not before: Mon 02 Jan 2023 03:35:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3301
IP address blocks: 2001:2044::/32 maxlen: 32
2001:2040::/32 maxlen: 32
2001:2042::/31 maxlen: 31
2001:2001:9000::/40 maxlen: 40
2001:2001:4000::/36 maxlen: 36
2001:2090::/31 maxlen: 31
2001:2000:9000::/40 maxlen: 40
2001:2000:4000::/40 maxlen: 40
2001:2000::/48 maxlen: 48
2001:2040:c010::/48 maxlen: 48
2001:2040:c010::/47 maxlen: 47
2001:2002::/32 maxlen: 32
2001:2040:c011::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:8f:b4:78:d3:da:11:40:ae:74:06:a6:d5:12:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Validity
Not Before: Jan 2 03:35:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22ca97af80eceb79658f0c4d675d2aa54299630a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:5d:41:2f:7f:10:d6:c1:0d:be:9c:3f:04:e3:
c6:3f:7e:de:1f:92:77:90:49:28:72:83:43:5c:d9:
3e:5f:55:68:60:d3:4d:0a:11:5a:7e:8b:df:2a:15:
98:fb:34:b5:d3:5f:0e:40:26:3d:c2:50:7f:3c:5e:
41:0e:f9:b1:9e:89:1b:73:bd:91:ea:fe:b6:76:33:
02:00:a8:f8:58:2b:44:8e:dc:bb:0f:df:9a:45:36:
b3:49:65:86:14:d2:6b:ae:01:7b:42:17:e3:d5:ad:
f2:c6:b6:6a:3a:f5:36:b4:68:3a:f4:ff:f3:ef:a4:
3e:15:23:34:97:9d:a3:b3:d3:61:4f:34:02:3e:04:
a9:6f:b5:8a:2e:41:28:1b:5f:10:a5:97:cd:25:98:
2e:f5:02:69:2e:33:3c:f9:66:d5:f2:7b:d8:3c:bd:
d9:9f:03:58:db:33:73:8a:a1:fc:ec:57:61:cb:09:
e9:55:8f:0d:cd:7d:58:17:84:b6:2b:15:79:60:b6:
23:1d:49:6d:9c:42:2e:fb:8c:4f:a3:2a:87:e4:b5:
a7:a1:07:dd:53:f3:7f:9b:49:34:ab:38:ce:8c:6e:
e7:d9:27:28:39:7d:19:b9:8e:ac:91:a4:10:1d:73:
e1:66:20:de:4e:b6:a1:43:ec:fd:6e:a8:a4:bd:a2:
53:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:CA:97:AF:80:EC:EB:79:65:8F:0C:4D:67:5D:2A:A5:42:99:63:0A
X509v3 Authority Key Identifier:
keyid:3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/IsqXr4Ds63lljwxNZ10qpUKZYwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:2000::/48
2001:2000:4000::/40
2001:2000:9000::/40
2001:2001:4000::/36
2001:2001:9000::/40
2001:2002::/32
2001:2040::/32
2001:2042::-2001:2044:ffff:ffff:ffff:ffff:ffff:ffff
2001:2090::/31
Signature Algorithm: sha256WithRSAEncryption
7d:ec:4d:ff:7c:7d:27:6b:15:12:c0:65:ac:2f:a3:26:1f:f2:
e2:3e:b6:fc:80:d4:57:6f:fb:b5:56:1a:63:ab:b7:4d:a7:f6:
ef:d8:19:e6:0c:8d:72:d6:cc:c4:39:ba:85:c0:1f:40:72:b6:
c8:9d:ff:06:17:d9:ea:3e:57:fd:83:ea:7c:b8:38:de:97:69:
ae:ba:6b:8e:91:3e:9c:05:8d:f8:f3:4c:e3:b0:f7:6b:db:c7:
b7:e7:a5:fa:83:14:3b:1a:50:e8:7f:78:ec:28:7e:69:83:ae:
e8:b8:07:4e:64:d0:5f:59:8e:6e:ef:3c:f8:f2:ff:2f:b1:fe:
20:13:32:47:57:5c:15:b7:1e:ec:da:82:15:f4:5f:ff:52:f6:
14:98:3f:c5:be:3a:71:30:c3:4e:30:fc:ae:79:ce:d8:49:f7:
96:f0:d2:08:a2:38:16:22:40:70:32:e7:c3:86:0f:84:9e:8b:
48:32:aa:bb:c0:bf:da:40:c3:6c:38:54:05:43:80:7c:ed:e1:
88:47:e0:04:31:a0:a3:14:fb:5e:6c:ff:5b:9a:86:b8:6b:02:
1b:ba:93:07:3c:d5:20:9b:e6:67:6d:df:1e:73:c9:74:af:6a:
b9:6a:32:20:e6:37:e9:da:c4:f4:d9:95:21:24:91:e5:61:d9:
34:87:85:c9
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYVwjI+0eNPaEUCudAam1RJLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYTViMWMwOWFhMzFmNjcxM2M2MWIzMmU1NTgxMDllNDc5
NjZkNDIwHhcNMjMwMTAyMDMzNTM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmNhOTdhZjgwZWNlYjc5NjU4ZjBjNGQ2NzVkMmFhNTQyOTk2MzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkF1BL38Q1sENvpw/BOPGP37eH5J3
kEkocoNDXNk+X1VoYNNNChFafovfKhWY+zS1018OQCY9wlB/PF5BDvmxnokbc72R
6v62djMCAKj4WCtEjty7D9+aRTazSWWGFNJrrgF7Qhfj1a3yxrZqOvU2tGg69P/z
76Q+FSM0l52js9NhTzQCPgSpb7WKLkEoG18QpZfNJZgu9QJpLjM8+WbV8nvYPL3Z
nwNY2zNziqH87FdhywnpVY8NzX1YF4S2KxV5YLYjHUltnEIu+4xPoyqH5LWnoQfd
U/N/m0k0qzjOjG7n2ScoOX0ZuY6skaQQHXPhZiDeTrahQ+z9bqikvaJTtQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFCLKl6+A7Ot5ZY8MTWddKqVCmWMKMB8GA1UdIwQY
MBaAFDulscCaox9nE8YbMuVYEJ5Hlm1CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQt
NDY2ZTljYWI3ODY0LzEvSXNxWHI0RHM2M2xsand4TloxMHFwVUtaWXdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQtNDY2ZTljYWI3ODY0
LzEvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAAjBOAwcAIAEgAAAA
AwYAIAEgAEADBgAgASAAkAMGBCABIAFAAwYAIAEgAZADBQAgASACAwUAIAEgQDAO
AwUBIAEgQgMFACABIEQDBQEgASCQMA0GCSqGSIb3DQEBCwUAA4IBAQB97E3/fH0n
axUSwGWsL6MmH/LiPrb8gNRXb/u1Vhpjq7dNp/bv2BnmDI1y1szEObqFwB9AcrbI
nf8GF9nqPlf9g+p8uDjel2muumuOkT6cBY3480zjsPdr28e356X6gxQ7GlDof3js
KH5pg67ouAdOZNBfWY5u7zz48v8vsf4gEzJHV1wVtx7s2oIV9F//UvYUmD/Fvjpx
MMNOMPyuec7YSfeW8NIIojgWIkBwMufDhg+EnotIMqq7wL/aQMNsOFQFQ4B87eGI
R+AEMaCjFPtebP9bmoa4awIbupMHPNUgm+Znbd8ec8l0r2q5ajIg5jfp2sT02ZUh
JJHlYdk0h4XJ
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:04 2023 by rpki-client on console.sobornost.net