Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/73f739-81b8-4511-81a1-b3a1680320ad/1/2vdQVoj5j7xNveNgTqzWYX35_XY.roa
File: 2vdQVoj5j7xNveNgTqzWYX35_XY.roa (raw, json)
Hash identifier: BJheptWWnfnZVzn0eJ6V2AXgXTUBk1aQPW86jEgDFiE=
Subject key identifier: DA:F7:50:56:88:F9:8F:BC:4D:BD:E3:60:4E:AC:D6:61:7D:F9:FD:76
Certificate issuer: /CN=2f0bf1060af93917dafb569a80ccec9db08a76c5
Certificate serial: 0185728C918C3BA121C4569A9BDFAE557934
Authority key identifier: 2F:0B:F1:06:0A:F9:39:17:DA:FB:56:9A:80:CC:EC:9D:B0:8A:76:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LwvxBgr5ORfa-1aagMzsnbCKdsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/73f739-81b8-4511-81a1-b3a1680320ad/1/2vdQVoj5j7xNveNgTqzWYX35_XY.roa
Signing time: Mon 02 Jan 2023 12:54:52 +0000
ROA not before: Mon 02 Jan 2023 12:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211722
IP address blocks: 2001:67c:2970::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:91:8c:3b:a1:21:c4:56:9a:9b:df:ae:55:79:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f0bf1060af93917dafb569a80ccec9db08a76c5
Validity
Not Before: Jan 2 12:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=daf7505688f98fbc4dbde3604eacd6617df9fd76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:7e:ea:bc:d8:45:d4:8e:cd:51:f2:35:2e:ae:
1a:7c:c2:37:0f:78:67:03:23:c2:ea:c4:c7:97:2d:
a0:53:eb:bd:fc:7d:2e:9e:21:65:1a:53:18:57:a2:
53:dd:16:8f:00:5b:67:f1:56:28:77:9d:97:0c:df:
7a:d0:0a:d3:d6:58:cb:f2:50:af:f8:75:eb:f6:fe:
c1:12:60:31:49:ed:70:bb:64:2a:5f:67:31:ed:7a:
d9:a2:a1:fa:17:b2:5a:31:ef:d8:d4:ec:1a:b2:43:
d7:1a:c5:ad:62:c5:d8:9c:7f:f7:1e:bd:26:13:9a:
76:85:d8:44:07:18:f7:29:2b:88:ee:09:96:f4:7e:
a2:96:be:df:68:55:a7:78:8b:cb:31:94:61:0d:a4:
c4:2d:ce:08:ff:b8:a8:3f:c1:a3:67:0e:03:fd:61:
b1:ce:4e:0b:15:bf:6d:a6:85:50:54:b4:d2:a8:21:
60:c2:69:f4:b6:5a:c7:c6:cd:5a:d7:67:d0:a9:99:
58:ce:a3:20:5f:3d:0e:55:cb:ea:ff:de:93:a1:4f:
51:03:06:00:ea:b2:cb:2d:6a:a6:9f:09:c3:71:c0:
e1:e8:3f:de:19:c3:d5:41:8c:be:c1:8a:db:e2:6f:
c2:c6:fb:a9:59:3b:2b:fe:7d:54:6e:03:db:d6:02:
2c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:F7:50:56:88:F9:8F:BC:4D:BD:E3:60:4E:AC:D6:61:7D:F9:FD:76
X509v3 Authority Key Identifier:
keyid:2F:0B:F1:06:0A:F9:39:17:DA:FB:56:9A:80:CC:EC:9D:B0:8A:76:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LwvxBgr5ORfa-1aagMzsnbCKdsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/73f739-81b8-4511-81a1-b3a1680320ad/1/2vdQVoj5j7xNveNgTqzWYX35_XY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/73f739-81b8-4511-81a1-b3a1680320ad/1/LwvxBgr5ORfa-1aagMzsnbCKdsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2970::/48
Signature Algorithm: sha256WithRSAEncryption
90:27:3c:03:d0:a4:c2:ed:91:a6:e5:c5:2e:61:95:da:b4:e1:
24:1d:36:fd:11:61:8b:be:a1:3d:8f:1a:9e:6e:1e:92:51:be:
6a:20:26:28:64:4d:22:1a:e7:b6:cf:da:cc:a8:2f:ad:46:37:
49:b7:8d:e9:d1:f0:69:5e:6e:4f:d9:cc:55:34:d8:11:c6:40:
47:0c:47:f8:cb:b7:61:34:52:f7:21:a3:84:b3:11:8a:0e:ab:
af:4a:5b:64:ca:cc:7c:c4:37:ee:f5:e7:ae:e2:e9:14:7d:f7:
30:85:80:be:4f:77:2f:16:82:71:af:25:de:1f:ae:d5:74:3d:
f6:86:43:35:84:c0:e6:00:a2:88:1f:d3:47:37:c3:07:37:79:
df:24:b1:53:e6:fd:b3:31:f6:4c:67:c4:03:8d:80:a7:04:c4:
86:21:93:c9:92:46:f8:8b:0f:19:ad:11:cb:d6:62:41:63:df:
ba:d4:cc:77:5b:d8:77:c2:cb:14:e9:8c:0c:b3:d4:29:ec:88:
13:13:84:77:76:e2:69:d0:cc:f8:e8:36:07:e2:f1:a8:32:ff:
ae:e1:6f:43:7c:8c:32:d5:d0:80:54:81:64:85:1e:9c:7b:03:
67:8b:e9:d5:36:ff:35:b6:b1:59:8e:43:b1:50:11:dd:f7:86:
c5:1d:61:cc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyjJGMO6EhxFaam9+uVXk0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMGJmMTA2MGFmOTM5MTdkYWZiNTY5YTgwY2NlYzlkYjA4
YTc2YzUwHhcNMjMwMTAyMTI1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWY3NTA1Njg4Zjk4ZmJjNGRiZGUzNjA0ZWFjZDY2MTdkZjlmZDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp37qvNhF1I7NUfI1Lq4afMI3D3hn
AyPC6sTHly2gU+u9/H0uniFlGlMYV6JT3RaPAFtn8VYod52XDN960ArT1ljL8lCv
+HXr9v7BEmAxSe1wu2QqX2cx7XrZoqH6F7JaMe/Y1OwaskPXGsWtYsXYnH/3Hr0m
E5p2hdhEBxj3KSuI7gmW9H6ilr7faFWneIvLMZRhDaTELc4I/7ioP8GjZw4D/WGx
zk4LFb9tpoVQVLTSqCFgwmn0tlrHxs1a12fQqZlYzqMgXz0OVcvq/96ToU9RAwYA
6rLLLWqmnwnDccDh6D/eGcPVQYy+wYrb4m/CxvupWTsr/n1UbgPb1gIsjQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNr3UFaI+Y+8Tb3jYE6s1mF9+f12MB8GA1UdIwQY
MBaAFC8L8QYK+TkX2vtWmoDM7J2winbFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHd2eEJncjVPUmZhLTFhYWdNenNuYkNLZHNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83M2Y3MzktODFiOC00NTExLTgxYTEt
YjNhMTY4MDMyMGFkLzEvMnZkUVZvajVqN3hOdmVOZ1RxeldZWDM1X1hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83M2Y3MzktODFiOC00NTExLTgxYTEtYjNhMTY4MDMyMGFk
LzEvTHd2eEJncjVPUmZhLTFhYWdNenNuYkNLZHNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfClw
MA0GCSqGSIb3DQEBCwUAA4IBAQCQJzwD0KTC7ZGm5cUuYZXatOEkHTb9EWGLvqE9
jxqebh6SUb5qICYoZE0iGue2z9rMqC+tRjdJt43p0fBpXm5P2cxVNNgRxkBHDEf4
y7dhNFL3IaOEsxGKDquvSltkysx8xDfu9eeu4ukUffcwhYC+T3cvFoJxryXeH67V
dD32hkM1hMDmAKKIH9NHN8MHN3nfJLFT5v2zMfZMZ8QDjYCnBMSGIZPJkkb4iw8Z
rRHL1mJBY9+61Mx3W9h3wssU6YwMs9Qp7IgTE4R3duJp0Mz46DYH4vGoMv+u4W9D
fIwy1dCAVIFkhR6cewNni+nVNv81trFZjkOxUBHd94bFHWHM
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:30:56 2024 by rpki-client on console.sobornost.net