Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/rHivIxCx2tvxUJIFZZOTk6OEIIM.roa
File: rHivIxCx2tvxUJIFZZOTk6OEIIM.roa (raw, json)
Hash identifier: OR+raBd/d1BqrqjR18z4LzA/JYsW3UaMRpe6w6dVfgU=
Subject key identifier: AC:78:AF:23:10:B1:DA:DB:F1:50:92:05:65:93:93:93:A3:84:20:83
Certificate issuer: /CN=d5354321c1254360145eaf25f69938b8df347b31
Certificate serial: 01856FB122E955C67838EFD52374FD980027
Authority key identifier: D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/rHivIxCx2tvxUJIFZZOTk6OEIIM.roa
Signing time: Sun 01 Jan 2023 23:35:57 +0000
ROA not before: Sun 01 Jan 2023 23:35:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48732
IP address blocks: 2a11:601:d000::/36 maxlen: 36
2a11:601:f000::/36 maxlen: 36
2a11:600:150::/48 maxlen: 48
2a11:600:151::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:b1:22:e9:55:c6:78:38:ef:d5:23:74:fd:98:00:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5354321c1254360145eaf25f69938b8df347b31
Validity
Not Before: Jan 1 23:35:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac78af2310b1dadbf150920565939393a3842083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:4d:29:50:ca:39:30:b0:d3:fb:87:d4:4c:f4:
5b:c4:d3:02:da:af:17:57:3c:9d:6b:0d:36:7d:67:
42:b8:c7:fa:8b:5b:9d:e5:98:da:c4:eb:e1:da:4f:
be:d7:de:a0:d6:be:22:c6:5b:a7:bd:8c:85:b1:30:
97:21:96:42:6e:d6:a7:b8:af:30:6b:fd:4e:ff:4d:
23:69:f7:d2:86:ab:4d:26:38:10:9c:86:15:a1:a3:
c6:42:4d:fa:49:1a:2b:a2:d2:f3:b7:1a:99:2b:9e:
58:02:e7:17:2c:15:70:ad:9b:fb:16:49:69:54:8d:
07:ef:58:f4:91:87:f1:b9:7a:52:85:ac:5e:0f:2e:
64:e2:6c:49:de:cb:34:84:42:ec:53:3f:cc:fa:a8:
4a:69:e3:23:e7:c5:02:f8:74:5c:ec:87:d8:50:eb:
1c:da:49:9c:90:46:64:32:09:59:dd:39:0c:a9:bd:
81:4d:d2:4b:02:39:ff:20:e1:cf:db:56:91:a6:4e:
33:d3:71:6e:d9:76:9e:99:19:c7:01:7c:5e:4f:79:
98:e3:81:66:7f:91:6e:49:d8:83:2b:e4:22:02:7f:
cf:0e:de:58:03:65:46:93:c7:e4:d3:d3:42:4f:c8:
e7:ee:24:d8:43:de:23:c5:c7:69:9c:20:a1:be:75:
fa:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:78:AF:23:10:B1:DA:DB:F1:50:92:05:65:93:93:93:A3:84:20:83
X509v3 Authority Key Identifier:
keyid:D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/rHivIxCx2tvxUJIFZZOTk6OEIIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:600:150::/47
2a11:601:d000::/36
2a11:601:f000::/36
Signature Algorithm: sha256WithRSAEncryption
47:70:da:67:89:f7:90:80:34:57:6e:c3:c0:f8:72:aa:7e:cf:
2f:6c:a8:bd:a3:e4:31:0a:6d:e1:03:ee:08:e3:b6:08:49:f5:
9e:6a:9c:3e:1a:03:fb:56:ca:e7:74:b9:04:57:6e:2d:b3:bd:
c2:3e:c7:97:57:b4:0f:3b:2f:0a:a5:cb:3f:41:36:f5:70:73:
95:f7:a2:8b:fb:e2:5d:19:e4:4d:1e:25:76:c7:ce:92:1a:2a:
ab:b6:04:02:6b:86:9e:3e:52:d3:d6:5b:57:95:64:a3:57:d1:
10:c5:2d:f3:98:8e:01:28:ef:05:44:2d:27:a1:be:c6:30:22:
d7:e2:42:9b:1e:d1:5e:db:d7:a5:b1:e7:cc:2d:d9:96:d5:be:
ba:e7:33:08:42:7a:48:f8:3f:c0:ae:cc:4a:5f:95:75:61:2f:
2c:08:af:52:27:00:79:10:d7:02:08:76:0e:96:88:7a:1b:16:
f4:49:3b:f4:09:b6:21:6a:71:b0:82:9c:de:ef:30:f4:ea:56:
67:91:a5:28:16:52:bf:61:46:2c:af:4a:ac:d5:e7:a2:a8:d6:
c0:b6:f7:ea:e7:74:77:50:a1:19:18:22:1a:b7:f8:0b:13:33:
dd:ac:9a:e3:35:90:1d:ec:51:e1:23:30:cf:56:86:88:57:cd:
38:b8:cc:95
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYVvsSLpVcZ4OO/VI3T9mAAnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MzU0MzIxYzEyNTQzNjAxNDVlYWYyNWY2OTkzOGI4ZGYz
NDdiMzEwHhcNMjMwMTAxMjMzNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzc4YWYyMzEwYjFkYWRiZjE1MDkyMDU2NTkzOTM5M2EzODQyMDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlU0pUMo5MLDT+4fUTPRbxNMC2q8X
Vzydaw02fWdCuMf6i1ud5ZjaxOvh2k++196g1r4ixlunvYyFsTCXIZZCbtanuK8w
a/1O/00jaffShqtNJjgQnIYVoaPGQk36SRorotLztxqZK55YAucXLBVwrZv7Fklp
VI0H71j0kYfxuXpShaxeDy5k4mxJ3ss0hELsUz/M+qhKaeMj58UC+HRc7IfYUOsc
2kmckEZkMglZ3TkMqb2BTdJLAjn/IOHP21aRpk4z03Fu2XaemRnHAXxeT3mY44Fm
f5FuSdiDK+QiAn/PDt5YA2VGk8fk09NCT8jn7iTYQ94jxcdpnCChvnX6/wIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFKx4ryMQsdrb8VCSBWWTk5OjhCCDMB8GA1UdIwQY
MBaAFNU1QyHBJUNgFF6vJfaZOLjfNHsxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQt
YjY0ZWI4ZDgzNjU4LzEvckhpdkl4Q3gydHZ4VUpJRlpaT1RrNk9FSUlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQtYjY0ZWI4ZDgzNjU4
LzEvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAAjAZAwcBKhEGAAFQ
AwYEKhEGAdADBgQqEQYB8DANBgkqhkiG9w0BAQsFAAOCAQEAR3DaZ4n3kIA0V27D
wPhyqn7PL2yovaPkMQpt4QPuCOO2CEn1nmqcPhoD+1bK53S5BFduLbO9wj7Hl1e0
DzsvCqXLP0E29XBzlfeii/viXRnkTR4ldsfOkhoqq7YEAmuGnj5S09ZbV5Vko1fR
EMUt85iOASjvBUQtJ6G+xjAi1+JCmx7RXtvXpbHnzC3ZltW+uuczCEJ6SPg/wK7M
Sl+VdWEvLAivUicAeRDXAgh2DpaIehsW9Ek79Am2IWpxsIKc3u8w9OpWZ5GlKBZS
v2FGLK9KrNXnoqjWwLb36ud0d1ChGRgiGrf4CxMz3aya4zWQHexR4SMwz1aGiFfN
OLjMlQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:45 2023 by rpki-client on console.sobornost.net