Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/0a8fc1-986e-4209-930c-1c77431b05f7/1/3ZBo9eCnaYxznvLlWbolYKZVoeo.roa
File: 3ZBo9eCnaYxznvLlWbolYKZVoeo.roa (raw, json)
Hash identifier: UIKoXXEou9xey0Gg2z4KS21ZdguuNgUWhk1R/53gn78=
Subject key identifier: DD:90:68:F5:E0:A7:69:8C:73:9E:F2:E5:59:BA:25:60:A6:55:A1:EA
Certificate issuer: /CN=0e6b385c7b8778bf78af2421c99f5d38bd556914
Certificate serial: 0185704291A639FC6B53D1C2A7DE256345D6
Authority key identifier: 0E:6B:38:5C:7B:87:78:BF:78:AF:24:21:C9:9F:5D:38:BD:55:69:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dms4XHuHeL94ryQhyZ9dOL1VaRQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/0a8fc1-986e-4209-930c-1c77431b05f7/1/3ZBo9eCnaYxznvLlWbolYKZVoeo.roa
Signing time: Mon 02 Jan 2023 02:14:48 +0000
ROA not before: Mon 02 Jan 2023 02:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48136
IP address blocks: 2001:67c:c::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:91:a6:39:fc:6b:53:d1:c2:a7:de:25:63:45:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e6b385c7b8778bf78af2421c99f5d38bd556914
Validity
Not Before: Jan 2 02:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd9068f5e0a7698c739ef2e559ba2560a655a1ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:09:a1:22:a7:e3:06:e9:a1:4b:a8:e1:b1:c4:
2c:15:27:a3:9a:a4:54:6e:d7:fa:85:e1:4a:f3:3b:
ee:fd:64:57:de:0c:6c:3e:25:f0:e8:34:52:e2:c0:
ca:e4:8c:cb:8e:8e:de:d9:be:cf:1c:e9:ee:69:53:
45:6a:9e:33:cc:0b:44:19:05:0b:67:c7:ac:05:53:
20:55:63:a8:ca:ae:9c:4c:10:e0:e8:be:09:ab:85:
31:dd:a5:6b:1f:22:ec:a0:72:2e:f0:62:47:ae:c0:
e3:1f:e6:02:0b:71:f7:ee:a7:e5:94:79:02:20:84:
77:2c:09:37:26:cd:9c:e3:86:d0:61:66:06:c3:2b:
aa:54:21:30:72:54:ae:5b:56:f9:b6:6f:63:c6:8d:
2e:29:d0:37:88:ab:75:c8:b0:70:a7:ad:2e:93:61:
e2:41:78:6a:f7:fd:34:6e:16:88:76:65:40:a2:43:
96:23:ee:db:74:62:91:04:dd:8b:a3:0f:d0:ff:d6:
d4:b8:4f:41:0f:15:0e:e2:68:4a:fc:72:c2:74:a0:
fb:76:fe:24:5b:13:0a:df:b6:e8:13:80:9b:ab:72:
dd:c9:12:de:62:57:08:b0:43:3d:32:34:99:13:ba:
a8:34:7b:fe:c0:e0:b9:f2:75:da:5e:0d:e7:a2:6e:
12:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:90:68:F5:E0:A7:69:8C:73:9E:F2:E5:59:BA:25:60:A6:55:A1:EA
X509v3 Authority Key Identifier:
keyid:0E:6B:38:5C:7B:87:78:BF:78:AF:24:21:C9:9F:5D:38:BD:55:69:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dms4XHuHeL94ryQhyZ9dOL1VaRQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/0a8fc1-986e-4209-930c-1c77431b05f7/1/3ZBo9eCnaYxznvLlWbolYKZVoeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/0a8fc1-986e-4209-930c-1c77431b05f7/1/Dms4XHuHeL94ryQhyZ9dOL1VaRQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:c::/48
Signature Algorithm: sha256WithRSAEncryption
78:c2:f2:f8:b8:17:f7:5f:a6:3a:6b:e4:10:77:4e:85:af:98:
a2:b5:0a:0a:4c:ca:db:fb:f8:bf:2d:b9:5c:cc:85:98:5e:26:
cb:0f:50:4e:95:5a:8b:bf:b5:71:34:48:f5:7d:40:d8:c9:9e:
37:63:0b:e8:ae:f0:85:b3:cb:e7:00:5f:60:7e:84:a5:e0:3a:
26:d6:a3:96:20:0e:c9:ad:7c:26:9c:a2:e6:ce:ac:59:78:c7:
f5:99:a5:b6:dc:5e:f4:e6:b3:58:49:f1:71:1d:0f:e3:4c:4a:
7e:9d:03:58:57:27:fd:24:7d:ec:45:6b:93:69:73:f3:02:80:
da:4a:a6:31:9e:8b:4c:18:4b:b2:01:be:e4:56:29:90:8d:ee:
56:db:53:cd:7d:e2:83:7d:0b:87:39:bb:3b:de:82:40:7f:06:
ca:b6:c2:88:13:33:7c:4f:aa:78:8f:01:f6:5f:32:0f:33:37:
c1:1e:e3:1c:0c:9f:a1:4f:48:5a:e2:4a:89:73:ca:98:8e:cb:
7c:db:db:f1:39:34:1d:55:f0:6d:f2:4f:17:8c:72:7b:aa:b3:
d6:c4:87:7b:5b:a6:54:30:8e:1e:4f:37:fa:fd:aa:50:08:b5:
dd:54:f7:76:79:3e:99:43:27:c1:6d:27:eb:15:bb:c3:c4:73:
cd:4b:1f:f5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVwQpGmOfxrU9HCp94lY0XWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNmIzODVjN2I4Nzc4YmY3OGFmMjQyMWM5OWY1ZDM4YmQ1
NTY5MTQwHhcNMjMwMTAyMDIxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDkwNjhmNWUwYTc2OThjNzM5ZWYyZTU1OWJhMjU2MGE2NTVhMWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAmhIqfjBumhS6jhscQsFSejmqRU
btf6heFK8zvu/WRX3gxsPiXw6DRS4sDK5IzLjo7e2b7PHOnuaVNFap4zzAtEGQUL
Z8esBVMgVWOoyq6cTBDg6L4Jq4Ux3aVrHyLsoHIu8GJHrsDjH+YCC3H37qfllHkC
IIR3LAk3Js2c44bQYWYGwyuqVCEwclSuW1b5tm9jxo0uKdA3iKt1yLBwp60uk2Hi
QXhq9/00bhaIdmVAokOWI+7bdGKRBN2Low/Q/9bUuE9BDxUO4mhK/HLCdKD7dv4k
WxMK37boE4Cbq3LdyRLeYlcIsEM9MjSZE7qoNHv+wOC58nXaXg3nom4SsQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN2QaPXgp2mMc57y5Vm6JWCmVaHqMB8GA1UdIwQY
MBaAFA5rOFx7h3i/eK8kIcmfXTi9VWkUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG1zNFhIdUhlTDk0cnlRaHlaOWRPTDFWYVJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8wYThmYzEtOTg2ZS00MjA5LTkzMGMt
MWM3NzQzMWIwNWY3LzEvM1pCbzllQ25hWXh6bnZMbFdib2xZS1pWb2VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8wYThmYzEtOTg2ZS00MjA5LTkzMGMtMWM3NzQzMWIwNWY3
LzEvRG1zNFhIdUhlTDk0cnlRaHlaOWRPTDFWYVJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAAM
MA0GCSqGSIb3DQEBCwUAA4IBAQB4wvL4uBf3X6Y6a+QQd06Fr5iitQoKTMrb+/i/
LblczIWYXibLD1BOlVqLv7VxNEj1fUDYyZ43YwvorvCFs8vnAF9gfoSl4Dom1qOW
IA7JrXwmnKLmzqxZeMf1maW23F705rNYSfFxHQ/jTEp+nQNYVyf9JH3sRWuTaXPz
AoDaSqYxnotMGEuyAb7kVimQje5W21PNfeKDfQuHObs73oJAfwbKtsKIEzN8T6p4
jwH2XzIPMzfBHuMcDJ+hT0ha4kqJc8qYjst829vxOTQdVfBt8k8XjHJ7qrPWxId7
W6ZUMI4eTzf6/apQCLXdVPd2eT6ZQyfBbSfrFbvDxHPNSx/1
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:00:53 2024 by rpki-client on console.sobornost.net