Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/_8dAJCulL2PLfA0pndZqdXZRM-M.roa
File: _8dAJCulL2PLfA0pndZqdXZRM-M.roa (raw, json)
Hash identifier: j6vxyNaWsS48SCderw4pgMnjDYO167fyxQ/mKJFTyQw=
Subject key identifier: FF:C7:40:24:2B:A5:2F:63:CB:7C:0D:29:9D:D6:6A:75:76:51:33:E3
Certificate issuer: /CN=333361fba8409174fb3c482b8ca26f235ebd22c2
Certificate serial: 01856CEF3A57B650B5294A04E20359E1148C
Authority key identifier: 33:33:61:FB:A8:40:91:74:FB:3C:48:2B:8C:A2:6F:23:5E:BD:22:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MzNh-6hAkXT7PEgrjKJvI169IsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/_8dAJCulL2PLfA0pndZqdXZRM-M.roa
Signing time: Sun 01 Jan 2023 10:44:55 +0000
ROA not before: Sun 01 Jan 2023 10:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210542
IP address blocks: 2a0f:7880:100::/40 maxlen: 40
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:3a:57:b6:50:b5:29:4a:04:e2:03:59:e1:14:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=333361fba8409174fb3c482b8ca26f235ebd22c2
Validity
Not Before: Jan 1 10:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ffc740242ba52f63cb7c0d299dd66a75765133e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:07:5d:6e:f5:e7:21:5d:ff:ed:65:f7:5c:12:
90:27:3d:a1:d1:fa:f7:d7:95:c2:a1:33:ff:bd:a2:
42:ea:a7:b8:35:b0:66:c8:f4:ac:89:8a:57:9d:13:
ff:d6:11:b0:f3:81:b6:89:62:1d:fa:d7:86:0b:65:
1b:d1:6a:ff:ad:7a:bb:36:c9:4e:5f:e0:80:cf:4e:
0d:ae:6f:6e:6a:aa:8b:46:67:0c:5c:85:34:c7:43:
b7:16:bf:cf:0b:11:d1:4c:2e:83:b2:41:0f:ec:08:
51:57:fb:37:a7:8b:a5:26:a6:11:3f:c1:27:6b:cb:
2a:ec:dd:de:91:7b:92:92:b8:3c:c1:b0:eb:4d:20:
8b:92:a5:df:95:8a:36:6a:60:05:f4:d4:ad:a5:0a:
49:6d:0e:00:74:2e:c7:8a:ab:c4:b5:4d:46:6e:a5:
9b:19:d5:49:88:25:d3:bf:17:26:bd:b6:f0:89:73:
8b:b9:3d:dd:c2:58:f9:82:51:e9:e4:b8:63:74:96:
8c:e1:18:72:8e:4a:54:be:c6:3f:89:34:25:45:b5:
51:b6:84:43:7d:4e:ba:51:f6:14:dd:00:e5:97:60:
6f:ce:3f:f9:d7:4a:26:60:51:0a:86:a4:ad:eb:a5:
7b:da:32:6b:0a:b5:65:ba:da:72:90:6a:2d:e1:c3:
04:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:C7:40:24:2B:A5:2F:63:CB:7C:0D:29:9D:D6:6A:75:76:51:33:E3
X509v3 Authority Key Identifier:
keyid:33:33:61:FB:A8:40:91:74:FB:3C:48:2B:8C:A2:6F:23:5E:BD:22:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MzNh-6hAkXT7PEgrjKJvI169IsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/_8dAJCulL2PLfA0pndZqdXZRM-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/MzNh-6hAkXT7PEgrjKJvI169IsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7880:100::/40
Signature Algorithm: sha256WithRSAEncryption
9d:92:67:da:3a:3b:ce:42:ad:7d:bf:7c:7a:a1:b8:4c:0d:41:
dd:82:0e:90:51:5c:56:69:d4:50:8b:af:3f:be:c6:24:d7:8b:
ff:11:89:15:63:42:1f:da:15:da:71:e2:ac:dc:4f:5f:d2:66:
40:4e:e8:ce:75:4f:cb:69:5c:c4:fe:42:f9:f1:66:95:e1:21:
fb:16:ea:de:e8:25:73:20:c6:32:1e:a1:9d:b8:26:59:b7:3b:
06:dc:fa:20:74:98:99:b3:d8:ea:f9:47:69:46:3c:ef:bf:f1:
90:24:60:47:75:61:a4:eb:5d:42:8a:2b:af:2b:b5:4d:1c:e9:
04:0b:35:28:70:e4:36:5b:4b:92:ed:96:6b:44:c6:1c:97:60:
b7:53:38:2f:74:7a:8c:0f:0c:af:1c:3b:5d:79:88:53:12:80:
59:7c:a4:4e:2f:b8:3f:f9:37:14:dd:76:2f:81:2a:ca:6a:c3:
a8:36:00:1b:35:76:d8:ec:b7:e7:15:00:1c:c9:8b:37:f0:2b:
cd:27:d1:dd:f4:d7:f7:74:f5:6b:79:1b:02:ee:81:1e:2a:9b:
d6:8e:42:71:45:96:c2:34:52:a1:bb:94:39:f8:12:4b:82:65:
47:fb:db:ae:f1:1a:13:96:9d:bf:27:e6:cb:8d:9d:d3:5c:b0:
2f:3b:95:62
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVs7zpXtlC1KUoE4gNZ4RSMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMzM2MWZiYTg0MDkxNzRmYjNjNDgyYjhjYTI2ZjIzNWVi
ZDIyYzIwHhcNMjMwMTAxMTA0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmM3NDAyNDJiYTUyZjYzY2I3YzBkMjk5ZGQ2NmE3NTc2NTEzM2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAddbvXnIV3/7WX3XBKQJz2h0fr3
15XCoTP/vaJC6qe4NbBmyPSsiYpXnRP/1hGw84G2iWId+teGC2Ub0Wr/rXq7NslO
X+CAz04Nrm9uaqqLRmcMXIU0x0O3Fr/PCxHRTC6DskEP7AhRV/s3p4ulJqYRP8En
a8sq7N3ekXuSkrg8wbDrTSCLkqXflYo2amAF9NStpQpJbQ4AdC7HiqvEtU1GbqWb
GdVJiCXTvxcmvbbwiXOLuT3dwlj5glHp5LhjdJaM4RhyjkpUvsY/iTQlRbVRtoRD
fU66UfYU3QDll2Bvzj/510omYFEKhqSt66V72jJrCrVlutpykGot4cMEeQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFP/HQCQrpS9jy3wNKZ3WanV2UTPjMB8GA1UdIwQY
MBaAFDMzYfuoQJF0+zxIK4yibyNevSLCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXpOaC02aEFrWFQ3UEVncmpLSnZJMTY5SXNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8xMWUxM2YtNGNlYS00NGFmLTgxZjkt
YjJjY2NmMGVhZGFiLzEvXzhkQUpDdWxMMlBMZkEwcG5kWnFkWFpSTS1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8xMWUxM2YtNGNlYS00NGFmLTgxZjktYjJjY2NmMGVhZGFi
LzEvTXpOaC02aEFrWFQ3UEVncmpLSnZJMTY5SXNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg94gAEw
DQYJKoZIhvcNAQELBQADggEBAJ2SZ9o6O85CrX2/fHqhuEwNQd2CDpBRXFZp1FCL
rz++xiTXi/8RiRVjQh/aFdpx4qzcT1/SZkBO6M51T8tpXMT+QvnxZpXhIfsW6t7o
JXMgxjIeoZ24Jlm3Owbc+iB0mJmz2Or5R2lGPO+/8ZAkYEd1YaTrXUKKK68rtU0c
6QQLNShw5DZbS5LtlmtExhyXYLdTOC90eowPDK8cO115iFMSgFl8pE4vuD/5NxTd
di+BKspqw6g2ABs1dtjst+cVABzJizfwK80n0d301/d09Wt5GwLugR4qm9aOQnFF
lsI0UqG7lDn4EkuCZUf7267xGhOWnb8n5suNndNcsC87lWI=
-----END CERTIFICATE-----
Generated at Tue Jan 2 16:34:51 2024 by rpki-client on console.sobornost.net