Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/CPDSvNQLqcsYTZZE1cDMrwuKdMQ.roa
File: CPDSvNQLqcsYTZZE1cDMrwuKdMQ.roa (raw, json)
Hash identifier: 4q8LMS5a7wdY3KS9rq/gcdH5ZdGRnpcYXqsnS90bbqs=
Subject key identifier: 08:F0:D2:BC:D4:0B:A9:CB:18:4D:96:44:D5:C0:CC:AF:0B:8A:74:C4
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 01856F42A7816BACB178049F3DFC764C4A9D
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/CPDSvNQLqcsYTZZE1cDMrwuKdMQ.roa
Signing time: Sun 01 Jan 2023 21:35:17 +0000
ROA not before: Sun 01 Jan 2023 21:35:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398102
IP address blocks: 2a01:488:bb05::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:a7:81:6b:ac:b1:78:04:9f:3d:fc:76:4c:4a:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Jan 1 21:35:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08f0d2bcd40ba9cb184d9644d5c0ccaf0b8a74c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:c7:01:82:7e:26:ae:49:21:20:59:95:93:3d:
aa:59:fc:56:31:41:f0:d7:81:f0:12:86:8e:99:f6:
35:c0:97:38:f8:9d:9e:4d:bd:5d:6e:f6:66:3e:5c:
bc:0a:66:ab:c9:a3:5b:8f:d8:3c:07:8d:f3:4c:ee:
38:be:d6:d8:7f:3a:1d:59:d0:f2:bf:c8:2f:6e:0c:
1d:4d:b2:ee:1e:9a:e7:66:c6:8c:46:7f:f8:2f:f2:
8e:19:77:2b:30:4e:e1:a6:90:c2:74:de:09:f2:c2:
59:b0:2f:f6:25:64:ba:9a:af:fa:d7:ce:c2:9a:0c:
c1:a3:ce:5a:43:57:77:5f:eb:c9:81:fd:96:12:e7:
58:87:4e:30:ee:68:e2:fa:7b:ab:63:8a:7a:c2:4f:
e9:db:d8:41:f3:71:6c:6f:08:bc:c4:53:3a:94:09:
61:9e:52:83:67:92:70:f5:62:e1:c8:a8:cd:bb:83:
25:e0:67:bf:2d:31:07:e3:d0:bf:ce:e4:0c:b4:82:
dd:1f:3a:2a:9c:27:f8:07:89:98:9a:90:ef:6a:ec:
63:44:33:0c:38:76:f7:c9:54:76:3d:47:cb:a3:3d:
f8:e5:82:fc:81:3e:25:4f:0b:39:f7:9d:a5:40:96:
92:a3:fc:09:e1:7f:34:92:a4:b0:5a:81:c3:7c:24:
29:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:F0:D2:BC:D4:0B:A9:CB:18:4D:96:44:D5:C0:CC:AF:0B:8A:74:C4
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/CPDSvNQLqcsYTZZE1cDMrwuKdMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:488:bb05::/48
Signature Algorithm: sha256WithRSAEncryption
69:7d:69:45:76:27:d4:dd:54:ba:a5:0e:df:ce:62:9d:a3:74:
09:c8:cc:15:f6:96:28:f5:52:b1:f9:74:6b:31:f6:29:ad:41:
48:f0:0e:bf:6c:c3:b5:02:e3:2d:e1:2b:65:e4:3a:91:9b:a5:
8c:05:e8:3d:53:1b:78:b4:53:7d:64:6c:2d:ee:9f:c5:11:bb:
cb:5b:7d:28:e4:a4:bd:35:ba:1b:07:dc:85:4d:99:64:89:a1:
b2:37:42:ff:8d:60:b0:c3:57:4f:8a:6d:b0:9b:fd:49:ee:65:
f9:e7:ce:3f:69:2d:52:81:e6:30:2b:5a:b5:5e:3d:99:86:44:
06:f6:b3:6d:5f:1f:fb:c0:35:f5:98:5a:1f:06:be:b7:c6:ca:
a6:54:5d:3f:2d:26:ea:b8:22:a9:24:76:93:09:4f:ca:4b:29:
40:b9:86:b8:c7:90:04:5b:43:c6:fe:81:47:52:2a:8a:04:42:
a0:40:0d:d3:25:9f:b0:0e:2f:81:90:b3:23:00:34:64:b3:c6:
92:48:9c:65:bf:f3:53:22:cc:fb:8b:f3:1b:70:1c:31:67:b8:
1b:fe:37:ab:2c:a6:98:ce:fc:4b:2d:dd:35:23:8d:86:88:82:
12:f5:ee:c7:a8:5c:12:b7:08:c7:54:5c:60:99:74:f8:f4:4c:
5b:9a:a4:77
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQqeBa6yxeASfPfx2TEqdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0
ZTk4MWIwHhcNMjMwMTAxMjEzNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGYwZDJiY2Q0MGJhOWNiMTg0ZDk2NDRkNWMwY2NhZjBiOGE3NGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMcBgn4mrkkhIFmVkz2qWfxWMUHw
14HwEoaOmfY1wJc4+J2eTb1dbvZmPly8CmaryaNbj9g8B43zTO44vtbYfzodWdDy
v8gvbgwdTbLuHprnZsaMRn/4L/KOGXcrME7hppDCdN4J8sJZsC/2JWS6mq/6187C
mgzBo85aQ1d3X+vJgf2WEudYh04w7mji+nurY4p6wk/p29hB83Fsbwi8xFM6lAlh
nlKDZ5Jw9WLhyKjNu4Ml4Ge/LTEH49C/zuQMtILdHzoqnCf4B4mYmpDvauxjRDMM
OHb3yVR2PUfLoz345YL8gT4lTws5952lQJaSo/wJ4X80kqSwWoHDfCQpoQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAjw0rzUC6nLGE2WRNXAzK8LinTEMB8GA1UdIwQY
MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt
MTYxZjM0MjM4N2QxLzEvQ1BEU3ZOUUxxY3NZVFpaRTFjRE1yd3VLZE1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx
LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgEEiLsF
MA0GCSqGSIb3DQEBCwUAA4IBAQBpfWlFdifU3VS6pQ7fzmKdo3QJyMwV9pYo9VKx
+XRrMfYprUFI8A6/bMO1AuMt4Stl5DqRm6WMBeg9Uxt4tFN9ZGwt7p/FEbvLW30o
5KS9NbobB9yFTZlkiaGyN0L/jWCww1dPim2wm/1J7mX5584/aS1SgeYwK1q1Xj2Z
hkQG9rNtXx/7wDX1mFofBr63xsqmVF0/LSbquCKpJHaTCU/KSylAuYa4x5AEW0PG
/oFHUiqKBEKgQA3TJZ+wDi+BkLMjADRks8aSSJxlv/NTIsz7i/MbcBwxZ7gb/jer
LKaYzvxLLd01I42GiIIS9e7HqFwStwjHVFxgmXT49ExbmqR3
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:40 2024 by rpki-client on console-ams.rpki-client.org