Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/C_H7yR_jSi5EfqOdB69Dj6tss58.roa
File: C_H7yR_jSi5EfqOdB69Dj6tss58.roa (raw, json)
Hash identifier: FgaT5Q20S/OK/qoKacK8kMYxL0ifgjxNU+SRt8V4i+M=
Subject key identifier: 0B:F1:FB:C9:1F:E3:4A:2E:44:7E:A3:9D:07:AF:43:8F:AB:6C:B3:9F
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 01856F429FBD6E287E58B2CC386C5D88F5C3
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/C_H7yR_jSi5EfqOdB69Dj6tss58.roa
Signing time: Sun 01 Jan 2023 21:35:15 +0000
ROA not before: Sun 01 Jan 2023 21:35:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62087
IP address blocks: 2a01:9760::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:9f:bd:6e:28:7e:58:b2:cc:38:6c:5d:88:f5:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Jan 1 21:35:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0bf1fbc91fe34a2e447ea39d07af438fab6cb39f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:7b:05:81:e6:10:c4:2f:8d:33:85:c6:2c:b5:
2a:af:0b:6c:54:f8:fb:27:9c:b3:61:0c:71:90:33:
d6:f4:e8:ba:23:84:b0:41:83:5f:5a:f8:53:6c:ce:
c1:e3:4f:5e:37:e8:dc:69:ca:1a:14:38:0b:df:59:
61:2c:3e:b2:ac:87:8e:e3:b7:bd:50:93:2e:19:64:
98:06:e5:a8:79:2b:63:ca:c7:91:22:bf:8a:a8:1b:
d0:ab:e9:48:64:44:c4:b8:c4:6e:01:60:6b:22:c6:
20:3d:50:5f:d2:11:a3:85:b0:1f:4d:31:45:50:73:
ae:4e:05:65:7c:70:0e:12:4f:af:da:86:9e:fc:60:
e6:10:22:4b:06:ce:3f:3b:e4:dd:18:d5:0a:35:95:
0a:45:bc:39:40:81:b2:39:ec:35:9c:f0:e0:9a:83:
6e:85:ea:05:35:1a:80:c5:27:2e:4f:90:f6:62:74:
fd:f0:3d:9a:33:91:70:52:ed:fc:b0:11:42:c7:35:
81:60:5a:38:c7:70:46:97:c0:cf:99:d0:5f:9e:e8:
ae:45:a1:fc:fb:be:55:a2:18:93:2e:de:bb:ec:a5:
66:1b:c8:f6:a0:a0:b8:66:95:e1:39:6c:a8:6c:b9:
79:56:10:09:30:a6:0e:f5:4b:3f:0e:c5:84:d9:3e:
d3:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:F1:FB:C9:1F:E3:4A:2E:44:7E:A3:9D:07:AF:43:8F:AB:6C:B3:9F
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/C_H7yR_jSi5EfqOdB69Dj6tss58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:9760::/32
Signature Algorithm: sha256WithRSAEncryption
99:01:80:e6:b4:fd:09:9c:d8:dc:2d:89:c1:91:7a:04:c6:b9:
fd:7e:2e:98:8a:c3:00:ea:43:ff:68:0b:d5:21:f2:17:68:eb:
01:4e:38:97:a0:e8:42:95:99:44:6f:1a:72:d5:14:4a:ce:a6:
6a:e5:a2:bc:30:52:79:b6:6c:52:82:2c:4e:0b:02:7a:22:ff:
ea:bd:a1:cc:60:19:57:ee:b2:4b:e1:d7:d6:6e:d0:c3:21:24:
b3:11:7c:b0:05:f2:9c:6b:ba:d1:05:f0:8a:f3:17:b7:19:30:
d7:78:fe:fc:c3:64:b9:42:da:81:0a:a2:cf:a3:d0:9a:4b:f3:
c2:93:ac:d9:f6:17:12:d7:7d:03:54:94:8c:66:42:a3:02:3f:
d7:57:aa:ac:ae:ef:6d:ab:03:c1:7a:08:1b:22:3c:4f:9c:40:
cb:20:0f:e2:0b:9b:e1:89:8a:a1:aa:57:96:62:e2:54:6f:07:
17:be:b4:33:74:18:18:67:1d:43:72:cd:0e:f5:53:e4:e2:8a:
ce:65:15:44:8d:67:ca:f2:9d:02:37:e8:c0:c9:6e:6e:79:13:
04:c3:f8:cd:7a:38:62:ea:fc:3d:94:ec:cd:e7:50:20:fa:07:
b7:ba:3b:ed:60:1c:37:79:01:b8:52:14:62:5b:43:09:28:5a:
60:42:29:5d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVvQp+9bih+WLLMOGxdiPXDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0
ZTk4MWIwHhcNMjMwMTAxMjEzNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmYxZmJjOTFmZTM0YTJlNDQ3ZWEzOWQwN2FmNDM4ZmFiNmNiMzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHsFgeYQxC+NM4XGLLUqrwtsVPj7
J5yzYQxxkDPW9Oi6I4SwQYNfWvhTbM7B409eN+jcacoaFDgL31lhLD6yrIeO47e9
UJMuGWSYBuWoeStjyseRIr+KqBvQq+lIZETEuMRuAWBrIsYgPVBf0hGjhbAfTTFF
UHOuTgVlfHAOEk+v2oae/GDmECJLBs4/O+TdGNUKNZUKRbw5QIGyOew1nPDgmoNu
heoFNRqAxScuT5D2YnT98D2aM5FwUu38sBFCxzWBYFo4x3BGl8DPmdBfnuiuRaH8
+75VohiTLt677KVmG8j2oKC4ZpXhOWyobLl5VhAJMKYO9Us/DsWE2T7T/QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAvx+8kf40ouRH6jnQevQ4+rbLOfMB8GA1UdIwQY
MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt
MTYxZjM0MjM4N2QxLzEvQ19IN3lSX2pTaTVFZnFPZEI2OURqNnRzczU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx
LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgGXYDAN
BgkqhkiG9w0BAQsFAAOCAQEAmQGA5rT9CZzY3C2JwZF6BMa5/X4umIrDAOpD/2gL
1SHyF2jrAU44l6DoQpWZRG8actUUSs6mauWivDBSebZsUoIsTgsCeiL/6r2hzGAZ
V+6yS+HX1m7QwyEksxF8sAXynGu60QXwivMXtxkw13j+/MNkuULagQqiz6PQmkvz
wpOs2fYXEtd9A1SUjGZCowI/11eqrK7vbasDwXoIGyI8T5xAyyAP4gub4YmKoapX
lmLiVG8HF760M3QYGGcdQ3LNDvVT5OKKzmUVRI1nyvKdAjfowMlubnkTBMP4zXo4
Yur8PZTszedQIPoHt7o77WAcN3kBuFIUYltDCShaYEIpXQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:40 2024 by rpki-client on console-ams.rpki-client.org