Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/cpXAjGrQnGzo_itRo_0kiBn-4q0.roa
File: cpXAjGrQnGzo_itRo_0kiBn-4q0.roa (raw, json)
Hash identifier: gcrcnSQaYg/eRGGQTj5LDLRXtI4dI9H7Hrj3LiYpRfQ=
Subject key identifier: 72:95:C0:8C:6A:D0:9C:6C:E8:FE:2B:51:A3:FD:24:88:19:FE:E2:AD
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 01856F42A3429716DB296FBD0FA6C3F729C5
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/cpXAjGrQnGzo_itRo_0kiBn-4q0.roa
Signing time: Sun 01 Jan 2023 21:35:16 +0000
ROA not before: Sun 01 Jan 2023 21:35:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397517
IP address blocks: 2a01:488:bb14::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:a3:42:97:16:db:29:6f:bd:0f:a6:c3:f7:29:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Jan 1 21:35:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7295c08c6ad09c6ce8fe2b51a3fd248819fee2ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ed:07:f9:f9:b7:39:6e:16:8d:a8:ab:f1:b1:
e5:ae:d7:c2:72:50:7c:05:2e:f3:09:da:b1:3c:5e:
0d:60:c9:d0:43:89:fe:db:06:43:cd:30:dd:d7:98:
e3:66:c1:1c:4c:b9:4e:a7:7f:34:f4:15:ad:b3:0e:
b3:ab:57:f9:1c:27:3a:0b:32:7d:9c:28:fd:37:4f:
06:9a:d5:18:e9:de:96:f4:c4:14:6c:99:c0:e1:73:
35:d4:9a:86:f9:c2:2e:99:b6:7a:c9:d6:81:f0:ec:
3c:56:52:bd:30:ac:53:47:d7:4a:f9:a4:8c:d3:af:
bc:32:59:ee:bf:17:62:b4:60:e4:4a:ac:8a:60:5a:
eb:68:de:20:b5:56:bf:a0:ef:db:55:c8:ae:7b:77:
1e:2a:f1:c3:2b:31:a9:54:1f:03:f9:98:7c:c3:0a:
93:17:d5:3f:c5:0a:86:62:f6:e4:48:ec:9c:e1:cd:
82:86:56:5b:28:37:e6:af:33:b8:60:84:88:8b:95:
e7:bd:ca:4d:dc:d9:5f:2a:34:20:39:3c:3a:ec:95:
f5:2f:39:45:6d:89:7c:3b:aa:86:45:0c:5a:73:31:
56:1c:e4:44:83:80:69:2a:72:54:ea:f4:d3:cf:df:
15:a2:4a:1e:31:61:f5:1f:50:69:dd:fd:fa:ea:2f:
30:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:95:C0:8C:6A:D0:9C:6C:E8:FE:2B:51:A3:FD:24:88:19:FE:E2:AD
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/cpXAjGrQnGzo_itRo_0kiBn-4q0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:488:bb14::/48
Signature Algorithm: sha256WithRSAEncryption
62:ca:a5:19:c3:5b:91:c6:4e:17:c0:ed:a1:ae:be:db:10:4d:
e5:fd:44:83:76:31:d3:23:34:2c:97:75:e3:01:03:c3:4b:01:
aa:eb:08:a8:27:2f:57:6b:25:9f:97:a6:85:8e:96:27:f7:21:
2e:c7:1c:c7:0e:04:11:d3:96:87:3e:c1:ab:38:23:e7:34:7a:
dd:52:50:56:32:83:52:6d:c4:91:8d:96:68:bc:1b:d3:f2:0b:
cb:49:ca:77:9e:c5:1d:a1:f4:d1:c2:c0:00:36:3a:80:07:09:
e2:9e:c2:c5:d3:29:d8:bd:eb:d7:c2:2d:21:d6:e6:b3:b2:43:
5e:ad:e2:db:33:e9:01:8b:01:5f:e2:a0:ab:8f:fe:b2:4b:bc:
a9:0e:bc:50:d5:c9:6b:fd:e8:a5:07:f2:03:61:2b:92:d7:ac:
bd:ee:8b:b8:4b:c0:60:a6:c6:4b:0b:f2:34:e1:13:7a:be:da:
ae:21:87:2a:9f:92:91:80:3a:44:79:f5:70:80:aa:32:42:b3:
6c:2e:9d:da:64:c5:be:6e:b4:26:91:9f:2f:8f:ef:eb:c8:45:
bb:91:69:4d:22:10:22:50:4c:0c:83:f6:80:05:3f:02:ed:fb:
c1:5b:a8:b6:81:f7:06:bd:e0:be:0a:bf:28:9c:3c:16:c8:2a:
28:a5:cb:30
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQqNClxbbKW+9D6bD9ynFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0
ZTk4MWIwHhcNMjMwMTAxMjEzNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mjk1YzA4YzZhZDA5YzZjZThmZTJiNTFhM2ZkMjQ4ODE5ZmVlMmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiu0H+fm3OW4Wjair8bHlrtfCclB8
BS7zCdqxPF4NYMnQQ4n+2wZDzTDd15jjZsEcTLlOp3809BWtsw6zq1f5HCc6CzJ9
nCj9N08GmtUY6d6W9MQUbJnA4XM11JqG+cIumbZ6ydaB8Ow8VlK9MKxTR9dK+aSM
06+8MlnuvxditGDkSqyKYFrraN4gtVa/oO/bVciue3ceKvHDKzGpVB8D+Zh8wwqT
F9U/xQqGYvbkSOyc4c2ChlZbKDfmrzO4YISIi5XnvcpN3NlfKjQgOTw67JX1LzlF
bYl8O6qGRQxaczFWHOREg4BpKnJU6vTTz98VokoeMWH1H1Bp3f366i8wrwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHKVwIxq0Jxs6P4rUaP9JIgZ/uKtMB8GA1UdIwQY
MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt
MTYxZjM0MjM4N2QxLzEvY3BYQWpHclFuR3pvX2l0Um9fMGtpQm4tNHEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx
LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgEEiLsU
MA0GCSqGSIb3DQEBCwUAA4IBAQBiyqUZw1uRxk4XwO2hrr7bEE3l/USDdjHTIzQs
l3XjAQPDSwGq6wioJy9XayWfl6aFjpYn9yEuxxzHDgQR05aHPsGrOCPnNHrdUlBW
MoNSbcSRjZZovBvT8gvLScp3nsUdofTRwsAANjqABwninsLF0ynYvevXwi0h1uaz
skNereLbM+kBiwFf4qCrj/6yS7ypDrxQ1clr/eilB/IDYSuS16y97ou4S8BgpsZL
C/I04RN6vtquIYcqn5KRgDpEefVwgKoyQrNsLp3aZMW+brQmkZ8vj+/ryEW7kWlN
IhAiUEwMg/aABT8C7fvBW6i2gfcGveC+Cr8onDwWyCoopcsw
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:40 2024 by rpki-client on console-ams.rpki-client.org