Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/e7576a-4363-4984-b4c7-b1f29cccce55/1/AaWlkez4TpUunnG9f_7YvCbIYlM.roa
File: AaWlkez4TpUunnG9f_7YvCbIYlM.roa (raw, json)
Hash identifier: kePVDBzERh3ZUWr0QydM3ujMZw9FeLrgSdnX9voGEL0=
Subject key identifier: 01:A5:A5:91:EC:F8:4E:95:2E:9E:71:BD:7F:FE:D8:BC:26:C8:62:53
Certificate issuer: /CN=20f6e53b697ad263b4ba4ea49814366a883b54ad
Certificate serial: 01856F301C359ABC4D342EFD4B1E485A8551
Authority key identifier: 20:F6:E5:3B:69:7A:D2:63:B4:BA:4E:A4:98:14:36:6A:88:3B:54:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IPblO2l60mO0uk6kmBQ2aog7VK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/e7576a-4363-4984-b4c7-b1f29cccce55/1/AaWlkez4TpUunnG9f_7YvCbIYlM.roa
Signing time: Sun 01 Jan 2023 21:15:01 +0000
ROA not before: Sun 01 Jan 2023 21:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208727
IP address blocks: 2001:678:a8c::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:1c:35:9a:bc:4d:34:2e:fd:4b:1e:48:5a:85:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20f6e53b697ad263b4ba4ea49814366a883b54ad
Validity
Not Before: Jan 1 21:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01a5a591ecf84e952e9e71bd7ffed8bc26c86253
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:12:4a:62:90:89:27:4f:fd:0a:d5:8a:b9:76:
42:ce:f8:8c:0d:93:4d:ea:bb:02:04:92:44:dd:3f:
0d:d3:a9:5c:22:28:c8:aa:0a:0d:d3:99:9b:18:9b:
82:d6:80:54:56:62:91:b6:3f:42:7e:fa:84:9b:ec:
1a:24:66:2b:0c:b6:b0:b8:54:14:9b:77:9e:f5:0b:
78:99:08:73:c9:e5:9e:3b:26:03:57:38:2c:e1:f9:
db:be:7e:0d:d8:c7:c6:07:95:8d:e3:cf:ad:9e:88:
5d:8b:ef:3b:a6:8f:22:d8:36:23:88:61:0f:8d:95:
35:12:8f:a6:4c:34:3c:b1:b0:71:4a:74:b7:27:b9:
d4:26:88:17:c8:3d:c4:dc:e7:1d:d3:16:29:31:73:
91:af:1d:31:26:d6:d7:38:05:8e:95:28:03:fd:36:
fc:28:92:93:2a:79:b1:86:91:53:ea:e3:2c:35:6d:
25:01:01:29:0f:69:36:ca:7f:36:1c:66:04:1b:e1:
d9:d8:15:18:db:32:fd:2e:a2:97:7a:19:51:d1:3e:
7d:a9:5a:12:62:f8:0b:6f:76:ef:f5:57:ea:70:6b:
47:43:5d:8c:29:91:98:92:b4:ac:85:d3:47:e8:4e:
b9:4e:c7:97:0f:65:d0:fa:5d:c7:6c:0a:54:22:29:
a9:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:A5:A5:91:EC:F8:4E:95:2E:9E:71:BD:7F:FE:D8:BC:26:C8:62:53
X509v3 Authority Key Identifier:
keyid:20:F6:E5:3B:69:7A:D2:63:B4:BA:4E:A4:98:14:36:6A:88:3B:54:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IPblO2l60mO0uk6kmBQ2aog7VK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/e7576a-4363-4984-b4c7-b1f29cccce55/1/AaWlkez4TpUunnG9f_7YvCbIYlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/e7576a-4363-4984-b4c7-b1f29cccce55/1/IPblO2l60mO0uk6kmBQ2aog7VK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:a8c::/48
Signature Algorithm: sha256WithRSAEncryption
48:fe:30:fa:36:b5:6e:e9:02:df:e7:fe:d7:22:fe:d0:ed:57:
e8:7c:f2:bb:51:5f:09:34:11:a3:e3:cd:dd:e6:ba:b5:d5:f3:
06:f8:2e:c4:43:34:ee:04:9e:8a:c1:90:a8:09:29:19:5d:f1:
c3:1e:0e:59:01:71:1c:be:c5:69:72:e1:a8:9a:ac:7f:fb:5c:
29:ff:ff:96:79:c4:73:cb:19:57:52:e6:d7:ff:f7:7f:62:7e:
ce:81:2d:00:b4:50:3c:03:52:65:9b:cc:ac:21:82:f0:69:01:
5e:d2:19:20:03:3a:4d:65:ef:3f:ad:ed:ae:2f:f7:e4:99:02:
96:e5:b2:de:62:7a:03:31:16:fc:d4:ae:55:68:99:0a:50:4f:
44:30:91:15:a7:52:9a:16:64:d2:24:c0:e6:42:b8:b7:d4:8c:
b2:4e:30:33:9f:85:40:22:fb:29:e6:b4:3f:1a:41:a8:0e:62:
82:a3:95:9d:5d:df:5d:71:e9:cf:43:b9:ec:1d:33:4c:d6:a5:
49:2a:14:4d:44:a3:9a:35:44:14:1a:fa:f8:a3:ff:8c:b0:11:
46:fe:7e:68:d8:cd:8e:f3:45:58:40:db:f1:e5:54:43:d4:ef:
71:b5:7f:65:53:e4:b1:7e:6b:30:d6:49:af:a0:9d:6a:ad:1b:
e0:7f:42:52
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvMBw1mrxNNC79Sx5IWoVRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZjZlNTNiNjk3YWQyNjNiNGJhNGVhNDk4MTQzNjZhODgz
YjU0YWQwHhcNMjMwMTAxMjExNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWE1YTU5MWVjZjg0ZTk1MmU5ZTcxYmQ3ZmZlZDhiYzI2Yzg2MjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxJKYpCJJ0/9CtWKuXZCzviMDZNN
6rsCBJJE3T8N06lcIijIqgoN05mbGJuC1oBUVmKRtj9CfvqEm+waJGYrDLawuFQU
m3ee9Qt4mQhzyeWeOyYDVzgs4fnbvn4N2MfGB5WN48+tnohdi+87po8i2DYjiGEP
jZU1Eo+mTDQ8sbBxSnS3J7nUJogXyD3E3Ocd0xYpMXORrx0xJtbXOAWOlSgD/Tb8
KJKTKnmxhpFT6uMsNW0lAQEpD2k2yn82HGYEG+HZ2BUY2zL9LqKXehlR0T59qVoS
YvgLb3bv9VfqcGtHQ12MKZGYkrSshdNH6E65TseXD2XQ+l3HbApUIimpOwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAGlpZHs+E6VLp5xvX/+2LwmyGJTMB8GA1UdIwQY
MBaAFCD25TtpetJjtLpOpJgUNmqIO1StMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVBibE8ybDYwbU8wdWs2a21CUTJhb2c3VkswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9lNzU3NmEtNDM2My00OTg0LWI0Yzct
YjFmMjljY2NjZTU1LzEvQWFXbGtlejRUcFV1bm5HOWZfN1l2Q2JJWWxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9lNzU3NmEtNDM2My00OTg0LWI0YzctYjFmMjljY2NjZTU1
LzEvSVBibE8ybDYwbU8wdWs2a21CUTJhb2c3VkswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAqM
MA0GCSqGSIb3DQEBCwUAA4IBAQBI/jD6NrVu6QLf5/7XIv7Q7VfofPK7UV8JNBGj
483d5rq11fMG+C7EQzTuBJ6KwZCoCSkZXfHDHg5ZAXEcvsVpcuGomqx/+1wp//+W
ecRzyxlXUubX//d/Yn7OgS0AtFA8A1Jlm8ysIYLwaQFe0hkgAzpNZe8/re2uL/fk
mQKW5bLeYnoDMRb81K5VaJkKUE9EMJEVp1KaFmTSJMDmQri31IyyTjAzn4VAIvsp
5rQ/GkGoDmKCo5WdXd9dcenPQ7nsHTNM1qVJKhRNRKOaNUQUGvr4o/+MsBFG/n5o
2M2O80VYQNvx5VRD1O9xtX9lU+Sxfmsw1kmvoJ1qrRvgf0JS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:08 2024 by rpki-client on console-fra.rpki-client.org