Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/bWAzpnQG3As-0i70hq5-oc7QJdw.roa
File: bWAzpnQG3As-0i70hq5-oc7QJdw.roa (raw, json)
Hash identifier: L9iVLEhs0wN/jsaoriTALlvWw3r7AmWKQulWgptSKRY=
Subject key identifier: 6D:60:33:A6:74:06:DC:0B:3E:D2:2E:F4:86:AE:7E:A1:CE:D0:25:DC
Certificate issuer: /CN=f6af433974df373b70abd76b13e1c70c775f554b
Certificate serial: 018C16E0D1749E50CEF75EFEA9EF670A7015
Authority key identifier: F6:AF:43:39:74:DF:37:3B:70:AB:D7:6B:13:E1:C7:0C:77:5F:55:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9q9DOXTfNztwq9drE-HHDHdfVUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/bWAzpnQG3As-0i70hq5-oc7QJdw.roa
Signing time: Tue 28 Nov 2023 17:01:21 +0000
ROA not before: Tue 28 Nov 2023 17:01:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216081
IP address blocks: 2a12:3e80:600::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:16:e0:d1:74:9e:50:ce:f7:5e:fe:a9:ef:67:0a:70:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6af433974df373b70abd76b13e1c70c775f554b
Validity
Not Before: Nov 28 17:01:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d6033a67406dc0b3ed22ef486ae7ea1ced025dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:9e:f4:eb:15:c3:00:ad:9b:58:dd:96:a6:b8:
50:ca:0f:ef:44:8b:df:58:e5:0c:44:3a:45:48:65:
63:e1:49:4f:51:fa:2d:0d:eb:51:28:76:73:d5:5b:
bc:bd:d3:f2:9c:e5:3a:c0:9c:ec:5d:e3:09:e1:ff:
c2:b0:bb:dc:bf:86:0a:1a:5f:58:22:c5:b4:67:5d:
24:f8:54:8b:b2:c1:60:11:84:13:a7:38:af:3a:8f:
11:53:ce:5f:a2:21:ef:17:65:cc:bc:68:4c:cf:da:
30:d7:d6:ba:67:f4:f4:09:2b:fc:2e:de:dc:c4:df:
be:96:e4:1b:cb:f4:ed:03:3a:71:06:de:41:9c:4a:
a2:0d:8f:1d:a4:ed:f4:78:ba:1a:c2:78:18:f0:9a:
f5:da:8e:42:63:10:70:86:5e:66:54:f9:8e:a2:6b:
35:4b:99:8d:9b:f5:2d:77:c5:19:68:ee:d0:34:32:
f7:52:1d:d8:9e:80:8d:05:4d:43:05:3b:94:61:c5:
da:71:91:6d:d7:ea:d1:a3:ee:8d:58:eb:42:9d:37:
ff:7b:0b:89:c0:b0:71:2c:0b:cc:a3:6c:aa:b3:8c:
0b:03:d6:53:7d:14:96:f8:8d:d2:52:61:50:39:51:
a3:cd:cf:73:3d:eb:7f:5f:97:8a:a5:94:7c:f8:62:
d6:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:60:33:A6:74:06:DC:0B:3E:D2:2E:F4:86:AE:7E:A1:CE:D0:25:DC
X509v3 Authority Key Identifier:
keyid:F6:AF:43:39:74:DF:37:3B:70:AB:D7:6B:13:E1:C7:0C:77:5F:55:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9q9DOXTfNztwq9drE-HHDHdfVUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/bWAzpnQG3As-0i70hq5-oc7QJdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/9q9DOXTfNztwq9drE-HHDHdfVUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3e80:600::/40
Signature Algorithm: sha256WithRSAEncryption
51:2e:d2:6b:69:57:46:5d:69:ac:9a:01:eb:b7:43:8d:38:d1:
fb:3b:3f:f3:bb:4d:37:55:a1:4f:b7:15:bf:9c:00:65:2c:83:
cf:4d:ee:e3:e8:84:a6:86:85:c4:5f:fa:c6:b3:bf:6f:94:47:
73:ec:70:be:da:ca:b2:8d:c0:18:46:fb:35:aa:8f:b2:f8:9e:
87:5a:e6:11:83:fe:6a:e3:3d:45:72:2d:68:2f:c9:33:42:de:
3f:16:a0:fb:3a:ba:4c:b6:f5:ce:67:b4:87:88:18:78:08:db:
c0:45:3c:89:97:b2:ec:fb:67:34:bd:e7:ef:0c:c7:1b:2a:4f:
52:40:b0:7a:f1:4c:35:f1:ce:04:fb:be:1a:4a:e4:70:ea:f5:
d0:f8:c6:32:1b:c8:fd:c8:21:fd:2a:69:2b:c5:28:d6:5c:2c:
7c:83:e2:50:e5:e5:c5:9a:4e:03:f1:c8:27:7f:44:d3:9c:a1:
70:ab:6f:24:14:53:9d:57:e3:bc:91:70:2c:50:cf:58:6c:41:
8c:ad:09:c2:34:66:b1:ef:e9:1d:1e:c1:7a:d7:45:45:a0:9f:
0c:e7:d2:52:da:9e:77:6c:73:66:73:59:37:9a:df:ec:b4:f0:
e1:26:00:47:18:1c:3d:88:c2:18:b6:59:51:d5:01:51:d6:a6:
df:2c:b4:0d
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYwW4NF0nlDO917+qe9nCnAVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2YWY0MzM5NzRkZjM3M2I3MGFiZDc2YjEzZTFjNzBjNzc1
ZjU1NGIwHhcNMjMxMTI4MTcwMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDYwMzNhNjc0MDZkYzBiM2VkMjJlZjQ4NmFlN2VhMWNlZDAyNWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAip706xXDAK2bWN2WprhQyg/vRIvf
WOUMRDpFSGVj4UlPUfotDetRKHZz1Vu8vdPynOU6wJzsXeMJ4f/CsLvcv4YKGl9Y
IsW0Z10k+FSLssFgEYQTpzivOo8RU85foiHvF2XMvGhMz9ow19a6Z/T0CSv8Lt7c
xN++luQby/TtAzpxBt5BnEqiDY8dpO30eLoawngY8Jr12o5CYxBwhl5mVPmOoms1
S5mNm/Utd8UZaO7QNDL3Uh3YnoCNBU1DBTuUYcXacZFt1+rRo+6NWOtCnTf/ewuJ
wLBxLAvMo2yqs4wLA9ZTfRSW+I3SUmFQOVGjzc9zPet/X5eKpZR8+GLWrwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFG1gM6Z0BtwLPtIu9IaufqHO0CXcMB8GA1UdIwQY
MBaAFPavQzl03zc7cKvXaxPhxwx3X1VLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXE5RE9YVGZOenR3cTlkckUtSEhESGRmVlVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9mOWNhZjAtMmMyZS00ODk3LThhM2It
YTI2YmM2NTNiMDZiLzEvYldBenBuUUczQXMtMGk3MGhxNS1vYzdRSmR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9mOWNhZjAtMmMyZS00ODk3LThhM2ItYTI2YmM2NTNiMDZi
LzEvOXE5RE9YVGZOenR3cTlkckUtSEhESGRmVlVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhI+gAYw
DQYJKoZIhvcNAQELBQADggEBAFEu0mtpV0ZdaayaAeu3Q4040fs7P/O7TTdVoU+3
Fb+cAGUsg89N7uPohKaGhcRf+sazv2+UR3PscL7ayrKNwBhG+zWqj7L4noda5hGD
/mrjPUVyLWgvyTNC3j8WoPs6uky29c5ntIeIGHgI28BFPImXsuz7ZzS95+8Mxxsq
T1JAsHrxTDXxzgT7vhpK5HDq9dD4xjIbyP3IIf0qaSvFKNZcLHyD4lDl5cWaTgPx
yCd/RNOcoXCrbyQUU51X47yRcCxQz1hsQYytCcI0ZrHv6R0ewXrXRUWgnwzn0lLa
nndsc2ZzWTea3+y08OEmAEcYHD2Iwhi2WVHVAVHWpt8stA0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:18 2024 by rpki-client on console-ams.rpki-client.org