Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/KnyQakGtJ7smHeHDiiEs9s1UJeE.roa
File: KnyQakGtJ7smHeHDiiEs9s1UJeE.roa (raw, json)
Hash identifier: elytS2PVVWqsj1OXbbBVSY7TmGi3vpNMUJlbh3sVt4s=
Subject key identifier: 2A:7C:90:6A:41:AD:27:BB:26:1D:E1:C3:8A:21:2C:F6:CD:54:25:E1
Certificate issuer: /CN=6ba26b56cee97f6020941bb17c6a7c6cea0f814a
Certificate serial: 01857030319011C2C90F7DBEE637CCAAA838
Authority key identifier: 6B:A2:6B:56:CE:E9:7F:60:20:94:1B:B1:7C:6A:7C:6C:EA:0F:81:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6JrVs7pf2AglBuxfGp8bOoPgUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/KnyQakGtJ7smHeHDiiEs9s1UJeE.roa
Signing time: Mon 02 Jan 2023 01:54:44 +0000
ROA not before: Mon 02 Jan 2023 01:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210779
IP address blocks: 2a0d:c740:a::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 18 Jan 2023 15:57:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:31:90:11:c2:c9:0f:7d:be:e6:37:cc:aa:a8:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba26b56cee97f6020941bb17c6a7c6cea0f814a
Validity
Not Before: Jan 2 01:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a7c906a41ad27bb261de1c38a212cf6cd5425e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5a:45:aa:9e:0c:0d:ea:76:a0:96:a4:b4:43:
c9:c1:48:6c:94:fd:37:f5:6b:2f:d9:fe:0c:c8:99:
75:1b:ab:1e:46:cd:ad:1f:bf:5e:ef:85:7b:d5:f1:
c8:b9:bc:95:b0:1b:4c:a2:fc:dd:83:b9:3c:5d:c8:
98:4a:5b:8d:c7:d4:a1:a4:5b:41:ab:4f:29:bd:c3:
8e:1b:7b:9e:86:ec:54:d0:9b:c3:e9:84:66:25:21:
0d:cd:98:5e:45:b3:c4:0c:21:63:13:9b:ed:85:0a:
17:e9:43:40:fa:b7:8f:a1:50:39:38:66:6f:6f:20:
92:e0:5a:3c:64:8e:92:79:0f:2c:ef:9e:e1:c9:8d:
b4:11:62:45:48:97:40:df:da:08:e3:ad:9e:a5:7f:
ce:6a:51:ba:8d:8b:08:10:c4:73:02:f5:9c:6c:f8:
69:9f:d4:98:63:d0:25:c5:ae:c0:54:0c:1c:2a:44:
d5:0f:28:2f:66:ff:c5:11:6c:6e:71:39:b4:ef:ba:
40:3b:c1:46:a7:a0:13:1f:b2:1e:89:7e:00:64:16:
d4:09:c8:76:e3:a4:e0:7a:21:f0:0f:fd:a1:c1:81:
c8:df:b1:f5:4b:6d:b1:57:6a:1a:e7:7b:ca:c5:9c:
ca:4e:52:e8:58:83:6e:44:9f:18:61:d4:c8:52:fe:
09:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:7C:90:6A:41:AD:27:BB:26:1D:E1:C3:8A:21:2C:F6:CD:54:25:E1
X509v3 Authority Key Identifier:
keyid:6B:A2:6B:56:CE:E9:7F:60:20:94:1B:B1:7C:6A:7C:6C:EA:0F:81:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6JrVs7pf2AglBuxfGp8bOoPgUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/KnyQakGtJ7smHeHDiiEs9s1UJeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/a6JrVs7pf2AglBuxfGp8bOoPgUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:c740:a::/48
Signature Algorithm: sha256WithRSAEncryption
95:28:aa:51:4b:fd:6d:61:01:e0:f8:21:b0:34:08:28:17:7b:
31:e0:f4:1e:a1:d3:c4:95:22:f9:cc:0d:bc:97:4b:a0:50:df:
66:d9:77:c3:8a:f8:b0:a2:e8:cf:d2:db:09:15:ab:fb:bb:7f:
77:22:61:3f:ab:62:9f:d2:e1:2d:43:f5:4d:2a:32:be:c1:0e:
c9:e2:c4:88:de:05:46:80:67:55:e7:23:ba:63:86:18:ec:9f:
d0:1e:b9:a4:b8:de:ed:aa:c4:0b:d7:51:51:b2:9e:56:15:08:
eb:6b:aa:2b:b6:da:f9:2e:fa:80:bc:a8:93:6f:68:7c:de:a8:
67:0c:c9:20:7d:81:e6:85:2d:97:7e:c5:0f:9f:0e:04:f4:c5:
19:e0:82:60:1c:bb:8f:54:36:0d:e5:51:f3:16:23:7b:7e:84:
b8:1e:92:4f:48:db:f0:2d:3f:59:ad:d7:7f:f3:06:83:49:7a:
94:78:39:e3:fb:86:c3:1d:17:be:fc:5d:df:5f:22:2c:da:3a:
88:f0:fc:e5:9e:ac:13:26:84:77:b0:f2:ab:ba:79:d5:7b:e5:
70:db:68:f2:a9:b6:82:b1:a7:6b:a1:a8:13:a6:07:28:72:3b:
9c:a3:f6:23:f1:63:25:d6:4f:7f:29:26:8f:26:18:c2:60:97:
4f:5d:4b:17
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVwMDGQEcLJD32+5jfMqqg4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYTI2YjU2Y2VlOTdmNjAyMDk0MWJiMTdjNmE3YzZjZWEw
ZjgxNGEwHhcNMjMwMTAyMDE1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTdjOTA2YTQxYWQyN2JiMjYxZGUxYzM4YTIxMmNmNmNkNTQyNWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlpFqp4MDep2oJaktEPJwUhslP03
9Wsv2f4MyJl1G6seRs2tH79e74V71fHIubyVsBtMovzdg7k8XciYSluNx9ShpFtB
q08pvcOOG3uehuxU0JvD6YRmJSENzZheRbPEDCFjE5vthQoX6UNA+rePoVA5OGZv
byCS4Fo8ZI6SeQ8s757hyY20EWJFSJdA39oI462epX/OalG6jYsIEMRzAvWcbPhp
n9SYY9Alxa7AVAwcKkTVDygvZv/FEWxucTm077pAO8FGp6ATH7IeiX4AZBbUCch2
46TgeiHwD/2hwYHI37H1S22xV2oa53vKxZzKTlLoWINuRJ8YYdTIUv4JmQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCp8kGpBrSe7Jh3hw4ohLPbNVCXhMB8GA1UdIwQY
MBaAFGuia1bO6X9gIJQbsXxqfGzqD4FKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZKclZzN3BmMkFnbEJ1eGZHcDhiT29QZ1VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iOTAzZTktNmQwOS00ZTIwLWI5MjYt
MzY5MmY5NmUzM2E5LzEvS255UWFrR3RKN3NtSGVIRGlpRXM5czFVSmVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iOTAzZTktNmQwOS00ZTIwLWI5MjYtMzY5MmY5NmUzM2E5
LzEvYTZKclZzN3BmMkFnbEJ1eGZHcDhiT29QZ1VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg3HQAAK
MA0GCSqGSIb3DQEBCwUAA4IBAQCVKKpRS/1tYQHg+CGwNAgoF3sx4PQeodPElSL5
zA28l0ugUN9m2XfDiviwoujP0tsJFav7u393ImE/q2Kf0uEtQ/VNKjK+wQ7J4sSI
3gVGgGdV5yO6Y4YY7J/QHrmkuN7tqsQL11FRsp5WFQjra6orttr5LvqAvKiTb2h8
3qhnDMkgfYHmhS2XfsUPnw4E9MUZ4IJgHLuPVDYN5VHzFiN7foS4HpJPSNvwLT9Z
rdd/8waDSXqUeDnj+4bDHRe+/F3fXyIs2jqI8PzlnqwTJoR3sPKrunnVe+Vw22jy
qbaCsadroagTpgcocjuco/Yj8WMl1k9/KSaPJhjCYJdPXUsX
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:07 2024 by rpki-client on console-fra.rpki-client.org