Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9c7aff-d83e-4f51-9b96-5484c39b2d4e/1/6YulVafsKNk2VqWFu1pW3CxVZoY.roa
File: 6YulVafsKNk2VqWFu1pW3CxVZoY.roa (raw, json)
Hash identifier: yKT8wg9bhBxfYJ9yvhDLEfh12mqTk3ttCBxmWjSLZ8Q=
Subject key identifier: E9:8B:A5:55:A7:EC:28:D9:36:56:A5:85:BB:5A:56:DC:2C:55:66:86
Certificate issuer: /CN=21bfa77b3cd782933e5f255445d428adfbdca0e1
Certificate serial: 01856F547F289F1A1F331D76936A49A18881
Authority key identifier: 21:BF:A7:7B:3C:D7:82:93:3E:5F:25:54:45:D4:28:AD:FB:DC:A0:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ib-nezzXgpM-XyVURdQorfvcoOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9c7aff-d83e-4f51-9b96-5484c39b2d4e/1/6YulVafsKNk2VqWFu1pW3CxVZoY.roa
Signing time: Sun 01 Jan 2023 21:54:46 +0000
ROA not before: Sun 01 Jan 2023 21:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13002
IP address blocks: 2a02:17e8::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:7f:28:9f:1a:1f:33:1d:76:93:6a:49:a1:88:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bfa77b3cd782933e5f255445d428adfbdca0e1
Validity
Not Before: Jan 1 21:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e98ba555a7ec28d93656a585bb5a56dc2c556686
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:5f:3e:49:c6:95:89:d4:c0:f8:5e:26:dd:40:
93:6b:bb:d2:8a:67:dc:f0:b6:7c:b5:f3:d7:e1:0b:
3f:14:60:48:ae:73:38:93:d5:72:78:ee:e1:fb:77:
cd:87:35:37:53:ed:c1:fb:2b:da:a5:24:a2:06:76:
83:48:9c:a7:59:1f:39:45:57:42:f1:3b:85:b2:a3:
5b:e8:59:30:58:77:8f:1e:54:2e:cf:2e:e6:30:dd:
c6:a9:5d:19:15:4a:ca:85:bc:89:3e:ec:55:8e:53:
57:7d:d7:ac:f4:a1:ac:40:87:f7:6d:ec:21:8b:b7:
50:23:2f:9a:80:69:53:d7:32:e4:5a:85:27:23:5f:
22:d8:4d:b5:fb:f7:5b:fc:70:63:eb:37:66:c0:4b:
22:46:17:3f:41:be:78:4c:18:96:d9:4a:cf:3a:e0:
c6:7e:ea:fb:81:55:11:b7:6e:0d:c2:6b:58:4a:ba:
91:6e:ad:8d:4d:86:97:4d:24:1c:34:4b:79:e0:8d:
cb:53:83:78:45:77:4a:16:0d:f6:b9:a3:26:30:6d:
e0:ee:34:03:08:48:6c:56:f2:7e:d6:0f:20:52:6e:
4f:b5:09:96:a8:ac:37:e5:d9:41:95:67:e0:e8:13:
ff:f6:92:b0:f2:fa:6f:b7:48:92:32:76:44:04:77:
da:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:8B:A5:55:A7:EC:28:D9:36:56:A5:85:BB:5A:56:DC:2C:55:66:86
X509v3 Authority Key Identifier:
keyid:21:BF:A7:7B:3C:D7:82:93:3E:5F:25:54:45:D4:28:AD:FB:DC:A0:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ib-nezzXgpM-XyVURdQorfvcoOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9c7aff-d83e-4f51-9b96-5484c39b2d4e/1/6YulVafsKNk2VqWFu1pW3CxVZoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9c7aff-d83e-4f51-9b96-5484c39b2d4e/1/Ib-nezzXgpM-XyVURdQorfvcoOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:17e8::/32
Signature Algorithm: sha256WithRSAEncryption
51:ce:34:95:e9:32:4d:f7:e9:63:88:76:51:46:51:12:54:55:
1d:00:d6:86:95:cd:59:58:e9:d5:b5:15:65:93:63:8e:7a:95:
85:a5:cc:b7:4b:a7:99:2f:61:4e:70:3d:c3:6a:5e:40:c2:ce:
7a:f6:92:42:f5:98:df:a5:3d:34:82:51:91:de:78:55:e4:31:
f6:e8:b9:81:1a:aa:4e:f6:b3:76:bd:d3:88:b1:98:37:e6:3f:
c6:e6:1e:9b:b2:21:db:e2:91:d4:12:ec:1d:96:73:8d:45:86:
9a:01:68:21:15:1b:be:ba:31:07:55:5a:10:a7:27:8b:2d:f9:
15:7c:4d:1a:6d:55:ca:ca:3e:0f:c7:07:c8:e2:99:31:23:06:
e1:35:1f:ab:f6:70:3e:9a:eb:bd:d0:99:36:d2:1c:eb:e4:ab:
c8:7d:fa:5b:7c:3e:bb:66:e8:95:c4:a4:4b:ba:e1:0d:39:7e:
d2:a8:9c:d6:29:af:77:41:c3:8d:8c:64:ef:f7:f6:bd:f2:3e:
a9:66:2d:ca:bb:9f:60:65:da:24:61:cb:5c:4b:05:d3:cc:8d:
c0:49:ba:f2:77:b1:87:5f:97:c5:d8:8f:89:b2:72:50:d6:40:
63:0b:fc:69:56:c2:d3:b1:64:4b:36:a3:ba:26:88:5d:18:ce:
d2:fd:7c:30
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVvVH8onxofMx12k2pJoYiBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmZhNzdiM2NkNzgyOTMzZTVmMjU1NDQ1ZDQyOGFkZmJk
Y2EwZTEwHhcNMjMwMTAxMjE1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOThiYTU1NWE3ZWMyOGQ5MzY1NmE1ODViYjVhNTZkYzJjNTU2Njg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz18+ScaVidTA+F4m3UCTa7vSimfc
8LZ8tfPX4Qs/FGBIrnM4k9VyeO7h+3fNhzU3U+3B+yvapSSiBnaDSJynWR85RVdC
8TuFsqNb6FkwWHePHlQuzy7mMN3GqV0ZFUrKhbyJPuxVjlNXfdes9KGsQIf3bewh
i7dQIy+agGlT1zLkWoUnI18i2E21+/db/HBj6zdmwEsiRhc/Qb54TBiW2UrPOuDG
fur7gVURt24NwmtYSrqRbq2NTYaXTSQcNEt54I3LU4N4RXdKFg32uaMmMG3g7jQD
CEhsVvJ+1g8gUm5PtQmWqKw35dlBlWfg6BP/9pKw8vpvt0iSMnZEBHfaEwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOmLpVWn7CjZNlalhbtaVtwsVWaGMB8GA1UdIwQY
MBaAFCG/p3s814KTPl8lVEXUKK373KDhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWItbmV6elhncE0tWHlWVVJkUW9yZnZjb09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85YzdhZmYtZDgzZS00ZjUxLTliOTYt
NTQ4NGMzOWIyZDRlLzEvNll1bFZhZnNLTmsyVnFXRnUxcFczQ3hWWm9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85YzdhZmYtZDgzZS00ZjUxLTliOTYtNTQ4NGMzOWIyZDRl
LzEvSWItbmV6elhncE0tWHlWVVJkUW9yZnZjb09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgIX6DAN
BgkqhkiG9w0BAQsFAAOCAQEAUc40lekyTffpY4h2UUZRElRVHQDWhpXNWVjp1bUV
ZZNjjnqVhaXMt0unmS9hTnA9w2peQMLOevaSQvWY36U9NIJRkd54VeQx9ui5gRqq
Tvazdr3TiLGYN+Y/xuYem7Ih2+KR1BLsHZZzjUWGmgFoIRUbvroxB1VaEKcniy35
FXxNGm1Vyso+D8cHyOKZMSMG4TUfq/ZwPprrvdCZNtIc6+SryH36W3w+u2bolcSk
S7rhDTl+0qic1imvd0HDjYxk7/f2vfI+qWYtyrufYGXaJGHLXEsF08yNwEm68nex
h1+XxdiPibJyUNZAYwv8aVbC07FkSzajuiaIXRjO0v18MA==
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:28 2024 by rpki-client on console-ams.rpki-client.org