Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/DnX09WtqRfoG96QPaQS-NC1p7Dk.roa
File: DnX09WtqRfoG96QPaQS-NC1p7Dk.roa (raw, json)
Hash identifier: E8Jvsxuhjv2ydR/jx7DbI+Fl0mZxlmRskx6ozlCAev8=
Subject key identifier: 0E:75:F4:F5:6B:6A:45:FA:06:F7:A4:0F:69:04:BE:34:2D:69:EC:39
Certificate issuer: /CN=6aa8fa75c5020cd6218cf7f109de420265204bac
Certificate serial: 018B0C0A8C4E61311449AD84922AD62A0BF6
Authority key identifier: 6A:A8:FA:75:C5:02:0C:D6:21:8C:F7:F1:09:DE:42:02:65:20:4B:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/DnX09WtqRfoG96QPaQS-NC1p7Dk.roa
Signing time: Sat 07 Oct 2023 21:28:19 +0000
ROA not before: Sat 07 Oct 2023 21:28:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202525
IP address blocks: 2a13:d047::/48 maxlen: 48
2a13:d046:ffff::/48 maxlen: 48
2a13:d046:fffe::/48 maxlen: 48
2001:67c:c00::/48 maxlen: 48
2a13:d040::/48 maxlen: 48
2a13:d046:fffd::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:0c:0a:8c:4e:61:31:14:49:ad:84:92:2a:d6:2a:0b:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6aa8fa75c5020cd6218cf7f109de420265204bac
Validity
Not Before: Oct 7 21:28:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e75f4f56b6a45fa06f7a40f6904be342d69ec39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:31:c7:73:c6:d7:38:ba:19:5f:3f:f7:29:a7:
b8:fe:4c:f4:a7:67:a0:e9:2c:bb:db:f4:1c:e7:65:
2f:a9:4c:54:de:e6:d2:69:85:a9:e7:07:17:ce:05:
eb:8b:a8:2e:33:d0:d3:64:66:70:85:74:17:ff:7f:
2d:69:21:85:36:ee:75:81:0a:90:7d:ef:e8:fd:91:
77:7a:a6:cd:ad:53:a3:6b:93:b2:c3:5a:40:ae:1f:
59:73:45:9a:ee:76:ec:3e:34:dd:73:d6:84:63:46:
95:4a:2e:0a:ec:e5:d2:b4:84:3d:b2:fd:c7:80:60:
62:d8:d4:0d:9c:a7:6c:b1:38:a9:ff:5e:9e:d2:8b:
9e:4f:25:86:e7:5c:d8:46:f0:25:14:61:a5:e9:d3:
05:53:2d:aa:2a:d4:05:9a:f0:df:9d:63:06:41:24:
63:1e:43:8e:90:6c:41:87:1b:a8:1a:23:c1:1b:46:
85:c9:16:cc:36:15:f8:95:74:f2:6e:36:0b:84:b1:
f7:fc:31:b3:37:cc:40:e9:b4:e5:ba:62:c7:d9:67:
b0:40:4f:5a:90:54:16:48:fe:74:b9:8a:68:a3:c0:
26:fb:48:56:e0:f5:b2:ca:ad:68:d7:97:54:8b:e9:
1b:83:8d:df:c5:d3:b8:45:07:5f:55:df:ef:b7:47:
32:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:75:F4:F5:6B:6A:45:FA:06:F7:A4:0F:69:04:BE:34:2D:69:EC:39
X509v3 Authority Key Identifier:
keyid:6A:A8:FA:75:C5:02:0C:D6:21:8C:F7:F1:09:DE:42:02:65:20:4B:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/DnX09WtqRfoG96QPaQS-NC1p7Dk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/aqj6dcUCDNYhjPfxCd5CAmUgS6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:c00::/48
2a13:d040::/48
2a13:d046:fffd::-2a13:d047:0:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
90:0b:c1:da:20:c4:04:4d:76:35:6f:22:ff:f5:ff:50:98:73:
c8:21:3e:99:d6:81:1a:c7:dc:f5:af:9c:28:36:fc:3e:8a:93:
fe:b9:df:de:30:05:66:7b:84:92:91:07:e4:a7:75:9e:fd:22:
15:15:9a:40:32:9a:c6:83:e4:73:f5:c1:a6:37:8e:eb:5a:00:
70:05:5f:d1:3f:1c:40:aa:ca:78:3f:0c:a8:12:a8:e1:9b:fb:
43:c1:d8:18:dc:74:c6:3e:df:08:7d:87:a4:3c:cb:18:aa:2c:
d4:bc:ef:00:d0:d1:a1:43:4c:82:2f:e2:a4:f0:36:3c:4b:d8:
6e:ff:aa:bc:7f:95:08:0c:8e:a9:ec:9b:64:86:3a:d1:5a:db:
53:e8:27:55:21:a4:d1:b4:52:fb:6f:5f:30:2c:ff:dc:f7:9b:
5a:37:a6:aa:89:3f:6a:43:91:d4:06:a5:0d:9f:99:13:47:f2:
0e:8c:7b:20:ee:56:a9:c9:e0:5d:7b:2d:a3:c2:e0:3e:eb:ce:
e4:c0:0d:ed:a7:d4:a3:a8:ec:62:04:e3:33:d8:80:79:34:cc:
86:f5:3e:26:95:68:03:a8:10:45:83:a0:2d:4f:84:d4:07:d6:
7e:f7:d4:ef:dc:cb:f3:bb:8f:82:58:dd:75:9b:b9:e1:40:84:
9f:e9:75:2b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYsMCoxOYTEUSa2EkirWKgv2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhYThmYTc1YzUwMjBjZDYyMThjZjdmMTA5ZGU0MjAyNjUy
MDRiYWMwHhcNMjMxMDA3MjEyODE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTc1ZjRmNTZiNmE0NWZhMDZmN2E0MGY2OTA0YmUzNDJkNjllYzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTHHc8bXOLoZXz/3Kae4/kz0p2eg
6Sy72/Qc52UvqUxU3ubSaYWp5wcXzgXri6guM9DTZGZwhXQX/38taSGFNu51gQqQ
fe/o/ZF3eqbNrVOja5Oyw1pArh9Zc0Wa7nbsPjTdc9aEY0aVSi4K7OXStIQ9sv3H
gGBi2NQNnKdssTip/16e0oueTyWG51zYRvAlFGGl6dMFUy2qKtQFmvDfnWMGQSRj
HkOOkGxBhxuoGiPBG0aFyRbMNhX4lXTybjYLhLH3/DGzN8xA6bTlumLH2WewQE9a
kFQWSP50uYpoo8Am+0hW4PWyyq1o15dUi+kbg43fxdO4RQdfVd/vt0cyTwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFA519PVrakX6BvekD2kEvjQtaew5MB8GA1UdIwQY
MBaAFGqo+nXFAgzWIYz38QneQgJlIEusMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXFqNmRjVUNETlloalBmeENkNUNBbVVnUzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy83MDEyZDgtYWZhMS00MTliLThiNjAt
MzVjNjNmYTc2NWEyLzEvRG5YMDlXdHFSZm9HOTZRUGFRUy1OQzFwN0RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy83MDEyZDgtYWZhMS00MTliLThiNjAtMzVjNjNmYTc2NWEy
LzEvYXFqNmRjVUNETlloalBmeENkNUNBbVVnUzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAwcAIAEGfAwA
AwcAKhPQQAAAMBIDBwAqE9BG//0DBwAqE9BHAAAwDQYJKoZIhvcNAQELBQADggEB
AJALwdogxARNdjVvIv/1/1CYc8ghPpnWgRrH3PWvnCg2/D6Kk/65394wBWZ7hJKR
B+SndZ79IhUVmkAymsaD5HP1waY3jutaAHAFX9E/HECqyng/DKgSqOGb+0PB2Bjc
dMY+3wh9h6Q8yxiqLNS87wDQ0aFDTIIv4qTwNjxL2G7/qrx/lQgMjqnsm2SGOtFa
21PoJ1UhpNG0UvtvXzAs/9z3m1o3pqqJP2pDkdQGpQ2fmRNH8g6MeyDuVqnJ4F17
LaPC4D7rzuTADe2n1KOo7GIE4zPYgHk0zIb1PiaVaAOoEEWDoC1PhNQH1n731O/c
y/O7j4JY3XWbueFAhJ/pdSs=
-----END CERTIFICATE-----
Generated at Fri Oct 27 21:49:48 2023 by rpki-client on console-ams.rpki-client.org