Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/xXMrzlCr6zuyOirNEhrMjYxwitA.roa
File: xXMrzlCr6zuyOirNEhrMjYxwitA.roa (raw, json)
Hash identifier: hV9myCByTQbFiML3djl8JygfF4b42KjjvvzIV8PwAoQ=
Subject key identifier: C5:73:2B:CE:50:AB:EB:3B:B2:3A:2A:CD:12:1A:CC:8D:8C:70:8A:D0
Certificate issuer: /CN=6aa8fa75c5020cd6218cf7f109de420265204bac
Certificate serial: 018CC86FA88E64A9DC04E20BE165ABF787F6
Authority key identifier: 6A:A8:FA:75:C5:02:0C:D6:21:8C:F7:F1:09:DE:42:02:65:20:4B:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/xXMrzlCr6zuyOirNEhrMjYxwitA.roa
Signing time: Tue 02 Jan 2024 04:30:09 +0000
ROA not before: Tue 02 Jan 2024 04:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202525
IP address blocks: 2a13:d047::/48 maxlen: 48
2a13:d046:fffc::/48 maxlen: 48
2a13:d046:ffff::/48 maxlen: 48
2a13:d046:fffe::/48 maxlen: 48
2a13:d040:2::/48 maxlen: 48
2a13:d040::/48 maxlen: 48
2001:67c:c00::/48 maxlen: 48
2a13:d046:fffd::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 04 Apr 2024 03:37:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:a8:8e:64:a9:dc:04:e2:0b:e1:65:ab:f7:87:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6aa8fa75c5020cd6218cf7f109de420265204bac
Validity
Not Before: Jan 2 04:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5732bce50abeb3bb23a2acd121acc8d8c708ad0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:79:00:9e:d8:91:80:d8:8a:04:48:91:63:a1:
81:6d:bf:46:3d:e8:6b:ca:2f:40:7f:b0:f7:34:47:
d9:3b:c7:9f:2b:7f:a7:85:30:9a:b6:42:78:e3:d7:
58:63:f2:8e:6e:45:13:f2:53:dd:d2:c5:94:12:49:
15:af:a7:5f:8f:ec:26:1c:d5:23:01:19:ff:45:7a:
4e:4d:ff:e0:f7:56:ef:61:57:81:88:4c:da:fa:4a:
1f:b6:5c:c3:d5:b4:e8:b3:b9:b5:8d:c5:48:01:07:
b9:4e:ad:f3:2f:6f:37:41:1a:18:0a:60:87:b5:f7:
52:b9:0d:23:bd:60:ea:89:59:a3:a3:e3:70:67:75:
87:9f:10:ce:13:b6:20:df:8c:3d:bd:86:93:a7:06:
87:a0:49:fe:b1:ec:16:9d:04:b0:9f:2f:1e:be:16:
2f:8c:20:f3:be:50:25:bf:38:5f:7f:66:d7:d6:27:
50:bd:10:99:69:c8:2b:72:2f:02:f9:b3:b3:ef:d8:
da:fc:33:1f:68:65:83:02:03:df:86:42:4e:a1:18:
12:41:f0:0b:49:94:1d:22:57:b6:20:bb:c8:7f:e8:
40:1d:4b:bb:99:4b:4e:1a:97:f4:fa:34:14:48:c9:
61:aa:68:e5:18:32:09:5a:6b:d4:ca:85:ba:48:c6:
a8:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:73:2B:CE:50:AB:EB:3B:B2:3A:2A:CD:12:1A:CC:8D:8C:70:8A:D0
X509v3 Authority Key Identifier:
keyid:6A:A8:FA:75:C5:02:0C:D6:21:8C:F7:F1:09:DE:42:02:65:20:4B:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/xXMrzlCr6zuyOirNEhrMjYxwitA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/aqj6dcUCDNYhjPfxCd5CAmUgS6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:c00::/48
2a13:d040::/48
2a13:d040:2::/48
2a13:d046:fffc::-2a13:d047:0:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3b:64:ff:29:42:31:ed:5a:68:0d:0f:7b:82:d0:16:9b:84:19:
fe:69:92:1f:eb:0e:5c:b9:9c:7e:86:7f:54:6e:8e:6e:f7:c2:
18:bf:b7:5b:ea:11:c9:29:1f:82:a1:73:c5:96:d5:6b:cf:97:
b5:20:76:0f:e5:55:1f:0f:65:60:e7:89:3e:a5:95:f5:3f:e5:
5f:37:9c:9e:6c:00:1a:ca:cb:73:de:a9:48:6f:93:4e:b4:7b:
87:70:a3:2f:89:07:20:5b:3b:77:42:1a:e2:77:42:9d:5a:76:
a3:71:3e:05:82:8c:0f:17:e9:f9:18:85:78:4a:1f:92:1c:3b:
86:27:c5:d9:90:ee:54:9a:23:17:7f:18:99:d5:73:96:0d:23:
25:86:21:87:00:10:ed:f6:8f:b9:4f:2c:40:a0:84:8d:67:35:
2c:07:19:88:8d:76:2a:59:33:5f:55:e9:11:c2:5e:b9:c2:00:
b9:2b:b6:ea:a4:ec:d7:19:46:46:8f:6c:bf:f6:9f:da:68:aa:
6d:99:73:9d:42:c3:f0:97:ed:ab:6c:62:57:3f:dc:43:52:bf:
e1:a3:13:39:0c:c1:ef:c3:3c:99:6d:0c:37:eb:58:24:74:13:
c5:6f:13:42:7f:f1:2f:35:a3:5c:80:60:b3:e0:a2:74:a0:16:
9e:a1:a2:65
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYzIb6iOZKncBOIL4WWr94f2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhYThmYTc1YzUwMjBjZDYyMThjZjdmMTA5ZGU0MjAyNjUy
MDRiYWMwHhcNMjQwMTAyMDQzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTczMmJjZTUwYWJlYjNiYjIzYTJhY2QxMjFhY2M4ZDhjNzA4YWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXkAntiRgNiKBEiRY6GBbb9GPehr
yi9Af7D3NEfZO8efK3+nhTCatkJ449dYY/KObkUT8lPd0sWUEkkVr6dfj+wmHNUj
ARn/RXpOTf/g91bvYVeBiEza+koftlzD1bTos7m1jcVIAQe5Tq3zL283QRoYCmCH
tfdSuQ0jvWDqiVmjo+NwZ3WHnxDOE7Yg34w9vYaTpwaHoEn+sewWnQSwny8evhYv
jCDzvlAlvzhff2bX1idQvRCZacgrci8C+bOz79ja/DMfaGWDAgPfhkJOoRgSQfAL
SZQdIle2ILvIf+hAHUu7mUtOGpf0+jQUSMlhqmjlGDIJWmvUyoW6SMaosQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFMVzK85Qq+s7sjoqzRIazI2McIrQMB8GA1UdIwQY
MBaAFGqo+nXFAgzWIYz38QneQgJlIEusMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXFqNmRjVUNETlloalBmeENkNUNBbVVnUzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy83MDEyZDgtYWZhMS00MTliLThiNjAt
MzVjNjNmYTc2NWEyLzEveFhNcnpsQ3I2enV5T2lyTkVock1qWXh3aXRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy83MDEyZDgtYWZhMS00MTliLThiNjAtMzVjNjNmYTc2NWEy
LzEvYXFqNmRjVUNETlloalBmeENkNUNBbVVnUzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzA1BAIAAjAvAwcAIAEGfAwA
AwcAKhPQQAAAAwcAKhPQQAACMBIDBwIqE9BG//wDBwAqE9BHAAAwDQYJKoZIhvcN
AQELBQADggEBADtk/ylCMe1aaA0Pe4LQFpuEGf5pkh/rDly5nH6Gf1Rujm73whi/
t1vqEckpH4Khc8WW1WvPl7Ugdg/lVR8PZWDniT6llfU/5V83nJ5sABrKy3PeqUhv
k060e4dwoy+JByBbO3dCGuJ3Qp1adqNxPgWCjA8X6fkYhXhKH5IcO4YnxdmQ7lSa
Ixd/GJnVc5YNIyWGIYcAEO32j7lPLECghI1nNSwHGYiNdipZM19V6RHCXrnCALkr
tuqk7NcZRkaPbL/2n9poqm2Zc51Cw/CX7atsYlc/3ENSv+GjEzkMwe/DPJltDDfr
WCR0E8VvE0J/8S81o1yAYLPgonSgFp6homU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:37 2024 by rpki-client on console-fra.rpki-client.org