Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/vB20k_v1XE8e_u7lc36BQDrWQYM.roa
File: vB20k_v1XE8e_u7lc36BQDrWQYM.roa (raw, json)
Hash identifier: ES+RIojiO1eIqwftx6iQX1qpkdZy+zjP/WiLHRHb/iQ=
Subject key identifier: BC:1D:B4:93:FB:F5:5C:4F:1E:FE:EE:E5:73:7E:81:40:3A:D6:41:83
Certificate issuer: /CN=8a1ce1d135bf2cf8e8c13f33ec11c8523703dc75
Certificate serial: 018571B0D8FBF94B0265AEC95AC0550FFCB9
Authority key identifier: 8A:1C:E1:D1:35:BF:2C:F8:E8:C1:3F:33:EC:11:C8:52:37:03:DC:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ihzh0TW_LPjowT8z7BHIUjcD3HU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/vB20k_v1XE8e_u7lc36BQDrWQYM.roa
Signing time: Mon 02 Jan 2023 08:54:53 +0000
ROA not before: Mon 02 Jan 2023 08:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205138
IP address blocks: 2a0c:7cc5:3::/48 maxlen: 48
2a0c:7cc5::/48 maxlen: 48
2a0c:7cc5:1::/48 maxlen: 48
2a0c:7cc5:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:d8:fb:f9:4b:02:65:ae:c9:5a:c0:55:0f:fc:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a1ce1d135bf2cf8e8c13f33ec11c8523703dc75
Validity
Not Before: Jan 2 08:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc1db493fbf55c4f1efeeee5737e81403ad64183
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:7e:49:20:07:91:a5:ff:2e:14:3f:1c:ea:31:
fd:ac:44:75:98:93:d2:95:17:99:30:a1:3e:32:56:
ce:cb:87:04:a2:6f:b6:b9:5e:56:29:ff:c1:a4:a1:
21:c9:79:5e:b8:b2:75:09:b0:f0:7c:99:e1:35:43:
c1:b6:7c:72:a5:41:44:cd:e7:6d:3f:9a:f5:2f:2d:
68:a1:0f:55:2e:c2:f9:e7:5f:22:17:a6:3c:2d:5e:
be:94:63:c7:9f:b0:5b:ca:c7:64:f6:dd:a1:6e:a9:
99:84:b7:3a:61:b1:f8:3d:73:59:8c:6d:d5:42:98:
06:43:6e:cf:9c:0e:da:b3:ac:f8:d6:2d:34:22:90:
39:2e:75:bc:93:cf:73:0e:9f:52:e6:7b:08:c7:56:
11:b0:e5:a5:14:0a:c7:d3:78:02:ee:04:2e:a6:d3:
42:86:6e:8b:3c:0d:1e:bd:ce:c9:8b:8b:70:57:1e:
7f:42:e1:4d:38:be:0c:e4:cb:3b:09:c2:1c:25:7d:
df:52:0f:c0:e2:5d:0b:f6:64:3c:86:e3:86:07:89:
fa:de:e5:7b:7f:e2:17:e7:33:55:6c:55:01:a5:18:
57:c5:75:91:8d:c9:cc:ab:5c:ac:e0:03:1d:12:c7:
32:ff:64:f6:33:70:09:80:f9:69:54:a1:11:5f:13:
3d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:1D:B4:93:FB:F5:5C:4F:1E:FE:EE:E5:73:7E:81:40:3A:D6:41:83
X509v3 Authority Key Identifier:
keyid:8A:1C:E1:D1:35:BF:2C:F8:E8:C1:3F:33:EC:11:C8:52:37:03:DC:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ihzh0TW_LPjowT8z7BHIUjcD3HU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/vB20k_v1XE8e_u7lc36BQDrWQYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/ihzh0TW_LPjowT8z7BHIUjcD3HU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:7cc5::/46
Signature Algorithm: sha256WithRSAEncryption
3f:51:84:e6:5f:e7:25:aa:6e:78:c4:18:89:a8:a5:4d:9c:de:
32:a9:d8:eb:30:1c:05:f7:d7:6e:1a:cd:e7:2c:80:aa:b7:ac:
fb:63:e8:93:69:f6:7f:b0:53:df:c2:8a:d0:6e:95:c4:0a:bb:
36:b1:a9:2e:55:d8:18:91:02:8b:2a:fd:2d:9f:5c:69:b5:7e:
d3:dc:1c:92:79:c4:28:da:ac:3a:78:f4:d2:cb:3f:53:96:c6:
cd:81:a7:25:98:b5:03:05:e8:8b:82:2f:56:87:08:e2:b1:20:
3d:20:85:ab:d9:82:25:ed:86:7e:e6:2b:d4:5b:58:f2:3a:d8:
6c:3e:30:d2:a8:e8:91:a3:75:3e:17:49:5e:84:18:83:61:ac:
53:f4:db:0c:5a:f2:6d:6e:08:cb:df:76:ea:95:4a:e4:ac:ce:
59:5b:7b:6f:d9:93:f4:95:22:b0:c2:7b:00:1c:96:8c:e4:b2:
10:7b:e8:46:a9:5d:57:df:7b:17:07:56:f0:9d:b6:91:95:82:
20:ee:0b:96:33:ec:be:94:60:ec:2d:9b:53:31:e5:d6:84:5a:
fc:08:37:1b:4e:0b:68:23:f4:cf:44:bb:cc:fe:fb:21:e7:1d:
ba:b1:21:dc:31:b7:f7:0d:63:b6:3d:c5:47:7b:01:6a:8e:67:
cc:9d:f0:51
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxsNj7+UsCZa7JWsBVD/y5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMWNlMWQxMzViZjJjZjhlOGMxM2YzM2VjMTFjODUyMzcw
M2RjNzUwHhcNMjMwMTAyMDg1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzFkYjQ5M2ZiZjU1YzRmMWVmZWVlZTU3MzdlODE0MDNhZDY0MTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqn5JIAeRpf8uFD8c6jH9rER1mJPS
lReZMKE+MlbOy4cEom+2uV5WKf/BpKEhyXleuLJ1CbDwfJnhNUPBtnxypUFEzedt
P5r1Ly1ooQ9VLsL5518iF6Y8LV6+lGPHn7Bbysdk9t2hbqmZhLc6YbH4PXNZjG3V
QpgGQ27PnA7as6z41i00IpA5LnW8k89zDp9S5nsIx1YRsOWlFArH03gC7gQuptNC
hm6LPA0evc7Ji4twVx5/QuFNOL4M5Ms7CcIcJX3fUg/A4l0L9mQ8huOGB4n63uV7
f+IX5zNVbFUBpRhXxXWRjcnMq1ys4AMdEscy/2T2M3AJgPlpVKERXxM9cwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLwdtJP79VxPHv7u5XN+gUA61kGDMB8GA1UdIwQY
MBaAFIoc4dE1vyz46ME/M+wRyFI3A9x1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWh6aDBUV19MUGpvd1Q4ejdCSElVamNEM0hVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kYWY5NjAtZDA2MC00OWZjLWFmNDIt
ZGVlMjkyZWE4N2EzLzEvdkIyMGtfdjFYRThlX3U3bGMzNkJRRHJXUVlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kYWY5NjAtZDA2MC00OWZjLWFmNDItZGVlMjkyZWE4N2Ez
LzEvaWh6aDBUV19MUGpvd1Q4ejdCSElVamNEM0hVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKgx8xQAA
MA0GCSqGSIb3DQEBCwUAA4IBAQA/UYTmX+clqm54xBiJqKVNnN4yqdjrMBwF99du
Gs3nLICqt6z7Y+iTafZ/sFPfworQbpXECrs2sakuVdgYkQKLKv0tn1xptX7T3ByS
ecQo2qw6ePTSyz9TlsbNgaclmLUDBeiLgi9WhwjisSA9IIWr2YIl7YZ+5ivUW1jy
OthsPjDSqOiRo3U+F0lehBiDYaxT9NsMWvJtbgjL33bqlUrkrM5ZW3tv2ZP0lSKw
wnsAHJaM5LIQe+hGqV1X33sXB1bwnbaRlYIg7guWM+y+lGDsLZtTMeXWhFr8CDcb
TgtoI/TPRLvM/vsh5x26sSHcMbf3DWO2PcVHewFqjmfMnfBR
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:35 2024 by rpki-client on console-ams.rpki-client.org