Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/U6TpOn4FA19r5qS70PNRmHsqDqQ.roa
File: U6TpOn4FA19r5qS70PNRmHsqDqQ.roa (raw, json)
Hash identifier: C4oA9umMcDaktglCDir8vHEECesPjjkRmTv0Tdr5E40=
Subject key identifier: 53:A4:E9:3A:7E:05:03:5F:6B:E6:A4:BB:D0:F3:51:98:7B:2A:0E:A4
Certificate issuer: /CN=6ca977f854c63dc9f97a18be7b13002121a5d384
Certificate serial: 0187192EBF4C5E9638FD47E49635BDFA7B57
Authority key identifier: 6C:A9:77:F8:54:C6:3D:C9:F9:7A:18:BE:7B:13:00:21:21:A5:D3:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bKl3-FTGPcn5ehi-exMAISGl04Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/U6TpOn4FA19r5qS70PNRmHsqDqQ.roa
Signing time: Sat 25 Mar 2023 14:31:46 +0000
ROA not before: Sat 25 Mar 2023 14:31:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 2a13:b486::/32 maxlen: 48
2a13:b483::/32 maxlen: 48
2a13:b487:1e00::/40 maxlen: 48
2a13:b484::/31 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:19:2e:bf:4c:5e:96:38:fd:47:e4:96:35:bd:fa:7b:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ca977f854c63dc9f97a18be7b13002121a5d384
Validity
Not Before: Mar 25 14:31:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53a4e93a7e05035f6be6a4bbd0f351987b2a0ea4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:49:60:db:32:ae:a7:65:57:80:9d:4a:44:79:
40:ca:11:f4:84:3b:cb:e7:8a:7a:3d:ef:13:52:80:
9c:a2:31:ec:de:84:d8:c6:28:d8:a6:99:12:de:d5:
c7:de:31:c2:38:3d:65:bd:bd:08:12:70:f9:b6:78:
8f:b3:69:17:e4:17:55:c7:a9:29:c1:7e:72:16:78:
94:4c:24:58:c5:34:52:f7:ee:0f:22:e1:36:6e:4c:
55:12:36:14:31:35:80:aa:20:8e:27:a5:9d:c9:eb:
ab:ba:ed:a4:c0:2a:d1:71:3a:b8:90:6c:ea:3b:ba:
a0:aa:b6:1e:75:96:94:1b:66:78:03:a9:3c:e8:a2:
8f:1a:43:75:9b:de:1a:71:4f:21:d1:fd:fc:b1:ee:
83:c9:bb:7d:ee:40:da:d0:b7:2c:28:50:38:d8:f9:
5a:97:68:71:6a:63:b3:57:5c:90:13:d5:2f:98:d6:
52:59:0b:57:d8:53:f7:1a:a4:83:7f:62:18:ac:6f:
7d:f5:16:cf:cf:c2:93:69:b9:ef:c2:2d:43:59:f3:
4e:0b:e3:c2:33:ce:f6:ee:8f:a5:06:b2:ef:ab:64:
81:3a:a8:a0:6f:4e:46:db:f7:e6:ce:60:07:03:f0:
c7:ab:66:0f:28:69:a8:1c:10:85:38:6f:0c:5a:7f:
78:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:A4:E9:3A:7E:05:03:5F:6B:E6:A4:BB:D0:F3:51:98:7B:2A:0E:A4
X509v3 Authority Key Identifier:
keyid:6C:A9:77:F8:54:C6:3D:C9:F9:7A:18:BE:7B:13:00:21:21:A5:D3:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bKl3-FTGPcn5ehi-exMAISGl04Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/U6TpOn4FA19r5qS70PNRmHsqDqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/bKl3-FTGPcn5ehi-exMAISGl04Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:b483::-2a13:b486:ffff:ffff:ffff:ffff:ffff:ffff
2a13:b487:1e00::/40
Signature Algorithm: sha256WithRSAEncryption
97:d8:71:c8:b1:f6:41:c7:51:ab:7b:06:76:d5:9f:1a:39:39:
5a:5b:5b:ca:55:26:d6:b5:0d:1d:26:52:38:11:08:b2:73:0d:
b1:73:52:96:44:94:ad:38:a2:13:5f:b7:95:51:61:cb:31:0e:
c2:26:cc:8f:82:73:6d:af:cc:e3:f4:60:1a:f4:f9:a5:60:e2:
c1:6b:69:83:03:6c:54:47:fb:69:fd:27:03:a6:03:eb:09:71:
61:02:ce:4b:0a:3e:97:bf:f8:7d:c8:1d:14:6f:20:3a:b6:5c:
9c:47:ae:31:7d:ac:f9:32:ed:bd:53:75:fa:b5:db:87:f6:5a:
a0:2a:1b:fc:d1:92:4e:75:71:1e:43:52:9c:b4:ac:ce:bc:a0:
f9:df:e1:04:7d:05:9f:33:ab:8d:c6:eb:8c:87:82:c5:e8:b9:
72:a7:a5:c6:2b:27:ad:4f:95:57:f1:1f:37:0c:36:2a:8c:7a:
a7:62:a0:9b:3b:5e:8a:60:57:50:85:36:44:3f:0e:98:16:19:
bf:8c:83:4e:a2:2d:a7:30:95:80:e5:cf:a2:30:52:f2:72:6f:
1f:2c:d5:a8:4b:ae:b5:45:17:c8:f8:5a:d6:cb:50:40:93:8e:
ba:a7:7e:3f:d5:51:31:2b:a5:6b:53:a5:1a:c1:26:68:87:41:
2c:67:9d:2a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYcZLr9MXpY4/UfkljW9+ntXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYTk3N2Y4NTRjNjNkYzlmOTdhMThiZTdiMTMwMDIxMjFh
NWQzODQwHhcNMjMwMzI1MTQzMTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2E0ZTkzYTdlMDUwMzVmNmJlNmE0YmJkMGYzNTE5ODdiMmEwZWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUlg2zKup2VXgJ1KRHlAyhH0hDvL
54p6Pe8TUoCcojHs3oTYxijYppkS3tXH3jHCOD1lvb0IEnD5tniPs2kX5BdVx6kp
wX5yFniUTCRYxTRS9+4PIuE2bkxVEjYUMTWAqiCOJ6Wdyeuruu2kwCrRcTq4kGzq
O7qgqrYedZaUG2Z4A6k86KKPGkN1m94acU8h0f38se6Dybt97kDa0LcsKFA42Pla
l2hxamOzV1yQE9UvmNZSWQtX2FP3GqSDf2IYrG999RbPz8KTabnvwi1DWfNOC+PC
M8727o+lBrLvq2SBOqigb05G2/fmzmAHA/DHq2YPKGmoHBCFOG8MWn94mQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFOk6Tp+BQNfa+aku9DzUZh7Kg6kMB8GA1UdIwQY
MBaAFGypd/hUxj3J+XoYvnsTACEhpdOEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYktsMy1GVEdQY241ZWhpLWV4TUFJU0dsMDRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wOWNjYjQtMjQ4My00YmE3LTk2MzQt
ZDZhNTk1MGNhZGYyLzEvVTZUcE9uNEZBMTlyNXFTNzBQTlJtSHNxRHFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8wOWNjYjQtMjQ4My00YmE3LTk2MzQtZDZhNTk1MGNhZGYy
LzEvYktsMy1GVEdQY241ZWhpLWV4TUFJU0dsMDRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAAjAYMA4DBQAqE7SD
AwUAKhO0hgMGACoTtIceMA0GCSqGSIb3DQEBCwUAA4IBAQCX2HHIsfZBx1GrewZ2
1Z8aOTlaW1vKVSbWtQ0dJlI4EQiycw2xc1KWRJStOKITX7eVUWHLMQ7CJsyPgnNt
r8zj9GAa9PmlYOLBa2mDA2xUR/tp/ScDpgPrCXFhAs5LCj6Xv/h9yB0UbyA6tlyc
R64xfaz5Mu29U3X6tduH9lqgKhv80ZJOdXEeQ1KctKzOvKD53+EEfQWfM6uNxuuM
h4LF6Llyp6XGKyetT5VX8R83DDYqjHqnYqCbO16KYFdQhTZEPw6YFhm/jINOoi2n
MJWA5c+iMFLycm8fLNWoS661RRfI+FrWy1BAk466p34/1VExK6VrU6UawSZoh0Es
Z50q
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:04 2024 by rpki-client on console-ams.rpki-client.org