Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/6cfJE43wLoeR7DFUXf-thky3Zj4.roa
File: 6cfJE43wLoeR7DFUXf-thky3Zj4.roa (raw, json)
Hash identifier: u0JSN1qSOi1ABq/x0DWrx5fRi5crGE4l0tuJ0weLiHU=
Subject key identifier: E9:C7:C9:13:8D:F0:2E:87:91:EC:31:54:5D:FF:AD:86:4C:B7:66:3E
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 01862822BCD6D6272D04CD4CBDA2BF1CBA84
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/6cfJE43wLoeR7DFUXf-thky3Zj4.roa
Signing time: Mon 06 Feb 2023 19:10:10 +0000
ROA not before: Mon 06 Feb 2023 19:10:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 2a12:ef45::/32 maxlen: 32
2a12:ef42::/32 maxlen: 32
2a12:ef40::/29 maxlen: 48
2a12:ef46::/32 maxlen: 32
2a12:ef41::/32 maxlen: 32
2a12:ef43::/32 maxlen: 32
2a12:ef44::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:28:22:bc:d6:d6:27:2d:04:cd:4c:bd:a2:bf:1c:ba:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Feb 6 19:10:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e9c7c9138df02e8791ec31545dffad864cb7663e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:90:58:13:1c:97:0d:41:d2:03:73:1b:7c:23:
d2:20:43:80:ce:ce:06:e2:37:42:77:6c:78:de:fd:
d0:34:11:71:14:2c:66:bb:f0:30:c4:1d:1b:f8:c2:
64:db:60:a8:80:cb:56:0d:2f:1a:38:c8:3c:06:bc:
ec:e1:e3:d8:3a:e9:ae:c1:b6:8e:b2:ba:e4:5f:1b:
77:53:e2:09:80:75:0b:04:f6:7d:c4:eb:83:0d:ad:
d8:5f:fc:c5:ac:95:9f:53:3e:34:35:db:cb:9b:78:
01:29:1d:6b:f8:bf:ef:3d:69:6a:3c:2e:18:41:0e:
7d:cb:db:ce:d2:80:ea:bf:74:c7:81:27:33:39:1b:
3c:21:2c:eb:4b:99:85:8b:e0:cb:d4:6d:3b:85:95:
f8:1b:32:b1:bc:5f:a3:8d:f8:e6:21:07:64:b8:43:
66:83:4c:fc:bd:f8:76:6a:90:67:e2:ae:92:fd:d9:
19:84:c9:f9:b6:31:42:3c:df:3e:4e:b9:62:72:54:
99:5a:27:e1:e0:06:e1:e5:87:d6:c7:f3:11:c1:1e:
63:ce:71:e8:08:ee:02:51:fd:35:c4:4c:41:bc:89:
98:b7:41:16:23:db:3e:69:08:3a:75:1a:fa:b3:85:
02:9b:78:ad:4e:ee:04:71:ad:a6:46:02:4b:56:94:
75:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:C7:C9:13:8D:F0:2E:87:91:EC:31:54:5D:FF:AD:86:4C:B7:66:3E
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/6cfJE43wLoeR7DFUXf-thky3Zj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:ef40::/29
Signature Algorithm: sha256WithRSAEncryption
b1:43:a9:cf:a6:a1:65:26:12:2c:38:15:a3:b9:6d:e5:2b:a0:
e6:37:62:10:49:81:0e:a0:5e:e6:21:01:82:d3:49:84:c8:2d:
2d:60:8c:bf:b7:1e:d0:67:33:ba:0f:2b:13:0c:37:2d:16:41:
19:0e:4a:57:83:54:c3:e9:70:52:93:98:0f:18:17:16:c0:8c:
1a:f0:07:a7:b7:c7:8f:eb:ce:09:08:31:45:62:52:65:9e:fa:
30:06:36:1c:53:ae:b9:a3:ca:66:1f:5b:8c:4a:a7:e6:9a:09:
cf:bc:8b:0c:70:57:5c:76:0a:ab:58:76:ec:c4:b3:e3:d6:8c:
ab:45:c7:f5:43:b1:28:7b:4e:d6:5a:22:46:ff:36:07:54:4c:
3c:bd:c2:6e:28:9a:d1:43:cb:8f:9f:07:d8:27:d5:9a:4f:42:
f4:17:03:86:c8:df:9f:65:8d:3e:0a:14:69:42:12:3a:92:a4:
01:ac:c8:65:6b:bb:09:3d:85:63:6d:37:13:b2:43:2b:30:db:
9f:ac:a1:0d:51:77:de:1c:2e:1d:be:35:f5:bb:d3:d7:6d:aa:
3d:2c:3e:51:c3:89:d2:cf:dc:7e:17:09:19:6f:fb:c1:4a:4c:
17:ae:46:51:99:ca:8d:10:7f:99:50:57:17:c0:d5:d0:0e:b6:
43:0a:f8:f0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYYoIrzW1ictBM1MvaK/HLqEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjMwMjA2MTkxMDEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWM3YzkxMzhkZjAyZTg3OTFlYzMxNTQ1ZGZmYWQ4NjRjYjc2NjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJBYExyXDUHSA3MbfCPSIEOAzs4G
4jdCd2x43v3QNBFxFCxmu/AwxB0b+MJk22CogMtWDS8aOMg8Brzs4ePYOumuwbaO
srrkXxt3U+IJgHULBPZ9xOuDDa3YX/zFrJWfUz40NdvLm3gBKR1r+L/vPWlqPC4Y
QQ59y9vO0oDqv3THgSczORs8ISzrS5mFi+DL1G07hZX4GzKxvF+jjfjmIQdkuENm
g0z8vfh2apBn4q6S/dkZhMn5tjFCPN8+TrliclSZWifh4Abh5YfWx/MRwR5jznHo
CO4CUf01xExBvImYt0EWI9s+aQg6dRr6s4UCm3itTu4Eca2mRgJLVpR1iQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOnHyRON8C6HkewxVF3/rYZMt2Y+MB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvNmNmSkU0M3dMb2VSN0RGVVhmLXRoa3kzWmo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhLvQDAN
BgkqhkiG9w0BAQsFAAOCAQEAsUOpz6ahZSYSLDgVo7lt5Sug5jdiEEmBDqBe5iEB
gtNJhMgtLWCMv7ce0Gczug8rEww3LRZBGQ5KV4NUw+lwUpOYDxgXFsCMGvAHp7fH
j+vOCQgxRWJSZZ76MAY2HFOuuaPKZh9bjEqn5poJz7yLDHBXXHYKq1h27MSz49aM
q0XH9UOxKHtO1loiRv82B1RMPL3Cbiia0UPLj58H2CfVmk9C9BcDhsjfn2WNPgoU
aUISOpKkAazIZWu7CT2FY203E7JDKzDbn6yhDVF33hwuHb419bvT122qPSw+UcOJ
0s/cfhcJGW/7wUpMF65GUZnKjRB/mVBXF8DV0A62Qwr48A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:02 2023 by rpki-client on console-ams.rpki-client.org