Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/3e42c7-155a-49aa-aa00-08f094daf247/1/1-20pi6F9zlWJr5hXqA9o5ttwupc.roa
File: 1-20pi6F9zlWJr5hXqA9o5ttwupc.roa (raw, json)
Hash identifier: rzzjBLiB4XB+zq3FUVkl/XzER0bjsom4BKJ1pOpZVRQ=
Subject key identifier: FB:6D:29:8B:A1:7D:CE:55:89:AF:98:57:A8:0F:68:E6:DB:70:BA:97
Certificate issuer: /CN=6c380c8b4e55e59081af73aa1935e10a012057fa
Certificate serial: 01856D2F53E0C9F9DE96006AAAA0D0581B6C
Authority key identifier: 6C:38:0C:8B:4E:55:E5:90:81:AF:73:AA:19:35:E1:0A:01:20:57:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bDgMi05V5ZCBr3OqGTXhCgEgV_o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/3e42c7-155a-49aa-aa00-08f094daf247/1/1-20pi6F9zlWJr5hXqA9o5ttwupc.roa
Signing time: Sun 01 Jan 2023 11:54:56 +0000
ROA not before: Sun 01 Jan 2023 11:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205220
IP address blocks: 2a0a:c640::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:2f:53:e0:c9:f9:de:96:00:6a:aa:a0:d0:58:1b:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c380c8b4e55e59081af73aa1935e10a012057fa
Validity
Not Before: Jan 1 11:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb6d298ba17dce5589af9857a80f68e6db70ba97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:87:4d:eb:f0:9d:cc:85:5c:05:95:38:b7:76:
e6:b2:cf:34:5b:8d:56:93:92:48:18:7d:a9:d7:a8:
1e:a0:e1:58:00:4f:c7:1a:95:8a:c6:8f:b4:7f:dc:
7f:ed:41:71:91:40:41:a7:9f:12:da:a5:f9:5a:47:
d5:2e:02:e3:48:73:06:ae:df:74:88:e6:66:4d:d9:
3a:13:e2:0f:1a:f9:2a:9b:1f:7d:ef:6a:64:17:ef:
b9:0e:f3:92:e7:37:2e:bb:42:66:9a:82:4e:a8:85:
db:a9:16:4c:77:37:75:65:91:be:ab:b4:eb:71:40:
5c:4d:41:ba:8c:1f:00:bf:2b:eb:1b:e8:84:7c:f0:
58:d6:11:39:41:a6:0d:ed:fa:28:32:8d:81:24:48:
41:81:62:60:dd:a5:c1:03:b3:7c:36:5c:3d:13:7c:
52:00:5c:38:d2:b3:7d:cc:f0:5f:56:66:e6:9a:ed:
8c:c4:3a:58:a6:86:c7:d0:55:38:7c:0e:a3:48:50:
21:0f:7b:64:b0:05:38:8e:dd:45:c5:4a:c9:e1:c8:
c7:d3:fa:75:49:96:82:20:be:9a:ba:38:2d:5c:25:
15:3c:38:a4:32:a8:41:5d:30:69:a8:98:48:d5:58:
a0:fc:b2:f0:13:20:ad:13:be:80:04:b6:f0:35:0e:
9d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:6D:29:8B:A1:7D:CE:55:89:AF:98:57:A8:0F:68:E6:DB:70:BA:97
X509v3 Authority Key Identifier:
keyid:6C:38:0C:8B:4E:55:E5:90:81:AF:73:AA:19:35:E1:0A:01:20:57:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bDgMi05V5ZCBr3OqGTXhCgEgV_o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3e42c7-155a-49aa-aa00-08f094daf247/1/1-20pi6F9zlWJr5hXqA9o5ttwupc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3e42c7-155a-49aa-aa00-08f094daf247/1/bDgMi05V5ZCBr3OqGTXhCgEgV_o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:c640::/29
Signature Algorithm: sha256WithRSAEncryption
2e:f2:3c:fe:a0:2a:18:57:3b:47:8d:16:2a:79:ed:77:18:6a:
ff:6e:94:86:e4:60:58:f4:fe:1d:07:c3:d0:62:7a:cf:7d:fb:
37:98:65:7e:78:ee:2c:36:c4:ce:c9:d9:3e:3b:ae:5a:90:07:
71:65:16:d9:9d:b5:0c:71:7f:ce:a0:86:e4:e6:dd:9c:db:a7:
32:41:bc:8c:9c:7d:ad:94:b5:1c:19:c8:4b:b5:21:0e:a2:24:
09:e4:8b:ef:b2:63:06:be:06:fe:5a:db:1d:0b:60:2b:99:e4:
3c:10:a8:96:5e:cc:cd:ab:af:fe:2a:6c:5d:01:f6:1d:d6:f1:
a9:95:81:07:04:29:41:6f:9a:51:84:a8:8d:79:73:d9:fb:44:
78:9f:8a:d5:ad:5d:ad:2c:7a:6d:49:0c:81:2e:b5:30:ae:9e:
ad:ae:05:d3:d1:79:1d:2e:ce:48:5c:8c:38:1a:62:07:5a:08:
ca:dc:aa:19:28:dc:03:66:a6:14:36:a3:85:31:c9:c0:de:d5:
34:63:f8:89:da:7c:6b:b6:18:14:52:90:fc:56:62:69:cf:e1:
d3:e6:3a:dc:4b:4f:84:f7:66:12:28:17:54:c6:2c:e1:02:ea:
23:a6:59:5e:de:5c:b8:da:c3:64:23:e6:61:6a:cf:58:3a:a4:
4d:d1:e7:fb
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtL1PgyfnelgBqqqDQWBtsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMzgwYzhiNGU1NWU1OTA4MWFmNzNhYTE5MzVlMTBhMDEy
MDU3ZmEwHhcNMjMwMTAxMTE1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjZkMjk4YmExN2RjZTU1ODlhZjk4NTdhODBmNjhlNmRiNzBiYTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtodN6/CdzIVcBZU4t3bmss80W41W
k5JIGH2p16geoOFYAE/HGpWKxo+0f9x/7UFxkUBBp58S2qX5WkfVLgLjSHMGrt90
iOZmTdk6E+IPGvkqmx9972pkF++5DvOS5zcuu0JmmoJOqIXbqRZMdzd1ZZG+q7Tr
cUBcTUG6jB8AvyvrG+iEfPBY1hE5QaYN7fooMo2BJEhBgWJg3aXBA7N8Nlw9E3xS
AFw40rN9zPBfVmbmmu2MxDpYpobH0FU4fA6jSFAhD3tksAU4jt1FxUrJ4cjH0/p1
SZaCIL6aujgtXCUVPDikMqhBXTBpqJhI1Vig/LLwEyCtE76ABLbwNQ6d0wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPttKYuhfc5Via+YV6gPaObbcLqXMB8GA1UdIwQY
MBaAFGw4DItOVeWQga9zqhk14QoBIFf6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkRnTWkwNVY1WkNCcjNPcUdUWGhDZ0VnVl9vLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zZTQyYzctMTU1YS00OWFhLWFhMDAt
MDhmMDk0ZGFmMjQ3LzEvMS0yMHBpNkY5emxXSnI1aFhxQTlvNXR0d3VwYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjUvM2U0MmM3LTE1NWEtNDlhYS1hYTAwLTA4ZjA5NGRhZjI0
Ny8xL2JEZ01pMDVWNVpDQnIzT3FHVFhoQ2dFZ1Zfby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoKxkAw
DQYJKoZIhvcNAQELBQADggEBAC7yPP6gKhhXO0eNFip57XcYav9ulIbkYFj0/h0H
w9Bies99+zeYZX547iw2xM7J2T47rlqQB3FlFtmdtQxxf86ghuTm3ZzbpzJBvIyc
fa2UtRwZyEu1IQ6iJAnki++yYwa+Bv5a2x0LYCuZ5DwQqJZezM2rr/4qbF0B9h3W
8amVgQcEKUFvmlGEqI15c9n7RHifitWtXa0sem1JDIEutTCunq2uBdPReR0uzkhc
jDgaYgdaCMrcqhko3ANmphQ2o4UxycDe1TRj+InafGu2GBRSkPxWYmnP4dPmOtxL
T4T3ZhIoF1TGLOEC6iOmWV7eXLjaw2Qj5mFqz1g6pE3R5/s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:33 2024 by rpki-client on console-ams.rpki-client.org