Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/cfed0d-0fb0-4598-b365-65096dbcac30/1/pK70LU_jou-MlJQMqLZUEtaxs7U.roa
File: pK70LU_jou-MlJQMqLZUEtaxs7U.roa (raw, json)
Hash identifier: 3DSF+IPv30NRarv8CZDxI9dak7Cz8Cgi09O8mXXoSkw=
Subject key identifier: A4:AE:F4:2D:4F:E3:A2:EF:8C:94:94:0C:A8:B6:54:12:D6:B1:B3:B5
Certificate issuer: /CN=a32b618b508ec1365372c2aa675f3601293cc624
Certificate serial: 0185ACA9C92BCAFAA60C9A70D95FBB97749E
Authority key identifier: A3:2B:61:8B:50:8E:C1:36:53:72:C2:AA:67:5F:36:01:29:3C:C6:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oythi1COwTZTcsKqZ182ASk8xiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/cfed0d-0fb0-4598-b365-65096dbcac30/1/pK70LU_jou-MlJQMqLZUEtaxs7U.roa
Signing time: Fri 13 Jan 2023 19:44:46 +0000
ROA not before: Fri 13 Jan 2023 19:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58192
IP address blocks: 2a13:6340::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ac:a9:c9:2b:ca:fa:a6:0c:9a:70:d9:5f:bb:97:74:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a32b618b508ec1365372c2aa675f3601293cc624
Validity
Not Before: Jan 13 19:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4aef42d4fe3a2ef8c94940ca8b65412d6b1b3b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:fc:47:cf:d3:4e:9c:68:04:7d:94:bf:8e:71:
49:c7:67:a5:3d:7d:09:e2:17:2c:af:f4:23:1f:c7:
54:02:28:54:84:3e:06:18:d6:f8:49:f9:52:75:cc:
eb:3c:05:59:8b:b0:c4:75:07:47:ae:e3:86:6b:25:
00:c4:8f:33:e1:8f:4d:d9:1d:8f:4b:26:f3:f2:6e:
f3:77:f4:1a:35:76:b5:14:b4:36:3b:76:9c:57:1a:
43:e3:0c:86:82:0c:2b:87:8e:03:22:ad:ee:80:63:
f6:30:92:64:c7:e3:4f:91:a5:36:5f:c0:bd:d1:84:
69:e6:a5:f9:7f:3c:b8:ee:cf:a1:19:37:37:1e:c1:
d0:6b:c2:43:7e:b0:2d:53:b5:65:cc:93:15:4d:83:
ee:7e:7d:a0:a8:39:db:54:24:21:46:75:71:2b:d5:
48:79:5b:2e:d9:67:24:33:47:73:8c:70:87:b0:22:
12:d3:11:a9:41:a8:3c:17:44:f2:c7:ee:5d:07:96:
11:e9:45:4c:9c:97:25:cc:a2:b4:8a:30:75:76:fc:
f3:f9:e0:e1:92:20:14:42:fe:fd:2f:e1:70:81:05:
e1:c4:bd:a0:da:32:02:df:06:7c:e2:cc:67:0a:6f:
d8:dd:57:82:a1:a7:d2:bc:63:f0:b1:b1:a6:1a:e8:
98:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:AE:F4:2D:4F:E3:A2:EF:8C:94:94:0C:A8:B6:54:12:D6:B1:B3:B5
X509v3 Authority Key Identifier:
keyid:A3:2B:61:8B:50:8E:C1:36:53:72:C2:AA:67:5F:36:01:29:3C:C6:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oythi1COwTZTcsKqZ182ASk8xiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cfed0d-0fb0-4598-b365-65096dbcac30/1/pK70LU_jou-MlJQMqLZUEtaxs7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cfed0d-0fb0-4598-b365-65096dbcac30/1/oythi1COwTZTcsKqZ182ASk8xiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:6340::/29
Signature Algorithm: sha256WithRSAEncryption
0b:23:04:d0:dd:dc:d9:11:c4:10:28:fb:bf:73:5c:62:63:5e:
9a:68:fa:24:d9:a5:c7:99:9a:84:68:43:1b:bc:9e:e8:86:3a:
58:1f:dc:3e:c2:2c:4b:34:62:ae:4e:ce:3b:85:40:25:b0:89:
59:d0:65:cc:fe:92:2c:da:8a:32:b6:7a:72:48:26:29:79:14:
67:b7:6e:4b:1c:c6:4f:41:29:01:17:1b:a6:01:a9:da:6b:ef:
dd:9f:be:ba:54:fb:2e:da:3b:f8:05:11:5f:1d:70:a5:e2:1d:
65:09:2b:77:68:42:63:89:37:33:12:47:05:4e:ab:13:ee:8f:
a2:4d:0d:e4:63:5b:04:98:7f:1c:d1:f4:6a:71:bf:83:88:de:
7a:4d:b9:41:e1:73:e3:23:e5:83:17:94:33:7a:60:92:0c:82:
ba:2d:f9:6c:97:69:e0:43:c5:7f:ee:8e:27:e0:bd:0e:da:81:
9e:20:b7:96:77:a8:21:13:75:96:25:4d:d3:dd:69:0e:13:59:
9a:cd:6b:3e:20:3e:07:a6:07:3e:27:0e:bc:f5:c9:68:ef:4a:
ec:01:de:b0:01:92:7a:4b:b4:fb:ec:b1:43:26:98:7b:21:d6:
8f:2f:64:17:05:3d:51:e3:1b:46:be:22:df:65:9f:03:25:b5:
a7:12:cf:ce
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYWsqckryvqmDJpw2V+7l3SeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMmI2MThiNTA4ZWMxMzY1MzcyYzJhYTY3NWYzNjAxMjkz
Y2M2MjQwHhcNMjMwMTEzMTk0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGFlZjQyZDRmZTNhMmVmOGM5NDk0MGNhOGI2NTQxMmQ2YjFiM2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfxHz9NOnGgEfZS/jnFJx2elPX0J
4hcsr/QjH8dUAihUhD4GGNb4SflSdczrPAVZi7DEdQdHruOGayUAxI8z4Y9N2R2P
Sybz8m7zd/QaNXa1FLQ2O3acVxpD4wyGggwrh44DIq3ugGP2MJJkx+NPkaU2X8C9
0YRp5qX5fzy47s+hGTc3HsHQa8JDfrAtU7VlzJMVTYPufn2gqDnbVCQhRnVxK9VI
eVsu2WckM0dzjHCHsCIS0xGpQag8F0Tyx+5dB5YR6UVMnJclzKK0ijB1dvzz+eDh
kiAUQv79L+FwgQXhxL2g2jIC3wZ84sxnCm/Y3VeCoafSvGPwsbGmGuiYTwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKSu9C1P46LvjJSUDKi2VBLWsbO1MB8GA1UdIwQY
MBaAFKMrYYtQjsE2U3LCqmdfNgEpPMYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3l0aGkxQ093VFpUY3NLcVoxODJBU2s4eGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9jZmVkMGQtMGZiMC00NTk4LWIzNjUt
NjUwOTZkYmNhYzMwLzEvcEs3MExVX2pvdS1NbEpRTXFMWlVFdGF4czdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9jZmVkMGQtMGZiMC00NTk4LWIzNjUtNjUwOTZkYmNhYzMw
LzEvb3l0aGkxQ093VFpUY3NLcVoxODJBU2s4eGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhNjQDAN
BgkqhkiG9w0BAQsFAAOCAQEACyME0N3c2RHEECj7v3NcYmNemmj6JNmlx5mahGhD
G7ye6IY6WB/cPsIsSzRirk7OO4VAJbCJWdBlzP6SLNqKMrZ6ckgmKXkUZ7duSxzG
T0EpARcbpgGp2mvv3Z++ulT7Lto7+AURXx1wpeIdZQkrd2hCY4k3MxJHBU6rE+6P
ok0N5GNbBJh/HNH0anG/g4jeek25QeFz4yPlgxeUM3pgkgyCui35bJdp4EPFf+6O
J+C9DtqBniC3lneoIRN1liVN091pDhNZms1rPiA+B6YHPicOvPXJaO9K7AHesAGS
eku0++yxQyaYeyHWjy9kFwU9UeMbRr4i32WfAyW1pxLPzg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:49 2024 by rpki-client on console-ams.rpki-client.org