Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/5jK7NkzNcNd58O5G0lp-rAKLC9A.roa
File: 5jK7NkzNcNd58O5G0lp-rAKLC9A.roa (raw, json)
Hash identifier: zmw9zxZOeWZEHmX664FO2TTw2umuLwMgwSZHGIPjSlY=
Subject key identifier: E6:32:BB:36:4C:CD:70:D7:79:F0:EE:46:D2:5A:7E:AC:02:8B:0B:D0
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 01856FF93D6B335478BE93FB0ACEFFC014D8
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/5jK7NkzNcNd58O5G0lp-rAKLC9A.roa
Signing time: Mon 02 Jan 2023 00:54:43 +0000
ROA not before: Mon 02 Jan 2023 00:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41047
IP address blocks: 2a0e:a6c2::/32 maxlen: 32
2a0e:a6c1::/32 maxlen: 32
2a0e:a6c0::/32 maxlen: 32
2a0e:a6c3::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:3d:6b:33:54:78:be:93:fb:0a:ce:ff:c0:14:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Jan 2 00:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e632bb364ccd70d779f0ee46d25a7eac028b0bd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c6:6a:25:00:78:de:36:0e:c4:6b:11:df:e3:
61:ba:ad:73:7a:3b:58:f6:da:8e:1a:aa:f4:f3:e6:
06:cb:0b:df:a9:1d:4d:db:03:f8:73:6a:9c:79:b9:
c1:23:9f:3c:2f:20:1d:91:2f:96:76:13:46:6e:e7:
c9:2a:10:ef:2a:74:e6:05:d9:1b:48:53:bd:7a:a7:
f5:d0:96:30:fb:56:d2:10:6e:46:dd:a6:31:2d:ce:
58:bf:fb:a9:85:46:a8:d9:ab:1e:fb:66:d5:03:bb:
a7:ab:88:59:fb:15:b3:0a:06:7d:10:06:82:46:79:
f6:73:4c:41:a1:35:04:85:84:69:db:3d:09:bf:a2:
c2:1d:25:3e:3a:f7:31:01:f0:c0:7f:e5:c1:07:7f:
d3:23:6e:3f:1f:e6:61:58:7f:21:2b:e0:58:d4:36:
87:62:8b:d2:3b:f6:54:d5:bb:a0:e2:22:9f:16:4d:
d6:7a:9f:07:b0:95:23:cf:e2:cc:9f:b8:61:77:6b:
5a:81:80:e5:a2:63:d1:06:cc:77:5a:e9:b1:93:fb:
ba:6a:a0:6e:89:aa:72:28:81:86:bf:ff:da:ca:a3:
80:e5:50:f9:b4:89:82:24:fb:97:55:58:c2:18:c3:
25:3e:f4:26:ff:52:ae:99:d0:5e:8e:a7:5e:6d:bb:
fc:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:32:BB:36:4C:CD:70:D7:79:F0:EE:46:D2:5A:7E:AC:02:8B:0B:D0
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/5jK7NkzNcNd58O5G0lp-rAKLC9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:a6c0::/30
Signature Algorithm: sha256WithRSAEncryption
89:0a:62:17:f5:91:f3:ee:43:17:67:e9:86:b5:76:0e:96:ae:
32:d5:5f:4d:2b:ff:37:05:22:ef:96:43:27:bb:0d:b2:cc:9b:
70:f9:43:ed:ce:63:e2:0c:a5:fc:52:46:40:72:9d:65:e1:a0:
03:3d:83:27:18:f6:a5:bf:78:70:68:02:14:f5:c5:45:32:2e:
d8:98:6c:37:6d:43:01:55:92:0c:3a:2c:af:6a:3a:94:af:6b:
b7:a5:01:1b:f6:96:c6:dd:4c:92:0c:17:e4:90:0e:69:1f:f3:
5c:a3:6e:45:4a:db:b4:16:67:b0:0a:bb:28:a1:1c:08:e6:03:
a0:28:3d:7e:2a:1b:bb:12:ce:e2:84:3a:cd:41:09:f3:af:90:
67:3e:3b:e8:10:91:6c:70:d3:1d:99:8c:04:9b:7a:0f:81:1e:
33:3b:ca:79:5d:e3:66:ea:b0:30:40:0e:59:ca:98:77:d4:f4:
0d:41:c4:72:f8:0a:03:9e:34:4e:22:33:cb:06:a5:01:0f:35:
47:18:2d:29:e5:b5:c4:01:65:01:01:c9:7e:4a:00:63:3b:9b:
01:13:54:83:10:59:9d:f5:8b:46:e9:ec:96:01:39:97:c0:13:
6f:6f:15:2e:d8:f6:01:98:24:cb:62:42:3a:ae:da:2e:da:13:
b8:22:91:1d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVv+T1rM1R4vpP7Cs7/wBTYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjMwMTAyMDA1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjMyYmIzNjRjY2Q3MGQ3NzlmMGVlNDZkMjVhN2VhYzAyOGIwYmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsZqJQB43jYOxGsR3+Nhuq1zejtY
9tqOGqr08+YGywvfqR1N2wP4c2qcebnBI588LyAdkS+WdhNGbufJKhDvKnTmBdkb
SFO9eqf10JYw+1bSEG5G3aYxLc5Yv/uphUao2ase+2bVA7unq4hZ+xWzCgZ9EAaC
Rnn2c0xBoTUEhYRp2z0Jv6LCHSU+OvcxAfDAf+XBB3/TI24/H+ZhWH8hK+BY1DaH
YovSO/ZU1bug4iKfFk3Wep8HsJUjz+LMn7hhd2tagYDlomPRBsx3Wumxk/u6aqBu
iapyKIGGv//ayqOA5VD5tImCJPuXVVjCGMMlPvQm/1KumdBejqdebbv8SwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOYyuzZMzXDXefDuRtJafqwCiwvQMB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvNWpLN05rek5jTmQ1OE81RzBscC1yQUtMQzlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUCKg6mwDAN
BgkqhkiG9w0BAQsFAAOCAQEAiQpiF/WR8+5DF2fphrV2DpauMtVfTSv/NwUi75ZD
J7sNssybcPlD7c5j4gyl/FJGQHKdZeGgAz2DJxj2pb94cGgCFPXFRTIu2JhsN21D
AVWSDDosr2o6lK9rt6UBG/aWxt1MkgwX5JAOaR/zXKNuRUrbtBZnsAq7KKEcCOYD
oCg9fiobuxLO4oQ6zUEJ86+QZz476BCRbHDTHZmMBJt6D4EeMzvKeV3jZuqwMEAO
WcqYd9T0DUHEcvgKA540TiIzywalAQ81RxgtKeW1xAFlAQHJfkoAYzubARNUgxBZ
nfWLRunslgE5l8ATb28VLtj2AZgky2JCOq7aLtoTuCKRHQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:26 2024 by rpki-client on console-fra.rpki-client.org