Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5d7192-a719-4cd7-994a-62c01dc69cca/1/0Yn6kl6Kg9fy4xNBFSa6ABgVUEI.roa
File: 0Yn6kl6Kg9fy4xNBFSa6ABgVUEI.roa (raw, json)
Hash identifier: pgC8CTESBd6iF0FYaPeRrlCEFLd0OO9G8W/T/WO2JX8=
Subject key identifier: D1:89:FA:92:5E:8A:83:D7:F2:E3:13:41:15:26:BA:00:18:15:50:42
Certificate issuer: /CN=67ce179cbe13ddb14012985a067100ef98a55601
Certificate serial: 018CC7261B685449FE3FE5EDD9AB4506652E
Authority key identifier: 67:CE:17:9C:BE:13:DD:B1:40:12:98:5A:06:71:00:EF:98:A5:56:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z84XnL4T3bFAEphaBnEA75ilVgE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5d7192-a719-4cd7-994a-62c01dc69cca/1/0Yn6kl6Kg9fy4xNBFSa6ABgVUEI.roa
Signing time: Mon 01 Jan 2024 22:30:12 +0000
ROA not before: Mon 01 Jan 2024 22:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51345
IP address blocks: 2a13:1c40::/32 maxlen: 32
2a13:1c40::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 12 Jan 2024 13:55:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:1b:68:54:49:fe:3f:e5:ed:d9:ab:45:06:65:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67ce179cbe13ddb14012985a067100ef98a55601
Validity
Not Before: Jan 1 22:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d189fa925e8a83d7f2e313411526ba0018155042
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:6b:74:7b:3e:f9:79:92:ca:fe:57:96:35:35:
50:a0:fe:99:f6:02:39:a0:0c:a0:cd:5e:1d:40:0c:
1e:1e:99:ff:b4:88:80:41:fc:04:87:dc:6d:9c:d4:
ac:ef:24:9b:02:28:a7:2c:5d:8d:7a:ac:3c:25:b3:
4a:fb:65:6b:cd:34:48:1c:5f:17:46:5b:dd:fb:24:
52:97:33:18:11:bf:5a:96:c7:ac:59:8d:7d:aa:d0:
c9:85:5f:ce:ee:b9:cb:23:57:dd:95:d0:c7:00:81:
c9:45:93:7d:59:98:98:61:c3:62:99:84:98:25:08:
52:cf:14:7d:9d:0c:01:9b:3a:67:9e:be:68:7a:07:
5d:08:13:f6:9b:b4:c3:97:02:d3:8a:46:56:36:a4:
9a:64:d9:9e:cc:40:47:64:86:80:ee:46:5c:cf:eb:
4b:45:bd:b3:48:b5:4c:be:d5:51:0f:47:0d:f4:0d:
b0:b7:65:70:63:d0:63:0e:01:3f:90:9c:9e:d1:a9:
e4:08:24:5d:01:d3:e5:e3:02:86:41:82:85:14:9f:
3f:a3:92:5f:92:dd:42:a3:24:b3:2c:ea:30:34:a0:
4f:5c:af:80:9c:bd:68:43:7e:45:99:fa:59:03:bd:
0d:2c:ab:e9:64:39:58:33:8c:6a:d2:e6:32:51:65:
fb:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:89:FA:92:5E:8A:83:D7:F2:E3:13:41:15:26:BA:00:18:15:50:42
X509v3 Authority Key Identifier:
keyid:67:CE:17:9C:BE:13:DD:B1:40:12:98:5A:06:71:00:EF:98:A5:56:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z84XnL4T3bFAEphaBnEA75ilVgE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5d7192-a719-4cd7-994a-62c01dc69cca/1/0Yn6kl6Kg9fy4xNBFSa6ABgVUEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5d7192-a719-4cd7-994a-62c01dc69cca/1/Z84XnL4T3bFAEphaBnEA75ilVgE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:1c40::/29
Signature Algorithm: sha256WithRSAEncryption
cf:74:e2:dd:42:46:91:06:9f:2e:a4:c8:86:bb:f1:8f:21:0d:
9e:38:c3:b5:8f:55:00:e1:e6:f0:42:dd:95:43:74:22:61:9e:
69:8f:0d:8c:fd:59:6b:6d:49:cf:72:73:6a:f1:8b:bb:56:6c:
52:18:0b:ce:98:dd:e8:84:7e:fb:f8:38:0e:1c:54:e2:d0:2f:
83:be:22:1f:9b:d1:06:11:8f:b0:dd:a5:54:aa:cb:20:89:a8:
7e:cc:ca:0b:8a:9c:6d:c4:97:a0:c9:e9:81:11:a3:77:68:96:
84:49:43:a2:14:f6:22:fc:9c:c9:3e:9d:b8:34:da:2e:c7:67:
dd:b3:e7:ea:86:1b:84:33:3c:2b:fe:40:b3:bd:0b:2a:e3:4c:
f5:bc:db:54:bd:b6:30:bb:bc:be:c6:e8:3e:6c:fd:42:78:08:
1a:0f:9c:1d:c0:e8:dc:36:54:f0:79:fd:5a:ea:f4:9b:e6:51:
2c:6e:a9:8d:1e:42:36:f4:89:89:44:9a:00:3a:2b:73:2c:34:
3e:55:d2:b6:42:e5:41:fa:03:74:e0:80:1d:21:fa:3b:69:4b:
c5:8a:a5:86:c9:11:84:bc:6d:c6:37:e6:08:6c:1e:d5:df:04:
95:23:f5:b9:48:95:db:9c:5c:18:8f:1e:06:1d:01:2d:e9:88:
10:48:24:10
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzHJhtoVEn+P+Xt2atFBmUuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3Y2UxNzljYmUxM2RkYjE0MDEyOTg1YTA2NzEwMGVmOThh
NTU2MDEwHhcNMjQwMTAxMjIzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTg5ZmE5MjVlOGE4M2Q3ZjJlMzEzNDExNTI2YmEwMDE4MTU1MDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2t0ez75eZLK/leWNTVQoP6Z9gI5
oAygzV4dQAweHpn/tIiAQfwEh9xtnNSs7ySbAiinLF2Neqw8JbNK+2VrzTRIHF8X
Rlvd+yRSlzMYEb9alsesWY19qtDJhV/O7rnLI1fdldDHAIHJRZN9WZiYYcNimYSY
JQhSzxR9nQwBmzpnnr5oegddCBP2m7TDlwLTikZWNqSaZNmezEBHZIaA7kZcz+tL
Rb2zSLVMvtVRD0cN9A2wt2VwY9BjDgE/kJye0ankCCRdAdPl4wKGQYKFFJ8/o5Jf
kt1CoySzLOowNKBPXK+AnL1oQ35FmfpZA70NLKvpZDlYM4xq0uYyUWX7qwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNGJ+pJeioPX8uMTQRUmugAYFVBCMB8GA1UdIwQY
MBaAFGfOF5y+E92xQBKYWgZxAO+YpVYBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjg0WG5MNFQzYkZBRXBoYUJuRUE3NWlsVmdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81ZDcxOTItYTcxOS00Y2Q3LTk5NGEt
NjJjMDFkYzY5Y2NhLzEvMFluNmtsNktnOWZ5NHhOQkZTYTZBQmdWVUVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81ZDcxOTItYTcxOS00Y2Q3LTk5NGEtNjJjMDFkYzY5Y2Nh
LzEvWjg0WG5MNFQzYkZBRXBoYUJuRUE3NWlsVmdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhMcQDAN
BgkqhkiG9w0BAQsFAAOCAQEAz3Ti3UJGkQafLqTIhrvxjyENnjjDtY9VAOHm8ELd
lUN0ImGeaY8NjP1Za21Jz3JzavGLu1ZsUhgLzpjd6IR++/g4DhxU4tAvg74iH5vR
BhGPsN2lVKrLIImofszKC4qcbcSXoMnpgRGjd2iWhElDohT2IvycyT6duDTaLsdn
3bPn6oYbhDM8K/5As70LKuNM9bzbVL22MLu8vsboPmz9QngIGg+cHcDo3DZU8Hn9
Wur0m+ZRLG6pjR5CNvSJiUSaADorcyw0PlXStkLlQfoDdOCAHSH6O2lLxYqlhskR
hLxtxjfmCGwe1d8ElSP1uUiV25xcGI8eBh0BLemIEEgkEA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:44 2024 by rpki-client on console-fra.rpki-client.org