Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/a8e45b-17c6-436d-81a8-c5195162e3be/1/b1kCGENT7QXPY5yQRuNdSSh2qAw.roa
File: b1kCGENT7QXPY5yQRuNdSSh2qAw.roa (raw, json)
Hash identifier: ep8NORfex9KBNUuE+bW0rhrPFpRY9iX/Dq5Cz4XmGkM=
Subject key identifier: 6F:59:02:18:43:53:ED:05:CF:63:9C:90:46:E3:5D:49:28:76:A8:0C
Certificate issuer: /CN=baaa748ba14a76e5d8a6edacb5426082a56f5e3d
Certificate serial: 018A754D90D63E9E40B4CC7ACDFF408EBC7D
Authority key identifier: BA:AA:74:8B:A1:4A:76:E5:D8:A6:ED:AC:B5:42:60:82:A5:6F:5E:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqp0i6FKduXYpu2stUJggqVvXj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/a8e45b-17c6-436d-81a8-c5195162e3be/1/b1kCGENT7QXPY5yQRuNdSSh2qAw.roa
Signing time: Fri 08 Sep 2023 14:58:52 +0000
ROA not before: Fri 08 Sep 2023 14:58:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47526
IP address blocks: 2a13:ccc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 18 Sep 2023 16:47:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:75:4d:90:d6:3e:9e:40:b4:cc:7a:cd:ff:40:8e:bc:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baaa748ba14a76e5d8a6edacb5426082a56f5e3d
Validity
Not Before: Sep 8 14:58:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f5902184353ed05cf639c9046e35d492876a80c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:dc:af:08:a8:ec:47:ba:19:44:7f:69:35:cf:
32:3d:22:7a:18:0b:69:6b:6a:fd:91:f7:b4:b8:e1:
72:7f:54:bd:fb:48:28:6e:13:51:0d:1e:40:9b:55:
12:a8:3e:aa:23:61:51:21:88:23:0c:f4:1b:69:65:
e1:63:aa:da:43:d6:a6:f4:2c:41:9f:87:dc:0a:df:
a0:61:11:da:c5:5a:d5:9d:1b:f7:88:fc:2f:3a:d1:
97:02:0c:fb:2d:21:0d:de:13:c2:3e:04:27:49:52:
e5:fa:d5:f0:6a:85:f6:72:14:c4:df:7d:40:d5:d0:
15:a3:a5:94:8d:9a:e8:f2:c5:ac:db:19:3a:33:af:
18:fe:86:de:32:16:df:1c:79:8b:a3:3a:ae:dc:1c:
a6:b7:16:1c:1b:1e:38:ce:17:4f:70:c8:f9:7a:dc:
a0:81:92:5a:f2:e7:fe:d3:13:68:41:d4:eb:11:17:
da:bb:80:34:aa:77:83:90:e5:5d:77:4b:72:36:9a:
f7:69:94:d2:7c:4a:fa:9e:22:23:54:ff:d1:e9:54:
dc:dc:60:d7:c1:ac:8c:00:84:8c:40:31:af:0c:c3:
23:2c:e3:ff:6f:24:84:2c:fb:13:cc:8e:aa:5e:40:
46:02:1f:2c:37:cf:b7:a6:d7:ff:bc:f8:57:a2:31:
f7:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:59:02:18:43:53:ED:05:CF:63:9C:90:46:E3:5D:49:28:76:A8:0C
X509v3 Authority Key Identifier:
keyid:BA:AA:74:8B:A1:4A:76:E5:D8:A6:ED:AC:B5:42:60:82:A5:6F:5E:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqp0i6FKduXYpu2stUJggqVvXj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/a8e45b-17c6-436d-81a8-c5195162e3be/1/b1kCGENT7QXPY5yQRuNdSSh2qAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/a8e45b-17c6-436d-81a8-c5195162e3be/1/uqp0i6FKduXYpu2stUJggqVvXj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:ccc0::/32
Signature Algorithm: sha256WithRSAEncryption
9c:72:13:3e:e3:56:ce:23:95:78:d6:f2:84:86:9e:8e:a1:87:
d6:d8:52:02:ef:dc:17:67:94:4d:d1:be:c7:e4:c6:25:0a:c5:
aa:85:eb:f8:a5:fd:39:04:bc:11:81:b9:b8:f2:cd:ed:35:f0:
3d:ec:6e:e6:6b:8f:20:0a:58:b0:e7:0b:2f:05:f3:c8:37:9e:
81:fa:cd:3b:91:9d:70:2f:70:27:2c:4e:c7:c9:d2:2d:02:f2:
a4:71:27:2f:dd:98:88:85:0c:ad:97:fb:9d:9f:1e:39:9b:2c:
18:42:fe:a9:f6:0f:47:a5:25:c8:3f:ee:c9:a3:d6:b9:05:0e:
cd:5a:ae:a9:f9:cc:1e:aa:bb:c9:21:93:2f:a3:12:4c:af:3a:
62:bf:83:e1:a3:c4:eb:e1:96:32:83:1c:8e:54:a1:71:5d:cd:
d1:46:39:d2:b7:c0:6c:69:f3:e5:0a:e4:96:83:d2:ec:5c:54:
22:a6:0d:73:da:1c:99:56:4e:a9:32:f6:e3:73:89:48:b0:79:
8e:63:de:f5:6e:64:e6:5a:50:3f:b5:b4:e1:a3:3e:1a:62:c4:
31:a7:1e:9a:11:68:f6:37:34:5b:ee:73:0c:3f:c5:fd:da:2b:
bb:8b:a1:a0:05:3a:8e:80:4c:09:08:5f:49:ad:a8:6d:fd:8d:
4a:85:de:5c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYp1TZDWPp5AtMx6zf9Ajrx9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYWE3NDhiYTE0YTc2ZTVkOGE2ZWRhY2I1NDI2MDgyYTU2
ZjVlM2QwHhcNMjMwOTA4MTQ1ODUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjU5MDIxODQzNTNlZDA1Y2Y2MzljOTA0NmUzNWQ0OTI4NzZhODBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9yvCKjsR7oZRH9pNc8yPSJ6GAtp
a2r9kfe0uOFyf1S9+0gobhNRDR5Am1USqD6qI2FRIYgjDPQbaWXhY6raQ9am9CxB
n4fcCt+gYRHaxVrVnRv3iPwvOtGXAgz7LSEN3hPCPgQnSVLl+tXwaoX2chTE331A
1dAVo6WUjZro8sWs2xk6M68Y/obeMhbfHHmLozqu3BymtxYcGx44zhdPcMj5etyg
gZJa8uf+0xNoQdTrERfau4A0qneDkOVdd0tyNpr3aZTSfEr6niIjVP/R6VTc3GDX
wayMAISMQDGvDMMjLOP/bySELPsTzI6qXkBGAh8sN8+3ptf/vPhXojH3aQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFG9ZAhhDU+0Fz2OckEbjXUkodqgMMB8GA1UdIwQY
MBaAFLqqdIuhSnbl2KbtrLVCYIKlb149MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFwMGk2RktkdVhZcHUyc3RVSmdncVZ2WGowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9hOGU0NWItMTdjNi00MzZkLTgxYTgt
YzUxOTUxNjJlM2JlLzEvYjFrQ0dFTlQ3UVhQWTV5UVJ1TmRTU2gycUF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9hOGU0NWItMTdjNi00MzZkLTgxYTgtYzUxOTUxNjJlM2Jl
LzEvdXFwMGk2RktkdVhZcHUyc3RVSmdncVZ2WGowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhPMwDAN
BgkqhkiG9w0BAQsFAAOCAQEAnHITPuNWziOVeNbyhIaejqGH1thSAu/cF2eUTdG+
x+TGJQrFqoXr+KX9OQS8EYG5uPLN7TXwPexu5muPIApYsOcLLwXzyDeegfrNO5Gd
cC9wJyxOx8nSLQLypHEnL92YiIUMrZf7nZ8eOZssGEL+qfYPR6UlyD/uyaPWuQUO
zVquqfnMHqq7ySGTL6MSTK86Yr+D4aPE6+GWMoMcjlShcV3N0UY50rfAbGnz5Qrk
loPS7FxUIqYNc9ocmVZOqTL243OJSLB5jmPe9W5k5lpQP7W04aM+GmLEMacemhFo
9jc0W+5zDD/F/doru4uhoAU6joBMCQhfSa2obf2NSoXeXA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:32 2024 by rpki-client on console-ams.rpki-client.org