Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/fI5A7hPQSmGCESptJKeTS4zSan0.roa
File: fI5A7hPQSmGCESptJKeTS4zSan0.roa (raw, json)
Hash identifier: Qgt44o8Do8k5xIIWZ3g8GzyWoz496SjKrhGINIP1TKQ=
Subject key identifier: 7C:8E:40:EE:13:D0:4A:61:82:11:2A:6D:24:A7:93:4B:8C:D2:6A:7D
Certificate issuer: /CN=5ac466cc89f9db4e31c5400d2ae7a2bffdb22547
Certificate serial: 018570DE308E4D887468A2F64B160436A4DD
Authority key identifier: 5A:C4:66:CC:89:F9:DB:4E:31:C5:40:0D:2A:E7:A2:BF:FD:B2:25:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WsRmzIn5204xxUANKueiv_2yJUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/fI5A7hPQSmGCESptJKeTS4zSan0.roa
Signing time: Mon 02 Jan 2023 05:04:47 +0000
ROA not before: Mon 02 Jan 2023 05:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3549
IP address blocks: 2a06:6540:3101::/48 maxlen: 48
2a06:6540:3081::/48 maxlen: 48
2a06:6540:2041::/48 maxlen: 48
2a06:6540:3041::/48 maxlen: 48
2a06:6540:30c1::/48 maxlen: 48
2a06:6541:3002::/48 maxlen: 48
2a06:6540:3002::/48 maxlen: 48
2a06:6541:3081::/48 maxlen: 48
2a06:6541:2041::/48 maxlen: 48
2a06:6541:3101::/48 maxlen: 48
2a06:6541:30c1::/48 maxlen: 48
2a06:6541:3041::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:30:8e:4d:88:74:68:a2:f6:4b:16:04:36:a4:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ac466cc89f9db4e31c5400d2ae7a2bffdb22547
Validity
Not Before: Jan 2 05:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c8e40ee13d04a6182112a6d24a7934b8cd26a7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:7f:cc:9a:5c:94:e0:66:57:e1:10:b4:69:d4:
67:b8:2d:2f:08:cf:f9:c1:6c:9c:2b:ff:e6:3b:57:
88:09:97:cc:4e:1a:28:fe:a5:44:b6:7a:f0:19:14:
d8:b2:23:ce:39:39:c5:66:aa:13:9d:ea:6e:45:69:
bf:45:05:79:e8:bc:33:3d:1a:b3:ea:e4:97:7c:50:
cc:bc:54:0d:e5:48:b1:af:7a:a4:03:b9:f1:c2:91:
a0:09:cf:ee:f2:24:dc:93:ae:0d:ad:5a:af:7e:56:
f4:b0:8e:67:dd:9c:20:34:29:09:c1:a4:28:4e:4a:
73:21:75:0a:30:c7:5a:89:f4:dd:8f:7d:79:07:c2:
74:1a:bf:56:07:d5:8e:f2:57:22:1b:b5:28:1c:80:
48:18:bc:1d:5f:29:03:2b:1f:0e:21:8f:d9:f2:a9:
04:07:02:f1:24:ea:e3:90:4b:b0:b3:fd:e7:8c:d9:
f9:0b:f3:1d:80:e6:bd:28:fc:4e:1c:57:96:37:70:
6c:be:2e:d4:11:f6:a5:38:ba:70:c0:14:a8:9c:1b:
a3:3a:13:74:5a:ba:15:dc:26:ee:b2:a9:16:cc:29:
6c:a1:c7:7f:f3:75:35:d9:33:ab:83:33:6e:98:01:
98:a9:88:d2:d5:67:c4:86:fb:cd:0f:c9:72:02:cc:
e5:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:8E:40:EE:13:D0:4A:61:82:11:2A:6D:24:A7:93:4B:8C:D2:6A:7D
X509v3 Authority Key Identifier:
keyid:5A:C4:66:CC:89:F9:DB:4E:31:C5:40:0D:2A:E7:A2:BF:FD:B2:25:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WsRmzIn5204xxUANKueiv_2yJUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/fI5A7hPQSmGCESptJKeTS4zSan0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/WsRmzIn5204xxUANKueiv_2yJUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:6540:2041::/48
2a06:6540:3002::/48
2a06:6540:3041::/48
2a06:6540:3081::/48
2a06:6540:30c1::/48
2a06:6540:3101::/48
2a06:6541:2041::/48
2a06:6541:3002::/48
2a06:6541:3041::/48
2a06:6541:3081::/48
2a06:6541:30c1::/48
2a06:6541:3101::/48
Signature Algorithm: sha256WithRSAEncryption
0b:3c:08:4e:63:42:ca:cf:11:fb:a8:24:e4:47:54:58:b0:89:
a0:03:82:ea:10:c0:49:d3:68:c7:f2:80:a0:64:50:49:0b:c4:
aa:ec:c4:a8:68:84:5f:ed:fb:1a:45:ba:92:b1:90:a1:75:7f:
31:59:02:50:52:bb:4e:98:fb:55:a3:8d:1f:df:87:7b:9d:8a:
c6:2c:37:37:03:4a:89:6e:43:f0:2e:55:92:1b:39:bf:c2:35:
73:77:cb:aa:5c:b2:a4:70:f3:1d:8c:06:c3:d6:5f:6e:a3:2a:
47:57:c7:a4:bb:df:2b:db:d4:ac:08:99:d4:a5:e0:8e:6e:68:
9f:96:69:98:5c:7c:a0:96:64:3c:23:2f:4d:c3:b0:08:af:9f:
fd:ad:97:fe:9c:ee:23:4c:99:14:31:c1:a4:c6:9e:65:b8:9c:
2b:45:01:e1:74:7f:47:7b:59:df:42:02:22:28:2b:7c:47:58:
e7:8c:d7:21:ff:66:f0:b0:20:bd:b2:24:1c:08:dc:72:42:3d:
90:14:53:74:76:ae:9f:d3:d2:a9:28:cf:66:e2:af:f4:8d:10:
72:ae:3f:bf:24:d1:86:6c:41:ba:2d:de:d4:4a:42:3d:27:b8:
37:b6:6c:b3:95:92:a2:8f:42:11:c4:eb:2c:0e:b8:ea:76:4c:
e9:cb:9b:23
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYVw3jCOTYh0aKL2SxYENqTdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYzQ2NmNjODlmOWRiNGUzMWM1NDAwZDJhZTdhMmJmZmRi
MjI1NDcwHhcNMjMwMTAyMDUwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzhlNDBlZTEzZDA0YTYxODIxMTJhNmQyNGE3OTM0YjhjZDI2YTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvH/MmlyU4GZX4RC0adRnuC0vCM/5
wWycK//mO1eICZfMThoo/qVEtnrwGRTYsiPOOTnFZqoTnepuRWm/RQV56LwzPRqz
6uSXfFDMvFQN5Uixr3qkA7nxwpGgCc/u8iTck64NrVqvflb0sI5n3ZwgNCkJwaQo
TkpzIXUKMMdaifTdj315B8J0Gr9WB9WO8lciG7UoHIBIGLwdXykDKx8OIY/Z8qkE
BwLxJOrjkEuws/3njNn5C/MdgOa9KPxOHFeWN3Bsvi7UEfalOLpwwBSonBujOhN0
WroV3CbusqkWzClsocd/83U12TOrgzNumAGYqYjS1WfEhvvND8lyAszl0QIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFHyOQO4T0EphghEqbSSnk0uM0mp9MB8GA1UdIwQY
MBaAFFrEZsyJ+dtOMcVADSrnor/9siVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3NSbXpJbjUyMDR4eFVBTkt1ZWl2XzJ5SlVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9lMjljODctNDY4My00NDNlLTg4M2Yt
OWFiZDFhYTY0YmUxLzEvZkk1QTdoUFFTbUdDRVNwdEpLZVRTNHpTYW4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9lMjljODctNDY4My00NDNlLTg4M2YtOWFiZDFhYTY0YmUx
LzEvV3NSbXpJbjUyMDR4eFVBTkt1ZWl2XzJ5SlVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAIwbAMHACoGZUAg
QQMHACoGZUAwAgMHACoGZUAwQQMHACoGZUAwgQMHACoGZUAwwQMHACoGZUAxAQMH
ACoGZUEgQQMHACoGZUEwAgMHACoGZUEwQQMHACoGZUEwgQMHACoGZUEwwQMHACoG
ZUExATANBgkqhkiG9w0BAQsFAAOCAQEACzwITmNCys8R+6gk5EdUWLCJoAOC6hDA
SdNox/KAoGRQSQvEquzEqGiEX+37GkW6krGQoXV/MVkCUFK7Tpj7VaONH9+He52K
xiw3NwNKiW5D8C5Vkhs5v8I1c3fLqlyypHDzHYwGw9ZfbqMqR1fHpLvfK9vUrAiZ
1KXgjm5on5ZpmFx8oJZkPCMvTcOwCK+f/a2X/pzuI0yZFDHBpMaeZbicK0UB4XR/
R3tZ30ICIigrfEdY54zXIf9m8LAgvbIkHAjcckI9kBRTdHaun9PSqSjPZuKv9I0Q
cq4/vyTRhmxBui3e1EpCPSe4N7Zss5WSoo9CEcTrLA646nZM6cubIw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:32 2024 by rpki-client on console-ams.rpki-client.org