Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f0cfa7-6254-4a81-996c-3b7ef25cfe83/1/p11t4yMEZZOOxn0oe7f538F9SWQ.roa
File: p11t4yMEZZOOxn0oe7f538F9SWQ.roa (raw, json)
Hash identifier: 01za1wCqLOWcjRxXYKpltgnWDF0rtT2OSgk2Bt5nKCU=
Subject key identifier: A7:5D:6D:E3:23:04:65:93:8E:C6:7D:28:7B:B7:F9:DF:C1:7D:49:64
Certificate issuer: /CN=a60e46d63a7183f70da492f02b8098c2bffc28be
Certificate serial: 01856E0ADDF8FBC063349F23D7449516112A
Authority key identifier: A6:0E:46:D6:3A:71:83:F7:0D:A4:92:F0:2B:80:98:C2:BF:FC:28:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pg5G1jpxg_cNpJLwK4CYwr_8KL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f0cfa7-6254-4a81-996c-3b7ef25cfe83/1/p11t4yMEZZOOxn0oe7f538F9SWQ.roa
Signing time: Sun 01 Jan 2023 15:54:43 +0000
ROA not before: Sun 01 Jan 2023 15:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20712
IP address blocks: 2001:67c:a18::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:0a:dd:f8:fb:c0:63:34:9f:23:d7:44:95:16:11:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a60e46d63a7183f70da492f02b8098c2bffc28be
Validity
Not Before: Jan 1 15:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a75d6de3230465938ec67d287bb7f9dfc17d4964
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0e:88:05:66:e3:7c:33:04:67:a1:e9:40:45:
fe:52:e0:67:40:56:32:27:f8:50:f8:9f:05:40:8e:
4d:e0:1f:7f:89:fe:d2:82:53:35:e4:c0:26:35:8f:
c1:2a:43:c6:6d:f8:0e:41:ed:e4:0c:44:6b:b8:ac:
a1:4b:7b:34:76:a6:29:5c:c2:39:d3:be:51:f1:0d:
c6:ed:94:16:ba:d0:36:ed:0a:3e:8b:02:36:bd:2d:
97:e5:8e:c6:26:3e:ff:69:00:92:68:02:8a:00:75:
51:21:e7:27:8c:05:7e:8c:f0:01:87:c6:72:ab:9d:
a8:59:5e:e8:a5:8a:90:f8:b3:16:62:a4:35:24:ab:
74:3d:02:62:c8:d5:73:31:55:d8:74:05:2b:ab:05:
a4:6b:a8:05:c4:56:7d:66:72:bc:e7:9f:79:d5:68:
9e:10:bd:eb:f9:e2:14:bd:c9:56:41:54:b0:73:e8:
2e:d1:01:9e:94:99:b9:33:e6:99:b4:22:44:fe:6b:
87:ec:66:4f:9e:5c:0d:37:e2:d6:56:ef:7e:95:a4:
0e:b5:02:c8:fe:68:3f:3c:a4:e9:8b:9f:ac:57:78:
dd:a0:f2:ba:47:55:f6:fe:1a:4c:53:d7:26:1f:6d:
6b:26:da:e4:4a:ea:b0:0d:a6:c0:47:08:51:86:98:
6f:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:5D:6D:E3:23:04:65:93:8E:C6:7D:28:7B:B7:F9:DF:C1:7D:49:64
X509v3 Authority Key Identifier:
keyid:A6:0E:46:D6:3A:71:83:F7:0D:A4:92:F0:2B:80:98:C2:BF:FC:28:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pg5G1jpxg_cNpJLwK4CYwr_8KL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f0cfa7-6254-4a81-996c-3b7ef25cfe83/1/p11t4yMEZZOOxn0oe7f538F9SWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f0cfa7-6254-4a81-996c-3b7ef25cfe83/1/pg5G1jpxg_cNpJLwK4CYwr_8KL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:a18::/48
Signature Algorithm: sha256WithRSAEncryption
6b:5f:5a:3b:b2:b3:b5:59:51:68:64:2e:09:99:f5:67:7e:2f:
24:b6:0f:b3:54:22:78:76:ec:09:b1:3e:45:a1:ad:aa:85:09:
73:a1:99:74:c5:4c:9c:4f:17:b4:b8:d1:c3:c9:41:b1:5b:32:
84:5c:be:dd:d3:05:16:2f:78:12:a3:74:10:8e:a8:f5:ec:75:
53:ea:20:5b:28:92:0e:92:b5:3e:d7:74:46:79:6a:0d:a8:b7:
e4:ab:2d:c4:b1:5d:5c:76:40:72:a2:88:06:da:d2:56:0f:8c:
26:38:89:1a:63:9a:e4:fc:18:8d:26:39:4d:da:e7:9e:52:3e:
08:29:45:56:d7:9c:77:22:49:a8:38:ce:16:a4:a3:8f:41:5b:
43:0e:3b:93:f8:ab:4c:5d:e7:57:f9:4b:14:2a:76:ec:0a:67:
50:b6:86:67:65:95:45:fa:8e:d5:99:2c:7e:d6:b6:10:d4:64:
7c:3a:2c:c7:41:fc:f3:65:5d:1c:2b:5a:26:4d:94:9f:03:16:
61:86:3b:d1:c0:22:c9:e3:68:db:69:22:f9:47:a6:70:60:56:
69:c5:dc:ad:3e:26:82:80:b8:52:b4:73:c1:c9:a2:05:86:b9:
ca:d0:c2:76:07:bc:e9:cf:0c:26:41:5b:ae:42:d0:52:fe:f4:
ea:36:43:4e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVuCt34+8BjNJ8j10SVFhEqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MGU0NmQ2M2E3MTgzZjcwZGE0OTJmMDJiODA5OGMyYmZm
YzI4YmUwHhcNMjMwMTAxMTU1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzVkNmRlMzIzMDQ2NTkzOGVjNjdkMjg3YmI3ZjlkZmMxN2Q0OTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArA6IBWbjfDMEZ6HpQEX+UuBnQFYy
J/hQ+J8FQI5N4B9/if7SglM15MAmNY/BKkPGbfgOQe3kDERruKyhS3s0dqYpXMI5
075R8Q3G7ZQWutA27Qo+iwI2vS2X5Y7GJj7/aQCSaAKKAHVRIecnjAV+jPABh8Zy
q52oWV7opYqQ+LMWYqQ1JKt0PQJiyNVzMVXYdAUrqwWka6gFxFZ9ZnK855951Wie
EL3r+eIUvclWQVSwc+gu0QGelJm5M+aZtCJE/muH7GZPnlwNN+LWVu9+laQOtQLI
/mg/PKTpi5+sV3jdoPK6R1X2/hpMU9cmH21rJtrkSuqwDabARwhRhphvdwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKddbeMjBGWTjsZ9KHu3+d/BfUlkMB8GA1UdIwQY
MBaAFKYORtY6cYP3DaSS8CuAmMK//Ci+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGc1RzFqcHhnX2NOcEpMd0s0Q1l3cl84S0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mMGNmYTctNjI1NC00YTgxLTk5NmMt
M2I3ZWYyNWNmZTgzLzEvcDExdDR5TUVaWk9PeG4wb2U3ZjUzOEY5U1dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mMGNmYTctNjI1NC00YTgxLTk5NmMtM2I3ZWYyNWNmZTgz
LzEvcGc1RzFqcHhnX2NOcEpMd0s0Q1l3cl84S0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAoY
MA0GCSqGSIb3DQEBCwUAA4IBAQBrX1o7srO1WVFoZC4JmfVnfi8ktg+zVCJ4duwJ
sT5Foa2qhQlzoZl0xUycTxe0uNHDyUGxWzKEXL7d0wUWL3gSo3QQjqj17HVT6iBb
KJIOkrU+13RGeWoNqLfkqy3EsV1cdkByoogG2tJWD4wmOIkaY5rk/BiNJjlN2uee
Uj4IKUVW15x3IkmoOM4WpKOPQVtDDjuT+KtMXedX+UsUKnbsCmdQtoZnZZVF+o7V
mSx+1rYQ1GR8OizHQfzzZV0cK1omTZSfAxZhhjvRwCLJ42jbaSL5R6ZwYFZpxdyt
PiaCgLhStHPByaIFhrnK0MJ2B7zpzwwmQVuuQtBS/vTqNkNO
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:00 2024 by rpki-client on console-ams.rpki-client.org