Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/2a53e8-f236-4242-a13b-8f5f713b37aa/1/y3MVeoGH52gvv-_AzG4qPRRbR-Q.roa
File: y3MVeoGH52gvv-_AzG4qPRRbR-Q.roa (raw, json)
Hash identifier: +oW2KqNpbc/BhM+Jve+WhOhUXNcVFEJYAFSKOdJ+Xoc=
Subject key identifier: CB:73:15:7A:81:87:E7:68:2F:BF:EF:C0:CC:6E:2A:3D:14:5B:47:E4
Certificate issuer: /CN=aa907ae1977c23527aad6656a148c70372e9b256
Certificate serial: 018A1D1BDE06EF57FD2D7BA1B77276F42935
Authority key identifier: AA:90:7A:E1:97:7C:23:52:7A:AD:66:56:A1:48:C7:03:72:E9:B2:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qpB64Zd8I1J6rWZWoUjHA3LpslY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/2a53e8-f236-4242-a13b-8f5f713b37aa/1/y3MVeoGH52gvv-_AzG4qPRRbR-Q.roa
Signing time: Tue 22 Aug 2023 11:58:00 +0000
ROA not before: Tue 22 Aug 2023 11:58:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2119
IP address blocks: 2001:67c:c60::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1d:1b:de:06:ef:57:fd:2d:7b:a1:b7:72:76:f4:29:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa907ae1977c23527aad6656a148c70372e9b256
Validity
Not Before: Aug 22 11:58:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb73157a8187e7682fbfefc0cc6e2a3d145b47e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ac:45:5c:b2:48:e1:39:60:bf:79:c0:df:9c:
85:3f:c4:26:6c:a9:3a:fa:d4:c0:02:91:7b:dd:6d:
c9:93:88:2c:10:87:48:f4:f0:47:ad:4e:6f:42:0c:
d5:51:75:e1:3e:4d:1c:d8:49:6d:9a:c0:92:86:68:
37:fa:42:b4:09:45:a1:4e:51:b4:a8:aa:b7:73:62:
e2:43:ff:26:43:27:9d:dc:af:a6:7e:a7:ac:d4:b2:
f4:7d:2e:5b:32:e4:20:fe:2e:9e:1d:9f:8d:47:ca:
8f:e4:f5:c6:b7:bf:0a:bb:4c:cb:f9:c5:a8:6d:7e:
6e:90:0e:72:13:18:3a:77:d3:29:f2:65:d8:1a:e0:
24:b2:8d:39:a5:a8:aa:56:b3:44:c4:56:23:e1:f2:
c8:39:6a:36:cb:4f:af:c2:c2:d3:ea:66:ad:89:5c:
ff:b6:36:e8:0c:9c:18:e0:b6:fe:ee:b9:ad:21:e7:
c0:f3:03:d8:56:5b:9a:e4:f9:47:5e:d7:d4:11:63:
1f:76:30:74:84:37:2c:7b:75:ff:36:85:7a:41:25:
6f:eb:07:9e:49:78:ea:9e:b9:d2:2d:4e:f2:26:71:
98:af:06:7d:87:5e:e3:73:90:91:8d:6e:85:cd:e1:
c7:ad:14:36:0e:79:58:e3:c3:1b:e0:59:87:bf:d2:
82:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:73:15:7A:81:87:E7:68:2F:BF:EF:C0:CC:6E:2A:3D:14:5B:47:E4
X509v3 Authority Key Identifier:
keyid:AA:90:7A:E1:97:7C:23:52:7A:AD:66:56:A1:48:C7:03:72:E9:B2:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qpB64Zd8I1J6rWZWoUjHA3LpslY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/2a53e8-f236-4242-a13b-8f5f713b37aa/1/y3MVeoGH52gvv-_AzG4qPRRbR-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/2a53e8-f236-4242-a13b-8f5f713b37aa/1/qpB64Zd8I1J6rWZWoUjHA3LpslY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:c60::/48
Signature Algorithm: sha256WithRSAEncryption
80:0d:53:b4:87:01:b6:29:cc:f5:21:d2:7d:2d:c6:55:a4:a5:
60:d9:50:9f:d5:e3:2c:0d:c0:6c:f2:c5:73:b0:85:aa:3c:ef:
c7:4a:4d:20:ab:d1:db:86:cc:49:98:1a:20:b1:dc:14:c4:93:
0f:1c:b6:bc:78:60:d6:b9:8c:58:6c:b3:54:36:1f:ac:29:1e:
40:5c:47:6e:c5:33:87:27:4e:d0:49:12:9f:35:a0:e9:98:1b:
a5:4c:da:e3:70:d7:c6:1c:64:fc:3d:85:7c:d7:f3:2a:9d:ee:
56:82:be:5d:f9:ed:54:d4:3f:5d:32:ce:9c:f0:a5:c9:46:d9:
18:d2:1c:4c:a6:ad:63:65:b8:38:ea:01:77:f2:1e:43:cf:d7:
6b:59:b2:09:9a:76:79:ac:fb:f9:58:d3:c8:3f:c4:d0:97:59:
7d:53:cf:ad:aa:c8:a1:e5:21:70:5d:12:2e:bc:95:35:43:df:
aa:37:06:4b:f1:e0:f5:8e:bd:95:10:3d:a3:ca:d5:bc:bc:b4:
ac:9a:b6:4d:99:5b:f5:4e:d2:e8:50:63:59:ba:87:2d:62:f2:
44:a5:14:a6:d2:72:e3:d7:f7:b6:29:d5:81:20:c1:f7:63:bf:
4a:69:40:8e:6c:b9:04:38:1f:1c:dc:66:ea:f9:cc:98:94:85:
05:1b:f9:ed
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYodG94G71f9LXuht3J29Ck1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhOTA3YWUxOTc3YzIzNTI3YWFkNjY1NmExNDhjNzAzNzJl
OWIyNTYwHhcNMjMwODIyMTE1ODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjczMTU3YTgxODdlNzY4MmZiZmVmYzBjYzZlMmEzZDE0NWI0N2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6xFXLJI4Tlgv3nA35yFP8QmbKk6
+tTAApF73W3Jk4gsEIdI9PBHrU5vQgzVUXXhPk0c2EltmsCShmg3+kK0CUWhTlG0
qKq3c2LiQ/8mQyed3K+mfqes1LL0fS5bMuQg/i6eHZ+NR8qP5PXGt78Ku0zL+cWo
bX5ukA5yExg6d9Mp8mXYGuAkso05paiqVrNExFYj4fLIOWo2y0+vwsLT6matiVz/
tjboDJwY4Lb+7rmtIefA8wPYVlua5PlHXtfUEWMfdjB0hDcse3X/NoV6QSVv6wee
SXjqnrnSLU7yJnGYrwZ9h17jc5CRjW6FzeHHrRQ2DnlY48Mb4FmHv9KCEQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMtzFXqBh+doL7/vwMxuKj0UW0fkMB8GA1UdIwQY
MBaAFKqQeuGXfCNSeq1mVqFIxwNy6bJWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXBCNjRaZDhJMUo2cldaV29VakhBM0xwc2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8yYTUzZTgtZjIzNi00MjQyLWExM2It
OGY1ZjcxM2IzN2FhLzEveTNNVmVvR0g1Mmd2di1fQXpHNHFQUlJiUi1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8yYTUzZTgtZjIzNi00MjQyLWExM2ItOGY1ZjcxM2IzN2Fh
LzEvcXBCNjRaZDhJMUo2cldaV29VakhBM0xwc2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAxg
MA0GCSqGSIb3DQEBCwUAA4IBAQCADVO0hwG2Kcz1IdJ9LcZVpKVg2VCf1eMsDcBs
8sVzsIWqPO/HSk0gq9HbhsxJmBogsdwUxJMPHLa8eGDWuYxYbLNUNh+sKR5AXEdu
xTOHJ07QSRKfNaDpmBulTNrjcNfGHGT8PYV81/Mqne5Wgr5d+e1U1D9dMs6c8KXJ
RtkY0hxMpq1jZbg46gF38h5Dz9drWbIJmnZ5rPv5WNPIP8TQl1l9U8+tqsih5SFw
XRIuvJU1Q9+qNwZL8eD1jr2VED2jytW8vLSsmrZNmVv1TtLoUGNZuoctYvJEpRSm
0nLj1/e2KdWBIMH3Y79KaUCObLkEOB8c3Gbq+cyYlIUFG/nt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:11 2024 by rpki-client on console-fra.rpki-client.org