Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/06KHBfz5196FcGHtw5OvLYo2r54.roa
File: 06KHBfz5196FcGHtw5OvLYo2r54.roa (raw, json)
Hash identifier: 5XYBj7cU7tMjXvSWI3TCDHvvA7/7/A2J7rmysBKgAf4=
Subject key identifier: D3:A2:87:05:FC:F9:D7:DE:85:70:61:ED:C3:93:AF:2D:8A:36:AF:9E
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 01856F2FF589EFF70CF4AB92E3571BDA2314
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/06KHBfz5196FcGHtw5OvLYo2r54.roa
Signing time: Sun 01 Jan 2023 21:14:52 +0000
ROA not before: Sun 01 Jan 2023 21:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208680
IP address blocks: 2a0e:aa07:f0e0::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:f5:89:ef:f7:0c:f4:ab:92:e3:57:1b:da:23:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 21:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3a28705fcf9d7de857061edc393af2d8a36af9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b8:f8:24:86:00:7b:fe:cf:a0:d0:3c:90:ee:
fd:95:e3:27:37:04:3f:2f:25:20:b2:0c:a7:fe:0a:
4b:76:cf:30:32:39:01:c2:ce:a9:f3:6e:2b:50:2a:
7f:b6:99:26:5a:ed:73:67:31:21:70:ea:6d:21:f9:
2e:19:15:70:24:c0:16:2e:6c:9e:6a:26:42:23:f1:
2c:77:6d:28:e1:f5:13:3e:c4:72:dc:df:af:d8:24:
cf:c7:a5:c2:4a:d6:19:5e:bb:13:ba:f7:85:f8:75:
61:b9:41:96:fb:d6:50:57:63:a9:34:d4:63:9e:84:
f9:0f:be:f7:48:29:7b:20:c8:6c:f5:6a:9b:c0:bf:
69:19:28:0f:cd:95:c5:c1:87:64:db:8b:e4:07:f7:
d3:84:e9:0b:43:8b:1d:55:dd:ad:f7:5a:c7:f8:3c:
1a:95:72:be:54:27:08:5d:7e:df:59:c6:6d:04:3d:
cf:cc:86:45:63:0a:c2:56:a4:b4:a8:5f:ff:ec:ec:
43:ef:12:cf:b9:b3:02:e3:96:a9:23:72:e9:ad:e1:
f1:ef:66:b0:6d:b3:92:e1:ab:14:fc:dd:57:27:6b:
5d:34:e8:96:34:22:4d:aa:02:45:3e:c1:cc:b8:a5:
a2:c3:26:a8:26:1e:5e:36:33:57:54:6a:06:d7:a8:
60:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:A2:87:05:FC:F9:D7:DE:85:70:61:ED:C3:93:AF:2D:8A:36:AF:9E
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/06KHBfz5196FcGHtw5OvLYo2r54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:f0e0::/44
Signature Algorithm: sha256WithRSAEncryption
a4:85:ac:2a:6c:fc:45:5d:83:f6:7d:14:d0:1a:98:ab:da:e3:
61:b6:5d:a4:43:8f:4a:6b:85:90:83:50:6a:ca:00:5f:39:76:
a2:7b:6a:19:20:8b:bb:ba:60:9a:f0:80:fd:e0:b0:f4:a1:3d:
6c:e1:4c:b7:d0:3e:7b:4d:a5:eb:66:f8:61:cd:69:fa:fb:19:
48:e4:e8:36:b0:f2:3f:08:12:4d:54:2a:3a:50:c4:5c:1e:93:
0c:c3:6b:c9:f4:00:61:53:cb:b7:db:05:8a:c7:a8:c4:c2:0c:
a4:78:bf:7a:fa:df:bf:d7:80:e1:4a:d8:11:a6:ce:36:84:f4:
b8:a0:e2:7d:ed:07:70:40:0d:46:4b:e8:07:41:01:df:f6:f7:
9d:01:6a:88:7d:3e:f8:1d:10:36:23:22:da:6b:94:8b:11:11:
4c:0c:24:20:b4:25:0e:90:7e:9c:96:dc:71:72:32:9c:fa:52:
4b:62:95:0a:33:77:76:bb:60:88:89:4a:5e:e8:71:76:b4:ef:
50:52:70:8f:c2:6d:09:8c:fe:99:00:f0:95:e2:fa:c4:63:cc:
40:d6:c7:c3:5c:ae:3b:6b:8c:d3:05:02:54:51:8d:4d:9b:bd:
98:a0:26:37:64:c7:15:ad:51:bc:b4:fe:5d:fc:89:38:e3:1f:
57:37:ea:b5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvL/WJ7/cM9KuS41cb2iMUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjMwMTAxMjExNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2EyODcwNWZjZjlkN2RlODU3MDYxZWRjMzkzYWYyZDhhMzZhZjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbj4JIYAe/7PoNA8kO79leMnNwQ/
LyUgsgyn/gpLds8wMjkBws6p824rUCp/tpkmWu1zZzEhcOptIfkuGRVwJMAWLmye
aiZCI/Esd20o4fUTPsRy3N+v2CTPx6XCStYZXrsTuveF+HVhuUGW+9ZQV2OpNNRj
noT5D773SCl7IMhs9WqbwL9pGSgPzZXFwYdk24vkB/fThOkLQ4sdVd2t91rH+Dwa
lXK+VCcIXX7fWcZtBD3PzIZFYwrCVqS0qF//7OxD7xLPubMC45apI3LpreHx72aw
bbOS4asU/N1XJ2tdNOiWNCJNqgJFPsHMuKWiwyaoJh5eNjNXVGoG16hgSwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNOihwX8+dfehXBh7cOTry2KNq+eMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvMDZLSEJmejUxOTZGY0dIdHc1T3ZMWW8ycjU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6qB/Dg
MA0GCSqGSIb3DQEBCwUAA4IBAQCkhawqbPxFXYP2fRTQGpir2uNhtl2kQ49Ka4WQ
g1BqygBfOXaie2oZIIu7umCa8ID94LD0oT1s4Uy30D57TaXrZvhhzWn6+xlI5Og2
sPI/CBJNVCo6UMRcHpMMw2vJ9ABhU8u32wWKx6jEwgykeL96+t+/14DhStgRps42
hPS4oOJ97QdwQA1GS+gHQQHf9vedAWqIfT74HRA2IyLaa5SLERFMDCQgtCUOkH6c
ltxxcjKc+lJLYpUKM3d2u2CIiUpe6HF2tO9QUnCPwm0JjP6ZAPCV4vrEY8xA1sfD
XK47a4zTBQJUUY1Nm72YoCY3ZMcVrVG8tP5d/Ik44x9XN+q1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:10 2024 by rpki-client on console-ams.rpki-client.org