Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/y2WD_lBPrT1cWE2fBhiQAB48-Dc.roa
File: y2WD_lBPrT1cWE2fBhiQAB48-Dc.roa (raw, json)
Hash identifier: vYcUuVsCLpzsCdFfnLU9V3RcWPVuSy1Af0xs24yc61o=
Subject key identifier: CB:65:83:FE:50:4F:AD:3D:5C:58:4D:9F:06:18:90:00:1E:3C:F8:37
Certificate issuer: /CN=6cc69c3d7030cec19f8fb66e543bde65595708a2
Certificate serial: 018D9F6E988552EB63147AA8A53834CD901B
Authority key identifier: 6C:C6:9C:3D:70:30:CE:C1:9F:8F:B6:6E:54:3B:DE:65:59:57:08:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bMacPXAwzsGfj7ZuVDveZVlXCKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/y2WD_lBPrT1cWE2fBhiQAB48-Dc.roa
Signing time: Mon 12 Feb 2024 22:27:21 +0000
ROA not before: Mon 12 Feb 2024 22:27:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204033
IP address blocks: 2a13:3d00::/29 maxlen: 29
2a13:3d00:abc::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 13 Feb 2024 15:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9f:6e:98:85:52:eb:63:14:7a:a8:a5:38:34:cd:90:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cc69c3d7030cec19f8fb66e543bde65595708a2
Validity
Not Before: Feb 12 22:27:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb6583fe504fad3d5c584d9f061890001e3cf837
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:94:56:ba:9b:b8:cb:a2:70:fe:d7:2b:31:78:
01:66:41:5e:15:5d:86:f1:e8:c5:46:42:4f:e4:1c:
d5:2f:ec:14:78:dd:56:ca:8f:94:c5:65:17:bb:21:
21:fe:a4:12:8d:e3:aa:16:09:0c:12:6a:8b:cf:3c:
b0:dd:6d:a0:61:0b:c2:1c:02:c1:60:39:c8:0e:c6:
e4:d4:87:70:2b:8f:10:4b:8b:eb:65:5f:75:5f:57:
fd:d4:2d:fe:d0:bf:17:37:47:f3:db:75:0d:54:38:
08:11:e1:a3:cb:3f:02:58:27:cf:fa:fc:45:8b:97:
9b:43:04:8e:f7:b3:b2:83:66:6d:95:f6:2a:ad:37:
7d:74:91:59:97:c7:55:f2:9a:c4:a9:0a:2b:24:5f:
3a:c9:95:a8:dc:df:9b:00:12:07:e9:ee:ef:05:b9:
d8:a4:80:08:7b:c9:cb:6f:f8:2e:7b:3e:cf:12:69:
4d:29:d2:2e:c7:ce:65:7a:83:8f:23:71:2c:e4:29:
52:a3:ef:46:32:97:c2:38:1c:af:88:01:5d:b8:7e:
ee:cd:d7:47:5b:aa:d6:8c:bd:67:5b:13:d8:ea:17:
d3:78:87:71:42:12:0e:48:12:64:62:03:79:7f:79:
33:77:84:fd:a7:54:b2:74:48:ac:a9:c5:a6:e9:3c:
c8:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:65:83:FE:50:4F:AD:3D:5C:58:4D:9F:06:18:90:00:1E:3C:F8:37
X509v3 Authority Key Identifier:
keyid:6C:C6:9C:3D:70:30:CE:C1:9F:8F:B6:6E:54:3B:DE:65:59:57:08:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bMacPXAwzsGfj7ZuVDveZVlXCKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/y2WD_lBPrT1cWE2fBhiQAB48-Dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/bMacPXAwzsGfj7ZuVDveZVlXCKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:3d00::/29
Signature Algorithm: sha256WithRSAEncryption
07:c5:f2:a8:19:e5:70:19:08:95:64:5c:b8:f3:4b:56:8e:2f:
11:21:82:d2:7e:5a:a2:02:8a:b6:86:b8:2f:3a:9a:7a:46:76:
a2:4d:4e:5f:c3:22:11:65:e7:9d:ab:dc:66:0c:fa:30:d3:53:
2f:7b:c6:8a:a7:87:fe:7a:8d:06:30:7c:0f:9a:9f:4a:c9:da:
5e:1b:a3:f6:a7:b2:a6:a7:c2:47:02:36:78:08:67:1f:b6:18:
41:6b:ce:6f:fe:3d:cf:49:61:0b:08:f7:c7:52:30:20:a9:6e:
c8:02:e7:9b:6d:d1:05:18:cc:cf:18:cb:f1:5d:c4:84:54:03:
45:04:9c:0c:fe:d1:9c:b6:28:fb:20:69:7f:12:d9:4b:82:c6:
78:ca:0d:2f:dc:cd:0d:ad:8a:7f:5d:07:b6:bd:c0:a7:23:2b:
a5:f4:d3:1c:18:61:f4:f6:f6:b3:fe:84:d5:7e:c8:c1:02:d5:
b1:d9:63:04:21:d7:20:dc:32:a2:4e:83:30:5c:ac:cb:f6:40:
92:eb:b2:96:b8:8f:8c:70:10:a1:3f:89:2f:cf:91:5b:d5:87:
66:f3:e2:23:28:22:0d:d0:83:29:7e:92:fa:18:12:0f:91:a0:
a6:13:f0:d9:58:38:df:d3:71:ec:cf:88:f6:be:d3:dc:81:6f:
35:43:2c:b1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY2fbpiFUutjFHqopTg0zZAbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYzY5YzNkNzAzMGNlYzE5ZjhmYjY2ZTU0M2JkZTY1NTk1
NzA4YTIwHhcNMjQwMjEyMjIyNzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjY1ODNmZTUwNGZhZDNkNWM1ODRkOWYwNjE4OTAwMDFlM2NmODM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZRWupu4y6Jw/tcrMXgBZkFeFV2G
8ejFRkJP5BzVL+wUeN1Wyo+UxWUXuyEh/qQSjeOqFgkMEmqLzzyw3W2gYQvCHALB
YDnIDsbk1IdwK48QS4vrZV91X1f91C3+0L8XN0fz23UNVDgIEeGjyz8CWCfP+vxF
i5ebQwSO97Oyg2ZtlfYqrTd9dJFZl8dV8prEqQorJF86yZWo3N+bABIH6e7vBbnY
pIAIe8nLb/guez7PEmlNKdIux85leoOPI3Es5ClSo+9GMpfCOByviAFduH7uzddH
W6rWjL1nWxPY6hfTeIdxQhIOSBJkYgN5f3kzd4T9p1SydEisqcWm6TzIBwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMtlg/5QT609XFhNnwYYkAAePPg3MB8GA1UdIwQY
MBaAFGzGnD1wMM7Bn4+2blQ73mVZVwiiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk1hY1BYQXd6c0dmajdadVZEdmVaVmxYQ0tJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85Y2E1OGUtOWUzMi00MjhmLTg0MTEt
MWFlYjZhNGU0NWFkLzEveTJXRF9sQlByVDFjV0UyZkJoaVFBQjQ4LURjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS85Y2E1OGUtOWUzMi00MjhmLTg0MTEtMWFlYjZhNGU0NWFk
LzEvYk1hY1BYQXd6c0dmajdadVZEdmVaVmxYQ0tJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhM9ADAN
BgkqhkiG9w0BAQsFAAOCAQEAB8XyqBnlcBkIlWRcuPNLVo4vESGC0n5aogKKtoa4
LzqaekZ2ok1OX8MiEWXnnavcZgz6MNNTL3vGiqeH/nqNBjB8D5qfSsnaXhuj9qey
pqfCRwI2eAhnH7YYQWvOb/49z0lhCwj3x1IwIKluyALnm23RBRjMzxjL8V3EhFQD
RQScDP7RnLYo+yBpfxLZS4LGeMoNL9zNDa2Kf10Htr3ApyMrpfTTHBhh9Pb2s/6E
1X7IwQLVsdljBCHXINwyok6DMFysy/ZAkuuylriPjHAQoT+JL8+RW9WHZvPiIygi
DdCDKX6S+hgSD5GgphPw2Vg439Nx7M+I9r7T3IFvNUMssQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:43 2024 by rpki-client on console-ams.rpki-client.org