Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/e106c3-0b1f-4010-86f1-65a46c8e41e9/1/C2yRu6Mr12rlCymlZBnEcTI4PTQ.roa
File: C2yRu6Mr12rlCymlZBnEcTI4PTQ.roa (raw, json)
Hash identifier: 5OnXsxblzLy44DmRBXUTe5wQCqfC0BzJFe59wbmXdl0=
Subject key identifier: 0B:6C:91:BB:A3:2B:D7:6A:E5:0B:29:A5:64:19:C4:71:32:38:3D:34
Certificate issuer: /CN=3d0483538737453e2f57ffb57499c3922e83636d
Certificate serial: 018C168BAC88F50AD1B8B9043DDA5EF3AD7C
Authority key identifier: 3D:04:83:53:87:37:45:3E:2F:57:FF:B5:74:99:C3:92:2E:83:63:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PQSDU4c3RT4vV_-1dJnDki6DY20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/e106c3-0b1f-4010-86f1-65a46c8e41e9/1/C2yRu6Mr12rlCymlZBnEcTI4PTQ.roa
Signing time: Tue 28 Nov 2023 15:28:21 +0000
ROA not before: Tue 28 Nov 2023 15:28:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200482
IP address blocks: 2a07:6d40:2::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:16:8b:ac:88:f5:0a:d1:b8:b9:04:3d:da:5e:f3:ad:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d0483538737453e2f57ffb57499c3922e83636d
Validity
Not Before: Nov 28 15:28:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b6c91bba32bd76ae50b29a56419c47132383d34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3a:14:ff:69:88:b1:ca:e8:fb:ad:3c:7e:c6:
79:97:25:ed:d6:da:ef:ce:63:8c:1f:79:17:2f:e1:
f5:47:ed:a6:21:fd:42:e6:7f:44:90:51:b4:24:cf:
16:d7:38:90:06:3e:6b:86:37:18:ee:20:a5:e7:6e:
7b:75:e2:5e:83:1c:3f:b9:a3:ed:a0:97:8c:4e:9d:
4c:0c:50:22:bf:4c:bf:88:dd:99:50:cf:ef:12:d1:
25:11:65:af:48:71:7e:98:25:81:6c:d3:68:f0:7b:
48:05:d4:ed:2a:ad:b5:6c:7e:8c:c5:b6:d2:b2:bf:
f9:91:bf:16:21:df:6e:b3:b2:42:bf:d8:fa:6c:d7:
1b:35:fd:e9:35:72:1c:0d:b3:eb:aa:ef:6a:4e:29:
8c:07:20:78:d4:7c:6f:fc:c0:be:4d:36:4a:e9:ec:
80:33:ae:76:3f:a8:60:80:dd:59:af:01:fb:6e:ae:
ee:0f:9a:c2:ef:34:7d:8e:07:ff:d3:ba:ae:94:db:
b9:b1:46:c3:42:a3:72:14:0d:18:49:08:2a:d1:af:
67:8e:dd:25:cd:ae:79:05:27:09:28:2c:62:7f:39:
e9:ee:6d:e3:6a:d4:df:78:27:5d:4c:0f:41:26:86:
54:b8:41:2d:51:68:f5:8b:8f:99:d6:79:0c:a6:17:
38:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:6C:91:BB:A3:2B:D7:6A:E5:0B:29:A5:64:19:C4:71:32:38:3D:34
X509v3 Authority Key Identifier:
keyid:3D:04:83:53:87:37:45:3E:2F:57:FF:B5:74:99:C3:92:2E:83:63:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PQSDU4c3RT4vV_-1dJnDki6DY20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/e106c3-0b1f-4010-86f1-65a46c8e41e9/1/C2yRu6Mr12rlCymlZBnEcTI4PTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/e106c3-0b1f-4010-86f1-65a46c8e41e9/1/PQSDU4c3RT4vV_-1dJnDki6DY20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:6d40:2::/48
Signature Algorithm: sha256WithRSAEncryption
79:87:dc:31:d2:f4:9d:93:f4:ff:19:e0:82:6a:63:61:cb:8f:
e4:0d:23:53:a8:41:73:96:50:85:c4:f5:55:43:dd:39:fd:5b:
47:a2:15:d7:9a:5f:99:4f:f1:08:1d:0b:84:0f:80:b9:c5:2d:
1b:11:71:40:e3:99:1a:0f:e6:29:6d:ea:7a:4c:24:37:72:29:
26:93:ce:06:5e:09:e2:19:a6:3f:08:e1:f2:43:15:d3:01:59:
c3:35:37:16:ac:49:ca:c2:0c:bf:ad:5a:7b:4b:46:fa:c0:af:
cc:78:85:d6:6c:e5:dd:21:b4:d1:45:d3:be:6f:42:d6:1d:cd:
37:00:a6:62:ce:19:ce:80:42:1a:68:37:a5:09:a9:57:10:a4:
5a:a6:35:44:8a:a0:ba:44:e5:a9:9d:2e:29:48:57:c8:bc:57:
8b:c0:ea:69:be:34:a9:3a:5a:41:1f:ff:dc:65:af:a6:c0:22:
d7:5d:3a:e3:3d:4f:d9:ec:ed:89:4c:02:52:af:10:98:ff:5c:
48:05:95:f3:35:9c:11:27:38:17:15:67:91:bd:8d:15:ed:e3:
9f:93:cf:3c:4b:41:0b:ab:93:0a:4a:a9:9e:fa:12:f0:1b:13:
3a:92:ce:e2:07:82:ae:75:b0:57:a9:cc:fd:aa:15:bc:fa:e9:
1a:a5:ba:e7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYwWi6yI9QrRuLkEPdpe8618MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMDQ4MzUzODczNzQ1M2UyZjU3ZmZiNTc0OTljMzkyMmU4
MzYzNmQwHhcNMjMxMTI4MTUyODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjZjOTFiYmEzMmJkNzZhZTUwYjI5YTU2NDE5YzQ3MTMyMzgzZDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzoU/2mIscro+608fsZ5lyXt1trv
zmOMH3kXL+H1R+2mIf1C5n9EkFG0JM8W1ziQBj5rhjcY7iCl5257deJegxw/uaPt
oJeMTp1MDFAiv0y/iN2ZUM/vEtElEWWvSHF+mCWBbNNo8HtIBdTtKq21bH6MxbbS
sr/5kb8WId9us7JCv9j6bNcbNf3pNXIcDbPrqu9qTimMByB41Hxv/MC+TTZK6eyA
M652P6hggN1ZrwH7bq7uD5rC7zR9jgf/07qulNu5sUbDQqNyFA0YSQgq0a9njt0l
za55BScJKCxifznp7m3jatTfeCddTA9BJoZUuEEtUWj1i4+Z1nkMphc4CQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAtskbujK9dq5QsppWQZxHEyOD00MB8GA1UdIwQY
MBaAFD0Eg1OHN0U+L1f/tXSZw5Iug2NtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFFTRFU0YzNSVDR2Vl8tMWRKbkRraTZEWTIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9lMTA2YzMtMGIxZi00MDEwLTg2ZjEt
NjVhNDZjOGU0MWU5LzEvQzJ5UnU2TXIxMnJsQ3ltbFpCbkVjVEk0UFRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9lMTA2YzMtMGIxZi00MDEwLTg2ZjEtNjVhNDZjOGU0MWU5
LzEvUFFTRFU0YzNSVDR2Vl8tMWRKbkRraTZEWTIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdtQAAC
MA0GCSqGSIb3DQEBCwUAA4IBAQB5h9wx0vSdk/T/GeCCamNhy4/kDSNTqEFzllCF
xPVVQ905/VtHohXXml+ZT/EIHQuED4C5xS0bEXFA45kaD+Ypbep6TCQ3cikmk84G
XgniGaY/COHyQxXTAVnDNTcWrEnKwgy/rVp7S0b6wK/MeIXWbOXdIbTRRdO+b0LW
Hc03AKZizhnOgEIaaDelCalXEKRapjVEiqC6ROWpnS4pSFfIvFeLwOppvjSpOlpB
H//cZa+mwCLXXTrjPU/Z7O2JTAJSrxCY/1xIBZXzNZwRJzgXFWeRvY0V7eOfk888
S0ELq5MKSqme+hLwGxM6ks7iB4KudbBXqcz9qhW8+ukapbrn
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:37:18 2024 by rpki-client on console-fra.rpki-client.org