Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/5kQnmJM_q323pB1S8awEka_5yhs.roa
File: 5kQnmJM_q323pB1S8awEka_5yhs.roa (raw, json)
Hash identifier: EjztDHf11lb6ufsijgON50265HyNPs5ipdDIOvpYDUw=
Subject key identifier: E6:44:27:98:93:3F:AB:7D:B7:A4:1D:52:F1:AC:04:91:AF:F9:CA:1B
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 018572BA83B284CA696A63998183C4283A96
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/5kQnmJM_q323pB1S8awEka_5yhs.roa
Signing time: Mon 02 Jan 2023 13:45:04 +0000
ROA not before: Mon 02 Jan 2023 13:45:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211301
IP address blocks: 2a0f:5707:aaf0::/44 maxlen: 48
2a0f:5707:aa60::/44 maxlen: 48
2a0f:5707:25::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:83:b2:84:ca:69:6a:63:99:81:83:c4:28:3a:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Jan 2 13:45:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6442798933fab7db7a41d52f1ac0491aff9ca1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:2c:5e:98:bb:9b:26:8a:62:76:f5:52:9e:b1:
ae:ed:4a:42:e7:b5:08:d3:56:ac:f5:04:23:65:1a:
0e:76:39:48:fc:97:a9:df:cb:a1:d4:dd:44:1b:ed:
f9:f0:bd:89:68:bd:ea:1a:d1:a8:5b:b0:c2:2a:31:
cc:72:19:9a:d1:12:c3:f5:33:3d:15:a8:6e:3f:22:
10:68:21:a1:b4:e3:04:a7:89:62:b2:e2:f6:0a:d4:
3a:89:bf:dc:64:87:d7:86:34:ef:1e:86:b7:aa:ed:
dc:d9:60:62:72:29:b2:28:0f:cb:9d:65:16:be:1a:
4d:a0:83:be:a0:1c:68:2e:82:1d:f7:55:12:b6:81:
b0:36:a6:32:3b:08:49:8e:9f:7d:5c:e2:f3:42:c0:
f0:07:d5:2f:c7:0a:14:eb:e2:9e:e4:6a:07:e9:af:
6c:7b:a3:6e:9a:ee:35:66:f9:b8:88:b0:81:22:5d:
c7:90:b7:aa:a5:5b:ab:4d:3a:1d:c9:0a:8e:09:ef:
f4:21:06:8d:cd:57:31:a0:c3:e5:cb:c9:39:5c:29:
24:03:de:11:af:fd:6c:59:3b:6b:18:5d:6c:45:f7:
d4:f3:12:36:cf:a9:0e:33:97:2d:a0:82:f2:d4:bc:
d7:8a:4b:ee:a8:8b:96:8d:46:7b:1b:c8:21:65:93:
ff:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:44:27:98:93:3F:AB:7D:B7:A4:1D:52:F1:AC:04:91:AF:F9:CA:1B
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/5kQnmJM_q323pB1S8awEka_5yhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5707:25::/48
2a0f:5707:aa60::/44
2a0f:5707:aaf0::/44
Signature Algorithm: sha256WithRSAEncryption
91:2d:56:b1:4e:97:51:59:95:b1:00:5d:a6:c8:14:63:0d:7e:
71:fe:7e:0c:b0:1c:2d:31:9d:87:28:a0:a9:de:70:12:72:65:
58:5a:f7:06:46:6e:f0:fc:57:5b:cb:95:28:f6:4c:06:18:70:
43:dc:51:90:8c:41:b8:82:1d:31:96:7e:6d:47:95:2a:62:d3:
d0:0a:ca:58:df:54:cf:fe:09:b7:f4:36:7e:01:ef:28:09:fa:
3a:ac:74:32:49:d9:db:5f:3c:f4:c9:6d:84:f3:3b:a0:4a:93:
e6:27:1f:01:7d:65:79:75:bf:38:9e:2f:bb:6d:31:91:2d:9c:
85:22:75:54:37:99:3d:5b:ae:fa:ec:e5:45:f1:53:9f:e5:c0:
a2:25:55:f9:e7:e4:05:54:3c:70:ba:c1:ae:7e:93:29:4d:a8:
60:11:cb:66:11:cd:3e:1c:e6:81:99:57:c4:d5:61:b7:79:64:
bc:a4:fc:46:d4:fc:d8:21:84:dc:b3:25:92:f6:2f:98:64:db:
c4:e5:66:bc:89:65:56:c8:24:46:94:6d:ff:02:29:09:2b:58:
ab:49:a7:a9:66:cf:23:b1:d9:45:46:d1:83:bf:65:d0:45:97:
e7:65:14:70:83:06:28:77:7d:ac:a5:44:3b:93:70:c9:f8:eb:
8c:e4:ae:98
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVyuoOyhMppamOZgYPEKDqWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjMwMTAyMTM0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjQ0Mjc5ODkzM2ZhYjdkYjdhNDFkNTJmMWFjMDQ5MWFmZjljYTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSxemLubJopidvVSnrGu7UpC57UI
01as9QQjZRoOdjlI/Jep38uh1N1EG+358L2JaL3qGtGoW7DCKjHMchma0RLD9TM9
FahuPyIQaCGhtOMEp4lisuL2CtQ6ib/cZIfXhjTvHoa3qu3c2WBicimyKA/LnWUW
vhpNoIO+oBxoLoId91UStoGwNqYyOwhJjp99XOLzQsDwB9UvxwoU6+Ke5GoH6a9s
e6Numu41Zvm4iLCBIl3HkLeqpVurTTodyQqOCe/0IQaNzVcxoMPly8k5XCkkA94R
r/1sWTtrGF1sRffU8xI2z6kOM5ctoILy1LzXikvuqIuWjUZ7G8ghZZP/3wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOZEJ5iTP6t9t6QdUvGsBJGv+cobMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvNWtRbm1KTV9xMzIzcEIxUzhhd0VrYV81eWhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKg9XBwAl
AwcEKg9XB6pgAwcEKg9XB6rwMA0GCSqGSIb3DQEBCwUAA4IBAQCRLVaxTpdRWZWx
AF2myBRjDX5x/n4MsBwtMZ2HKKCp3nAScmVYWvcGRm7w/Fdby5Uo9kwGGHBD3FGQ
jEG4gh0xln5tR5UqYtPQCspY31TP/gm39DZ+Ae8oCfo6rHQySdnbXzz0yW2E8zug
SpPmJx8BfWV5db84ni+7bTGRLZyFInVUN5k9W6767OVF8VOf5cCiJVX55+QFVDxw
usGufpMpTahgEctmEc0+HOaBmVfE1WG3eWS8pPxG1PzYIYTcsyWS9i+YZNvE5Wa8
iWVWyCRGlG3/AikJK1irSaepZs8jsdlFRtGDv2XQRZfnZRRwgwYod32spUQ7k3DJ
+OuM5K6Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:22 2024 by rpki-client on console-ams.rpki-client.org