Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/5m_RSboYlggwMcoiiEwbDN1cqEo.roa
File: 5m_RSboYlggwMcoiiEwbDN1cqEo.roa (raw, json)
Hash identifier: NY1FG0e1IPeYRO/xuVSUHoLqGwcAVg3ORG8t/cys5SM=
Subject key identifier: E6:6F:D1:49:BA:18:96:08:30:31:CA:22:88:4C:1B:0C:DD:5C:A8:4A
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 018572BA710CABF5930EAE95D8130D67A640
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/5m_RSboYlggwMcoiiEwbDN1cqEo.roa
Signing time: Mon 02 Jan 2023 13:44:59 +0000
ROA not before: Mon 02 Jan 2023 13:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 131668
IP address blocks: 2a0f:5707:ffa4::/46 maxlen: 48
2a0f:5707:fff2::/48 maxlen: 48
2a0f:5707:ffa0::/46 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:71:0c:ab:f5:93:0e:ae:95:d8:13:0d:67:a6:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Jan 2 13:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e66fd149ba1896083031ca22884c1b0cdd5ca84a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:3c:85:01:b0:a8:26:2b:5e:30:b2:9a:fb:e4:
f0:83:45:62:f9:ec:2f:c2:2a:9c:9b:c3:72:3f:c6:
74:c1:ea:0c:5f:b6:4a:6c:26:6c:e0:d2:af:ce:ab:
fc:58:b5:71:2d:0d:46:03:ee:1a:20:f7:dd:33:85:
15:f2:69:e9:50:ac:2b:74:f9:53:5e:f1:10:b1:50:
70:58:54:0d:1a:60:b8:d4:25:07:59:5f:6a:09:2a:
96:81:c8:29:8d:4c:1f:5d:af:9e:ad:9e:bc:1b:32:
94:dc:73:d9:8d:e9:ab:7b:b6:f8:42:d7:0e:5a:36:
a6:54:2c:35:8d:49:32:30:a3:44:d7:a7:d1:9e:5b:
fd:31:9f:98:db:42:ef:fc:72:c4:7d:2a:13:1a:4e:
b7:a1:d3:15:48:23:e0:f1:12:70:6d:ec:b6:39:3f:
34:40:0b:a9:54:4e:0a:6c:5b:47:0f:18:f2:2e:59:
72:3a:f5:82:4a:96:a9:bb:1d:13:5a:25:d5:90:d1:
37:de:6d:fd:e9:5e:f2:27:fd:26:7a:d0:6b:55:35:
60:89:27:ff:9a:b4:f2:0b:b5:40:f8:1b:2a:36:be:
20:95:b8:45:76:6e:79:7c:6e:b0:b3:81:9a:28:07:
59:f6:b5:47:27:87:66:cd:76:0a:19:80:ea:f0:a3:
8d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:6F:D1:49:BA:18:96:08:30:31:CA:22:88:4C:1B:0C:DD:5C:A8:4A
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/5m_RSboYlggwMcoiiEwbDN1cqEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5707:ffa0::/45
2a0f:5707:fff2::/48
Signature Algorithm: sha256WithRSAEncryption
ae:32:f2:31:e6:f9:c5:85:13:9d:ac:da:ab:14:f3:80:09:20:
d0:25:fd:0d:4e:c1:56:56:cd:0a:04:93:fd:3d:da:c0:45:6e:
f0:d1:a7:70:43:a9:b8:e4:bb:bb:43:f0:94:cc:80:8a:fd:04:
1b:d9:98:80:37:02:3e:66:31:88:b0:1f:16:a3:2e:6a:fb:31:
2c:a5:f0:de:b7:67:20:e8:dd:15:a5:1a:97:aa:5d:72:9f:2e:
24:b7:99:3a:55:e9:0a:2b:73:b5:4a:90:e2:6e:b9:4d:eb:78:
5c:c0:06:f2:13:d0:b1:18:e6:9b:96:fd:aa:35:e0:4a:71:76:
a1:c8:14:ed:fb:0f:bc:f1:4e:11:6d:81:da:cd:e5:e9:99:51:
0d:cc:b9:00:f7:52:37:f1:a9:f9:fc:a5:88:6e:35:e4:16:8b:
ee:c4:6e:96:05:fe:1e:73:11:e9:8b:08:1b:ba:51:ff:79:db:
f0:49:85:5c:5a:5a:e9:7b:43:77:4c:f2:d9:98:a2:cd:17:6a:
27:1b:78:1d:e5:84:1f:3b:fe:42:44:ec:0e:a2:69:57:7c:fc:
c3:7c:0f:12:58:9d:cc:ad:8b:41:a9:24:be:ca:0b:c4:e8:01:
bd:51:29:a2:90:54:a4:5a:5a:04:66:d1:6f:5d:bb:ad:00:c6:
e6:8d:5d:9d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyunEMq/WTDq6V2BMNZ6ZAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjMwMTAyMTM0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjZmZDE0OWJhMTg5NjA4MzAzMWNhMjI4ODRjMWIwY2RkNWNhODRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTyFAbCoJiteMLKa++Twg0Vi+ewv
wiqcm8NyP8Z0weoMX7ZKbCZs4NKvzqv8WLVxLQ1GA+4aIPfdM4UV8mnpUKwrdPlT
XvEQsVBwWFQNGmC41CUHWV9qCSqWgcgpjUwfXa+erZ68GzKU3HPZjemre7b4QtcO
WjamVCw1jUkyMKNE16fRnlv9MZ+Y20Lv/HLEfSoTGk63odMVSCPg8RJwbey2OT80
QAupVE4KbFtHDxjyLllyOvWCSpapux0TWiXVkNE33m396V7yJ/0metBrVTVgiSf/
mrTyC7VA+BsqNr4glbhFdm55fG6ws4GaKAdZ9rVHJ4dmzXYKGYDq8KONFwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOZv0Um6GJYIMDHKIohMGwzdXKhKMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvNW1fUlNib1lsZ2d3TWNvaWlFd2JETjFjcUVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcDKg9XB/+g
AwcAKg9XB//yMA0GCSqGSIb3DQEBCwUAA4IBAQCuMvIx5vnFhROdrNqrFPOACSDQ
Jf0NTsFWVs0KBJP9PdrARW7w0adwQ6m45Lu7Q/CUzICK/QQb2ZiANwI+ZjGIsB8W
oy5q+zEspfDet2cg6N0VpRqXql1yny4kt5k6VekKK3O1SpDibrlN63hcwAbyE9Cx
GOablv2qNeBKcXahyBTt+w+88U4RbYHazeXpmVENzLkA91I38an5/KWIbjXkFovu
xG6WBf4ecxHpiwgbulH/edvwSYVcWlrpe0N3TPLZmKLNF2onG3gd5YQfO/5CROwO
omlXfPzDfA8SWJ3MrYtBqSS+ygvE6AG9USmikFSkWloEZtFvXbutAMbmjV2d
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:59 2024 by rpki-client on console-fra.rpki-client.org