Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/DtG6FkdfNlemrFE3q68cVo0r8UM.roa
File: DtG6FkdfNlemrFE3q68cVo0r8UM.roa (raw, json)
Hash identifier: 09XlHHnfHRlGSqCphDUYZK4zm6iXdHZT5bGNGLhJu4k=
Subject key identifier: 0E:D1:BA:16:47:5F:36:57:A6:AC:51:37:AB:AF:1C:56:8D:2B:F1:43
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 018CC2DB01AB13B3A87277C94DEF468A067E
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/DtG6FkdfNlemrFE3q68cVo0r8UM.roa
Signing time: Mon 01 Jan 2024 02:29:41 +0000
ROA not before: Mon 01 Jan 2024 02:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206215
IP address blocks: 2a0f:5707:aa50::/44 maxlen: 44
Validation: Failed, certificate revoked on Thu 25 Jul 2024 07:21:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:01:ab:13:b3:a8:72:77:c9:4d:ef:46:8a:06:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Jan 1 02:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ed1ba16475f3657a6ac5137abaf1c568d2bf143
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:0c:8d:39:0d:61:db:2b:43:0e:03:48:89:07:
e4:8c:69:b4:85:31:a3:49:b6:39:80:85:b9:01:30:
e8:3f:73:dc:24:4b:e8:bd:6a:04:4b:65:32:2f:a2:
69:08:1c:8b:03:b3:36:ac:91:ff:08:29:22:ea:4a:
c3:29:35:ef:8d:4f:13:86:40:c6:97:72:5e:16:dd:
41:08:f1:38:f8:f3:5f:c3:95:ee:0d:21:51:fd:d3:
71:ac:41:21:e2:f0:cd:0f:a8:46:7f:31:41:63:e0:
9d:2f:83:d1:94:bb:aa:ab:76:1a:d7:b2:87:9d:eb:
3d:de:a1:7b:54:03:a2:dd:c9:8a:d7:87:2c:f6:77:
a2:94:3c:89:7c:60:53:ea:c2:6a:7e:36:64:5b:ef:
6f:30:43:f9:9e:93:c5:23:1a:09:95:c5:e7:60:9f:
55:77:b8:43:dd:e9:db:ce:7b:44:91:05:e1:b4:36:
e8:07:7f:f8:53:50:0a:03:5d:6a:98:e8:1c:d3:ec:
7d:09:e0:eb:46:55:0a:f7:e9:91:d4:0d:cd:28:95:
4a:41:16:e9:b0:8b:d9:4f:94:2b:49:26:2d:9f:0f:
cd:9c:69:f7:e3:76:4d:3b:3c:ec:48:c8:07:6a:2b:
db:89:85:b4:63:f3:11:14:84:e5:9a:3d:98:06:69:
9a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:D1:BA:16:47:5F:36:57:A6:AC:51:37:AB:AF:1C:56:8D:2B:F1:43
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/DtG6FkdfNlemrFE3q68cVo0r8UM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5707:aa50::/44
Signature Algorithm: sha256WithRSAEncryption
18:5a:c0:99:30:8d:81:fc:73:b9:d0:6e:8b:e6:cd:01:bf:d7:
12:91:c2:85:db:35:a5:3d:17:23:8f:d0:4b:f6:51:3c:08:d6:
1f:6b:f7:ae:53:ce:c2:b3:4f:2f:8c:bc:4b:c2:6a:27:21:52:
76:5b:12:51:61:1c:9f:df:a0:b7:26:94:dc:f5:a1:e5:e0:4e:
83:ec:e9:a3:11:2f:2d:78:4e:f0:3a:f5:29:52:cc:c5:6c:ea:
82:94:44:c0:2a:ef:25:c2:9e:66:d2:c5:02:05:d6:c4:cf:44:
b8:50:2e:14:72:b3:7b:c6:96:b7:e4:51:ea:3f:90:70:31:1c:
20:28:ed:cd:62:ce:19:cc:c6:06:5d:47:12:68:d1:bf:2d:df:
22:d2:aa:0e:32:b8:6d:cd:92:2a:d4:03:d9:28:f4:17:5f:00:
f8:d0:cf:a3:e3:3f:f9:3b:c8:c1:e7:8b:9a:3d:c6:35:3e:ee:
84:25:e9:c3:17:8e:3c:a8:cb:1c:7d:97:c1:a9:50:a8:0c:ec:
e4:41:91:0a:04:6f:30:3f:31:68:f5:cd:d7:5c:60:f1:5a:d4:
f4:c8:eb:e2:26:56:51:1d:ed:45:f3:0f:04:00:79:c9:f0:8e:
fc:f7:6b:1d:c5:1a:ce:f9:5f:eb:09:39:1f:ff:eb:60:dc:b1:
47:12:e1:48
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzC2wGrE7OocnfJTe9GigZ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjQwMTAxMDIyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWQxYmExNjQ3NWYzNjU3YTZhYzUxMzdhYmFmMWM1NjhkMmJmMTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQyNOQ1h2ytDDgNIiQfkjGm0hTGj
SbY5gIW5ATDoP3PcJEvovWoES2UyL6JpCByLA7M2rJH/CCki6krDKTXvjU8ThkDG
l3JeFt1BCPE4+PNfw5XuDSFR/dNxrEEh4vDND6hGfzFBY+CdL4PRlLuqq3Ya17KH
nes93qF7VAOi3cmK14cs9neilDyJfGBT6sJqfjZkW+9vMEP5npPFIxoJlcXnYJ9V
d7hD3enbzntEkQXhtDboB3/4U1AKA11qmOgc0+x9CeDrRlUK9+mR1A3NKJVKQRbp
sIvZT5QrSSYtnw/NnGn343ZNOzzsSMgHaivbiYW0Y/MRFITlmj2YBmmalwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFA7RuhZHXzZXpqxRN6uvHFaNK/FDMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvRHRHNkZrZGZObGVtckZFM3E2OGNWbzByOFVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg9XB6pQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAYWsCZMI2B/HO50G6L5s0Bv9cSkcKF2zWlPRcj
j9BL9lE8CNYfa/euU87Cs08vjLxLwmonIVJ2WxJRYRyf36C3JpTc9aHl4E6D7Omj
ES8teE7wOvUpUszFbOqClETAKu8lwp5m0sUCBdbEz0S4UC4UcrN7xpa35FHqP5Bw
MRwgKO3NYs4ZzMYGXUcSaNG/Ld8i0qoOMrhtzZIq1APZKPQXXwD40M+j4z/5O8jB
54uaPcY1Pu6EJenDF448qMscfZfBqVCoDOzkQZEKBG8wPzFo9c3XXGDxWtT0yOvi
JlZRHe1F8w8EAHnJ8I7892sdxRrO+V/rCTkf/+tg3LFHEuFI
-----END CERTIFICATE-----
Generated at Thu Jul 25 09:27:18 2024 by rpki-client on console-ams.rpki-client.org