Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/R6GZw_5x0qDuKEWuxjLGnCUbFZE.roa
File: R6GZw_5x0qDuKEWuxjLGnCUbFZE.roa (raw, json)
Hash identifier: 0r3zEXKf4jYcQf21o4YUnEgkdA1hd/YjlYnIzbGUQNo=
Subject key identifier: 47:A1:99:C3:FE:71:D2:A0:EE:28:45:AE:C6:32:C6:9C:25:1B:15:91
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 018572BA84254495C52A335ECABEB7A7A7CA
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/R6GZw_5x0qDuKEWuxjLGnCUbFZE.roa
Signing time: Mon 02 Jan 2023 13:45:04 +0000
ROA not before: Mon 02 Jan 2023 13:45:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211579
IP address blocks: 2a0f:5707:24::/48 maxlen: 48
2a0f:5707:b120::/44 maxlen: 48
Validation: Failed, certificate revoked on Thu 16 Mar 2023 10:19:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:84:25:44:95:c5:2a:33:5e:ca:be:b7:a7:a7:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Jan 2 13:45:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47a199c3fe71d2a0ee2845aec632c69c251b1591
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c1:2e:b5:fb:48:19:da:e6:e7:6e:d4:08:a7:
e3:37:29:60:c6:90:27:72:62:00:2d:12:87:b3:13:
92:43:8a:eb:08:73:be:b1:44:90:03:f1:dd:75:bf:
01:17:2e:6f:96:2d:38:71:92:40:89:30:7a:04:6e:
c9:41:46:58:68:c7:33:f2:07:29:24:ab:44:b9:4e:
7f:8c:6a:3f:18:d4:4b:07:0e:8c:ca:51:6b:51:2f:
a3:92:3a:94:f2:f1:96:ff:42:fd:15:88:a8:40:2f:
b4:17:3f:a8:dc:15:7a:59:b1:f4:9e:1c:c4:16:c9:
6b:c1:23:53:76:3f:71:96:02:2a:3e:5f:15:d1:ee:
f1:4b:38:5f:7c:ee:54:bc:df:90:95:25:ca:dd:2d:
f8:79:5a:77:2c:d4:65:f8:24:30:c6:89:5e:88:31:
c3:e5:e2:7b:ce:1a:53:7f:97:09:af:8a:85:39:9b:
3b:e3:4c:b2:aa:be:b8:2a:a6:ed:ae:2e:0f:69:c1:
fe:de:bc:c7:1a:8a:a7:a2:b9:3b:90:12:fb:41:41:
db:58:2e:dc:6a:17:37:10:ce:6f:7b:77:5b:1a:e8:
51:e1:dd:37:3c:26:3a:36:e2:d0:9f:2e:83:fb:29:
72:54:7a:2b:c4:71:9a:09:07:8b:4e:6c:d2:47:89:
a0:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:A1:99:C3:FE:71:D2:A0:EE:28:45:AE:C6:32:C6:9C:25:1B:15:91
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/R6GZw_5x0qDuKEWuxjLGnCUbFZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5707:24::/48
2a0f:5707:b120::/44
Signature Algorithm: sha256WithRSAEncryption
29:71:53:c1:5c:69:54:08:41:99:eb:e1:0c:84:31:f2:d3:f9:
88:12:58:5a:e7:71:04:63:9c:c8:e0:80:d4:57:a8:a3:ff:94:
3f:01:25:99:df:e5:3d:b7:0c:bc:1b:2c:fb:b7:f8:10:e1:48:
6d:9e:e7:cf:1f:b0:12:85:e5:12:de:3c:e7:c1:aa:45:02:33:
d4:29:01:b6:37:6e:db:86:c8:c9:3d:20:06:dc:19:d4:eb:7e:
17:1f:16:ae:b5:cc:63:0e:4f:c3:09:bc:88:c5:36:83:9e:cc:
95:1c:2a:e7:89:a4:fc:99:50:ac:a6:40:d9:3e:1a:34:98:f4:
78:ae:71:3a:f3:1d:0a:60:05:19:a8:63:0f:62:bc:4d:dc:d4:
fb:73:9e:19:55:06:4c:51:6c:4f:ee:f1:be:4b:6f:02:4b:2f:
35:aa:31:16:82:24:2c:a7:da:73:22:0a:1b:e3:a9:ab:b1:28:
71:a7:8b:cd:95:85:cb:b3:1e:87:ab:ae:9c:9c:c5:f6:8c:ee:
d9:3a:3e:ac:6d:ca:f5:f2:dd:8b:8d:9f:34:49:9b:49:d8:38:
47:b8:c1:63:d9:ca:df:96:3b:6a:a4:46:c8:c7:4c:2e:2f:3b:
1f:e7:bb:ae:1b:88:05:07:80:f2:56:50:d7:20:c6:09:5b:3f:
d0:7e:d8:ad
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyuoQlRJXFKjNeyr63p6fKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjMwMTAyMTM0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2ExOTljM2ZlNzFkMmEwZWUyODQ1YWVjNjMyYzY5YzI1MWIxNTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMEutftIGdrm527UCKfjNylgxpAn
cmIALRKHsxOSQ4rrCHO+sUSQA/Hddb8BFy5vli04cZJAiTB6BG7JQUZYaMcz8gcp
JKtEuU5/jGo/GNRLBw6MylFrUS+jkjqU8vGW/0L9FYioQC+0Fz+o3BV6WbH0nhzE
FslrwSNTdj9xlgIqPl8V0e7xSzhffO5UvN+QlSXK3S34eVp3LNRl+CQwxoleiDHD
5eJ7zhpTf5cJr4qFOZs740yyqr64Kqbtri4PacH+3rzHGoqnork7kBL7QUHbWC7c
ahc3EM5ve3dbGuhR4d03PCY6NuLQny6D+ylyVHorxHGaCQeLTmzSR4mgPwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEehmcP+cdKg7ihFrsYyxpwlGxWRMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvUjZHWndfNXgwcUR1S0VXdXhqTEduQ1ViRlpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg9XBwAk
AwcEKg9XB7EgMA0GCSqGSIb3DQEBCwUAA4IBAQApcVPBXGlUCEGZ6+EMhDHy0/mI
Elha53EEY5zI4IDUV6ij/5Q/ASWZ3+U9twy8Gyz7t/gQ4UhtnufPH7ASheUS3jzn
wapFAjPUKQG2N27bhsjJPSAG3BnU634XHxautcxjDk/DCbyIxTaDnsyVHCrniaT8
mVCspkDZPho0mPR4rnE68x0KYAUZqGMPYrxN3NT7c54ZVQZMUWxP7vG+S28CSy81
qjEWgiQsp9pzIgob46mrsShxp4vNlYXLsx6Hq66cnMX2jO7ZOj6sbcr18t2LjZ80
SZtJ2DhHuMFj2crfljtqpEbIx0wuLzsf57uuG4gFB4DyVlDXIMYJWz/Qftit
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:22 2024 by rpki-client on console-ams.rpki-client.org