Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/bNyBH8z3jj95yp0i0BaAFlKYAdc.roa
File: bNyBH8z3jj95yp0i0BaAFlKYAdc.roa (raw, json)
Hash identifier: DFS282GnibGfdcg8GWRWJSnUoprtXD71ioW0A54y4w8=
Subject key identifier: 6C:DC:81:1F:CC:F7:8E:3F:79:CA:9D:22:D0:16:80:16:52:98:01:D7
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 018572BA7FE39B2FAE5C08C3149A2113C6FB
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/bNyBH8z3jj95yp0i0BaAFlKYAdc.roa
Signing time: Mon 02 Jan 2023 13:45:02 +0000
ROA not before: Mon 02 Jan 2023 13:45:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210023
IP address blocks: 2a0f:5707:29::/48 maxlen: 48
2a0f:5707:b140::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:7f:e3:9b:2f:ae:5c:08:c3:14:9a:21:13:c6:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Jan 2 13:45:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6cdc811fccf78e3f79ca9d22d0168016529801d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:22:9a:52:f0:49:3d:bf:43:43:b8:b8:4b:dd:
51:50:0c:df:c7:d6:dd:63:6c:48:53:c6:78:42:06:
1a:dd:8c:af:5f:af:fe:6b:cf:59:56:72:25:af:ba:
58:55:d8:35:78:81:ae:a1:63:52:cd:bf:04:b2:0e:
07:04:b7:5c:3f:ad:2d:dc:2a:c0:06:e6:f5:d6:47:
89:24:87:d6:c8:8f:3b:4d:c5:3c:d7:33:4c:22:9a:
23:88:ee:fa:19:a4:a8:6f:66:8b:91:9b:97:7c:66:
45:b1:c5:62:64:5e:e9:ce:f4:97:01:a0:06:88:25:
86:0e:3a:20:e0:1e:72:87:a3:fc:9c:7d:6a:53:ef:
c6:85:20:c6:b3:39:51:fd:b4:63:89:99:7a:3d:3e:
67:75:a8:3f:ce:10:f5:50:b0:04:06:51:7f:f5:4c:
30:e7:ce:03:15:d0:94:cc:79:58:18:64:30:f3:4e:
d5:c4:66:89:88:a8:b9:59:bb:0e:21:75:ec:4b:6d:
b9:b4:5a:1c:06:69:d5:2b:55:9f:a5:66:2b:84:b8:
e3:4d:5e:f3:22:19:ba:04:c2:90:78:9f:22:ed:14:
ad:d0:94:bd:b3:59:84:c2:a0:87:a3:7f:3a:a3:44:
f1:6c:4f:84:0b:10:9f:a5:dc:4c:a2:81:ce:b0:8d:
66:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:DC:81:1F:CC:F7:8E:3F:79:CA:9D:22:D0:16:80:16:52:98:01:D7
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/bNyBH8z3jj95yp0i0BaAFlKYAdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5707:29::/48
2a0f:5707:b140::/44
Signature Algorithm: sha256WithRSAEncryption
17:26:89:e9:27:0a:00:39:44:61:f9:5c:fd:a2:99:8a:c5:13:
0c:7d:65:6a:6d:2c:84:8b:56:8d:c3:fb:0b:40:5e:4a:12:19:
72:37:8a:e1:d6:5b:3d:11:6a:dc:02:00:68:ac:9e:59:1a:f3:
d5:a8:ee:9f:e0:b2:7d:ff:1f:12:54:7c:56:2a:05:86:9c:63:
f0:f6:4a:a9:fd:4c:c5:91:80:6a:d1:b5:a8:0f:cd:fc:b4:92:
f3:42:96:3b:40:82:af:ac:ca:47:9d:51:54:d6:a5:d1:20:a3:
c8:19:33:8a:95:b8:a4:1b:0e:aa:ff:35:5f:8e:53:56:70:81:
15:cc:3f:9c:49:aa:09:28:8e:c6:73:01:6b:d9:98:f2:bb:d2:
bd:29:7b:d5:09:16:08:75:7e:91:b0:34:f8:ab:bd:3c:25:05:
5e:45:01:75:26:ed:10:ad:39:54:71:e5:ea:0a:1c:37:53:2f:
a0:65:80:dd:ba:85:5d:be:d3:8b:fe:a8:35:e4:84:d7:6e:9c:
ab:0d:bf:83:c7:36:b0:0c:5e:40:7c:bc:6b:40:01:23:1a:bb:
a5:86:72:c7:5f:cd:b4:96:5f:95:b8:98:8b:2b:6b:20:d1:84:
ef:f6:5b:f7:54:eb:91:b8:12:f8:7d:c3:32:c0:f6:c6:86:f2:
f0:3a:78:93
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyun/jmy+uXAjDFJohE8b7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjMwMTAyMTM0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2RjODExZmNjZjc4ZTNmNzljYTlkMjJkMDE2ODAxNjUyOTgwMWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCKaUvBJPb9DQ7i4S91RUAzfx9bd
Y2xIU8Z4QgYa3YyvX6/+a89ZVnIlr7pYVdg1eIGuoWNSzb8Esg4HBLdcP60t3CrA
Bub11keJJIfWyI87TcU81zNMIpojiO76GaSob2aLkZuXfGZFscViZF7pzvSXAaAG
iCWGDjog4B5yh6P8nH1qU+/GhSDGszlR/bRjiZl6PT5ndag/zhD1ULAEBlF/9Uww
584DFdCUzHlYGGQw807VxGaJiKi5WbsOIXXsS225tFocBmnVK1WfpWYrhLjjTV7z
Ihm6BMKQeJ8i7RSt0JS9s1mEwqCHo386o0TxbE+ECxCfpdxMooHOsI1m0QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGzcgR/M944/ecqdItAWgBZSmAHXMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvYk55Qkg4ejNqajk1eXAwaTBCYUFGbEtZQWRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg9XBwAp
AwcEKg9XB7FAMA0GCSqGSIb3DQEBCwUAA4IBAQAXJonpJwoAOURh+Vz9opmKxRMM
fWVqbSyEi1aNw/sLQF5KEhlyN4rh1ls9EWrcAgBorJ5ZGvPVqO6f4LJ9/x8SVHxW
KgWGnGPw9kqp/UzFkYBq0bWoD838tJLzQpY7QIKvrMpHnVFU1qXRIKPIGTOKlbik
Gw6q/zVfjlNWcIEVzD+cSaoJKI7GcwFr2Zjyu9K9KXvVCRYIdX6RsDT4q708JQVe
RQF1Ju0QrTlUceXqChw3Uy+gZYDduoVdvtOL/qg15ITXbpyrDb+DxzawDF5AfLxr
QAEjGrulhnLHX820ll+VuJiLK2sg0YTv9lv3VOuRuBL4fcMywPbGhvLwOniT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:22 2024 by rpki-client on console-ams.rpki-client.org