Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/4gX5Ikw-VkDr1sqOn7BYLwCW7Cg.roa
File: 4gX5Ikw-VkDr1sqOn7BYLwCW7Cg.roa (raw, json)
Hash identifier: DdDHO9MZ3zdz8R1JRSEoNE23rYICoREv5HrhUbfOSII=
Subject key identifier: E2:05:F9:22:4C:3E:56:40:EB:D6:CA:8E:9F:B0:58:2F:00:96:EC:28
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01856C540671F70F196085D0836B89C27E16
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/4gX5Ikw-VkDr1sqOn7BYLwCW7Cg.roa
Signing time: Sun 01 Jan 2023 07:55:24 +0000
ROA not before: Sun 01 Jan 2023 07:55:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136620
IP address blocks: 2a06:82c2:2::/48 maxlen: 48
2a06:82c2:d::/48 maxlen: 48
2a06:82c2:f::/48 maxlen: 48
2a06:82c2:e::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:54:06:71:f7:0f:19:60:85:d0:83:6b:89:c2:7e:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 07:55:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e205f9224c3e5640ebd6ca8e9fb0582f0096ec28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b9:c5:51:b7:78:9b:56:85:94:0a:cf:e0:15:
ac:cc:d8:2d:56:46:3c:9d:b9:d5:bc:01:2b:e1:a0:
4c:b1:6c:0d:19:65:0b:82:b7:9c:91:c9:a6:07:1c:
68:23:f0:44:0f:1b:fc:96:ee:ec:48:f3:98:e0:a3:
73:e6:13:67:b9:60:a4:f5:60:4e:86:e4:e9:46:81:
d7:9d:ca:0e:e6:68:5f:c4:6a:31:f2:9a:75:73:b2:
78:db:fb:cd:54:06:07:3c:c7:22:7f:33:26:22:0c:
8a:6f:ca:26:4b:d1:67:b3:e0:88:c2:1a:92:4e:2d:
15:ec:9b:a4:e4:e5:d9:0f:dd:2d:df:11:bc:e4:21:
bd:1e:40:bc:77:d9:8b:02:1a:b6:ee:74:83:b9:e4:
3f:9e:58:71:7f:41:f9:82:77:0a:f4:f9:af:2e:2d:
43:99:a7:e6:8b:76:47:59:6d:b7:14:f4:92:0a:12:
0e:ed:a0:6e:de:b2:79:74:d3:da:51:a1:1c:34:62:
23:2f:19:90:54:8b:ba:92:e0:4e:3d:7c:82:ff:fd:
95:d5:90:40:22:0b:eb:89:7b:c3:8f:cb:8f:63:b6:
c5:97:8d:1f:77:8b:69:0e:67:18:be:31:90:de:13:
0d:42:d9:3b:7a:40:2e:83:53:35:a5:27:03:a2:75:
50:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:05:F9:22:4C:3E:56:40:EB:D6:CA:8E:9F:B0:58:2F:00:96:EC:28
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/4gX5Ikw-VkDr1sqOn7BYLwCW7Cg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:82c2:2::/48
2a06:82c2:d::-2a06:82c2:f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6d:33:46:2a:52:39:88:d4:d0:83:67:e5:8b:eb:a2:ad:cb:3a:
ab:11:35:63:ec:21:0a:1b:f4:19:44:8a:a3:34:60:7e:88:03:
e9:86:fe:6f:e9:6f:df:e0:d9:b0:a2:db:f2:f8:5d:4c:0f:dc:
f3:04:73:92:5a:51:d7:35:c4:b2:0a:44:0b:e6:e4:f2:cd:46:
5d:e7:58:76:20:fc:9b:4b:b7:0a:eb:fa:8b:3a:bd:d5:20:ea:
d8:7d:a1:a3:7e:a8:90:bf:d5:55:32:18:c5:bf:2f:68:58:e1:
b4:81:ba:60:35:64:ac:5d:c3:3a:1c:28:41:75:c1:c2:39:d4:
40:99:5d:21:1b:df:65:fb:31:88:24:58:01:3c:18:2c:36:4a:
a8:24:e4:27:37:7d:f5:45:81:61:af:55:49:d7:df:a1:76:10:
03:91:b3:22:88:8a:90:b3:3a:8c:85:70:54:c7:83:13:df:e5:
e2:9c:4d:f8:97:90:51:0b:ae:f9:f6:ef:1b:26:09:d2:3a:8a:
0c:17:84:3e:40:12:09:f6:30:36:7e:1d:6f:76:ff:b6:12:19:
88:d7:44:4c:ad:a2:9a:dd:ef:0b:84:2b:6c:4b:f9:3b:c9:07:
70:3d:db:5c:80:4c:2f:5d:bd:87:bb:f7:f9:8b:ed:c0:d4:e8:
6f:52:e4:07
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVsVAZx9w8ZYIXQg2uJwn4WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjA1ZjkyMjRjM2U1NjQwZWJkNmNhOGU5ZmIwNTgyZjAwOTZlYzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA37nFUbd4m1aFlArP4BWszNgtVkY8
nbnVvAEr4aBMsWwNGWULgreckcmmBxxoI/BEDxv8lu7sSPOY4KNz5hNnuWCk9WBO
huTpRoHXncoO5mhfxGox8pp1c7J42/vNVAYHPMcifzMmIgyKb8omS9Fns+CIwhqS
Ti0V7Juk5OXZD90t3xG85CG9HkC8d9mLAhq27nSDueQ/nlhxf0H5gncK9PmvLi1D
mafmi3ZHWW23FPSSChIO7aBu3rJ5dNPaUaEcNGIjLxmQVIu6kuBOPXyC//2V1ZBA
IgvriXvDj8uPY7bFl40fd4tpDmcYvjGQ3hMNQtk7ekAug1M1pScDonVQNwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFOIF+SJMPlZA69bKjp+wWC8AluwoMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvNGdYNUlrdy1Wa0RyMXNxT243QllMd0NXN0NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcAKgaCwgAC
MBIDBwAqBoLCAA0DBwQqBoLCAAAwDQYJKoZIhvcNAQELBQADggEBAG0zRipSOYjU
0INn5Yvroq3LOqsRNWPsIQob9BlEiqM0YH6IA+mG/m/pb9/g2bCi2/L4XUwP3PME
c5JaUdc1xLIKRAvm5PLNRl3nWHYg/JtLtwrr+os6vdUg6th9oaN+qJC/1VUyGMW/
L2hY4bSBumA1ZKxdwzocKEF1wcI51ECZXSEb32X7MYgkWAE8GCw2Sqgk5Cc3ffVF
gWGvVUnX36F2EAORsyKIipCzOoyFcFTHgxPf5eKcTfiXkFELrvn27xsmCdI6igwX
hD5AEgn2MDZ+HW92/7YSGYjXREytoprd7wuEK2xL+TvJB3A921yATC9dvYe79/mL
7cDU6G9S5Ac=
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:55 2024 by rpki-client on console-fra.rpki-client.org