Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/bnKC8C0hOMbLCW1j7nakO4-dnN0.roa
File: bnKC8C0hOMbLCW1j7nakO4-dnN0.roa (raw, json)
Hash identifier: Tz69JCghhpMbKCvEzSfyoqPl3HACjAliwT3nsYvHG8U=
Subject key identifier: 6E:72:82:F0:2D:21:38:C6:CB:09:6D:63:EE:76:A4:3B:8F:9D:9C:DD
Certificate issuer: /CN=86cb742a03bc9c85507217a25204dfff82fccdf9
Certificate serial: 018CCA2AA43D5C636C85F69E06DF5427FEBA
Authority key identifier: 86:CB:74:2A:03:BC:9C:85:50:72:17:A2:52:04:DF:FF:82:FC:CD:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hst0KgO8nIVQcheiUgTf_4L8zfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/bnKC8C0hOMbLCW1j7nakO4-dnN0.roa
Signing time: Tue 02 Jan 2024 12:34:01 +0000
ROA not before: Tue 02 Jan 2024 12:34:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 135330
IP address blocks: 2a0a:eec0:8::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 23 Sep 2024 15:23:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:a4:3d:5c:63:6c:85:f6:9e:06:df:54:27:fe:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cb742a03bc9c85507217a25204dfff82fccdf9
Validity
Not Before: Jan 2 12:34:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e7282f02d2138c6cb096d63ee76a43b8f9d9cdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:7e:99:19:c0:85:5d:7f:1c:af:d1:6e:fa:ad:
69:15:da:8c:5b:46:9e:aa:da:2d:01:57:2c:05:ed:
af:34:46:bd:c0:55:1a:06:39:18:46:99:93:34:a1:
e7:91:b0:6f:ab:90:ee:87:26:a5:af:50:93:a1:52:
83:78:7f:69:5f:02:00:6f:ff:20:b1:2d:2e:27:32:
9e:16:4e:08:67:48:fa:b4:31:c4:80:9d:5f:0c:8e:
1e:12:a4:ac:54:a0:96:fe:29:22:da:f9:7c:43:3c:
2a:f4:0a:65:dd:65:4a:92:27:72:64:4d:b7:62:e3:
c3:09:07:ec:2f:fc:27:01:f8:21:23:90:9d:00:6c:
bf:04:9e:ef:7b:5a:bf:cf:1e:f7:8a:9e:9f:d0:59:
f8:a5:36:d9:ae:fd:48:06:d4:e3:d2:f7:29:fd:42:
5f:55:db:49:b3:0a:4e:81:ff:53:23:38:e9:9c:d3:
e0:67:1d:b8:59:2b:05:a1:05:0f:e3:db:2f:b1:f0:
66:fd:fd:b3:7d:50:c0:df:a8:78:46:71:f8:2d:da:
d4:26:05:9b:25:91:2b:f9:d8:59:e0:d6:39:06:4d:
41:e9:b1:03:c1:6a:1f:3e:ba:de:96:1c:92:f6:40:
26:69:3c:f7:54:7f:95:9f:71:31:f1:71:82:1c:be:
5d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:72:82:F0:2D:21:38:C6:CB:09:6D:63:EE:76:A4:3B:8F:9D:9C:DD
X509v3 Authority Key Identifier:
keyid:86:CB:74:2A:03:BC:9C:85:50:72:17:A2:52:04:DF:FF:82:FC:CD:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hst0KgO8nIVQcheiUgTf_4L8zfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/bnKC8C0hOMbLCW1j7nakO4-dnN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/hst0KgO8nIVQcheiUgTf_4L8zfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:eec0:8::/48
Signature Algorithm: sha256WithRSAEncryption
10:d1:d7:d2:ec:26:95:c8:e4:30:20:af:ef:62:0d:cf:41:24:
ed:85:bf:3c:0c:a0:0c:ac:b0:af:85:26:0a:de:ac:54:d9:79:
7d:fb:db:fe:ea:d6:19:46:03:ae:0b:07:d9:ca:13:a9:e4:25:
21:12:61:13:aa:71:0e:37:22:be:14:ae:38:5b:50:48:b7:d1:
22:2f:96:8a:73:bb:6b:6d:20:21:3f:d6:82:14:d1:96:d1:27:
7d:84:a1:65:f9:85:46:82:d2:7c:e1:c6:da:e8:32:0a:af:e5:
5e:43:6f:86:39:d8:c7:d3:f2:98:fe:19:14:66:b2:6d:2c:8a:
98:d5:e1:42:87:bb:51:83:3d:91:3c:f6:ae:60:04:79:18:dc:
7e:40:92:7c:a2:a4:f5:b8:a2:f6:e7:60:81:7c:86:ab:a0:63:
72:34:72:a6:17:7d:a8:a3:9a:5b:4d:e3:dc:17:7f:65:8e:fb:
82:55:f7:a2:a2:e4:d3:c8:ae:34:40:d4:07:40:79:32:69:bf:
a6:f2:75:d5:a3:68:a7:8f:32:c7:e8:4d:15:ad:08:ae:b1:18:
d4:bc:99:1e:b8:e1:a1:a4:dc:e7:1c:83:a4:ce:69:c8:8c:0c:
cb:1e:e6:fa:8e:05:66:6c:60:fd:8d:5e:94:cd:28:96:35:af:
a6:04:b4:e8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzKKqQ9XGNshfaeBt9UJ/66MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2I3NDJhMDNiYzljODU1MDcyMTdhMjUyMDRkZmZmODJm
Y2NkZjkwHhcNMjQwMTAyMTIzNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTcyODJmMDJkMjEzOGM2Y2IwOTZkNjNlZTc2YTQzYjhmOWQ5Y2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk36ZGcCFXX8cr9Fu+q1pFdqMW0ae
qtotAVcsBe2vNEa9wFUaBjkYRpmTNKHnkbBvq5Duhyalr1CToVKDeH9pXwIAb/8g
sS0uJzKeFk4IZ0j6tDHEgJ1fDI4eEqSsVKCW/iki2vl8Qzwq9Apl3WVKkidyZE23
YuPDCQfsL/wnAfghI5CdAGy/BJ7ve1q/zx73ip6f0Fn4pTbZrv1IBtTj0vcp/UJf
VdtJswpOgf9TIzjpnNPgZx24WSsFoQUP49svsfBm/f2zfVDA36h4RnH4LdrUJgWb
JZEr+dhZ4NY5Bk1B6bEDwWofPrrelhyS9kAmaTz3VH+Vn3Ex8XGCHL5dUwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFG5ygvAtITjGywltY+52pDuPnZzdMB8GA1UdIwQY
MBaAFIbLdCoDvJyFUHIXolIE3/+C/M35MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN0MEtnTzhuSVZRY2hlaVVnVGZfNEw4emZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS83NjdhZTUtYjlhMi00OTkzLTgxYTgt
MDVmMThmYzIxMmE3LzEvYm5LQzhDMGhPTWJMQ1cxajduYWtPNC1kbk4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS83NjdhZTUtYjlhMi00OTkzLTgxYTgtMDVmMThmYzIxMmE3
LzEvaHN0MEtnTzhuSVZRY2hlaVVnVGZfNEw4emZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgruwAAI
MA0GCSqGSIb3DQEBCwUAA4IBAQAQ0dfS7CaVyOQwIK/vYg3PQSTthb88DKAMrLCv
hSYK3qxU2Xl9+9v+6tYZRgOuCwfZyhOp5CUhEmETqnEONyK+FK44W1BIt9EiL5aK
c7trbSAhP9aCFNGW0Sd9hKFl+YVGgtJ84cba6DIKr+VeQ2+GOdjH0/KY/hkUZrJt
LIqY1eFCh7tRgz2RPPauYAR5GNx+QJJ8oqT1uKL252CBfIaroGNyNHKmF32oo5pb
TePcF39ljvuCVfeiouTTyK40QNQHQHkyab+m8nXVo2injzLH6E0VrQiusRjUvJke
uOGhpNznHIOkzmnIjAzLHub6jgVmbGD9jV6UzSiWNa+mBLTo
-----END CERTIFICATE-----
Generated at Mon Sep 23 21:19:07 2024 by rpki-client on console-ams.rpki-client.org