Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/al025j_UKCZdLC-z2FR2pytbSVw.roa
File: al025j_UKCZdLC-z2FR2pytbSVw.roa (raw, json)
Hash identifier: m+gPttNW2TMNpPcC6WDRL0VYUpIXO0UIG+EJdu4lQNI=
Subject key identifier: 6A:5D:36:E6:3F:D4:28:26:5D:2C:2F:B3:D8:54:76:A7:2B:5B:49:5C
Certificate issuer: /CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Certificate serial: 018A9A29DFC8832E53A1FA56E9170D791E34
Authority key identifier: 8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/al025j_UKCZdLC-z2FR2pytbSVw.roa
Signing time: Fri 15 Sep 2023 18:45:50 +0000
ROA not before: Fri 15 Sep 2023 18:45:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 5.102.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Sep 2023 18:24:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:9a:29:df:c8:83:2e:53:a1:fa:56:e9:17:0d:79:1e:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Validity
Not Before: Sep 15 18:45:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a5d36e63fd428265d2c2fb3d85476a72b5b495c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:22:b2:98:92:20:70:c7:c4:4d:e7:13:bc:6b:
20:3a:6e:8c:0f:70:e2:0b:f9:77:a1:2f:73:95:db:
7c:ad:95:e2:ad:9d:5a:fb:1a:e1:52:55:be:11:49:
9f:6a:8e:04:fa:ba:70:d9:41:3f:11:ed:c6:3b:3b:
4d:41:a2:67:a7:2b:17:1c:77:25:fd:85:e6:77:64:
e7:7c:88:78:8f:a9:c5:b3:ef:e7:f0:12:16:ab:5a:
d6:68:a0:fd:8b:5f:ef:98:5e:32:db:a4:8e:b4:bd:
1c:34:f9:c7:2e:7d:50:c0:ea:73:94:a6:4d:51:59:
5d:96:89:f4:87:fb:83:ae:55:63:89:56:e9:32:af:
4a:ce:f3:61:ca:f4:39:dc:25:90:7f:54:ec:4d:6f:
3a:8e:42:06:9f:0e:32:52:80:7e:c6:45:51:4e:1d:
b8:70:ed:27:48:5b:5c:fd:b6:ab:c4:f6:87:51:3f:
7e:6a:18:c4:d4:09:92:4c:01:7c:d9:02:48:11:3b:
00:e4:6e:bc:8c:a0:b5:1f:58:81:f0:f9:5d:f0:b1:
76:bb:7b:ee:f1:a3:93:63:26:ee:17:09:d2:92:5d:
9f:6f:37:b6:52:54:bc:f1:0c:7c:27:1d:59:90:31:
c5:a8:f8:ed:32:2e:c3:ef:e0:be:d8:c0:6f:db:25:
af:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:5D:36:E6:3F:D4:28:26:5D:2C:2F:B3:D8:54:76:A7:2B:5B:49:5C
X509v3 Authority Key Identifier:
keyid:8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/al025j_UKCZdLC-z2FR2pytbSVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.38.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:3f:23:4a:61:fd:0a:f7:ee:f4:d4:aa:f7:8c:6f:89:bc:3e:
45:47:ec:32:ef:7c:04:82:94:07:6e:7c:ce:06:f7:59:5d:6c:
b5:f5:d3:aa:9b:4b:0d:dd:21:ef:5c:8a:24:4b:e4:38:e9:d3:
10:a9:73:07:01:97:45:ac:a2:ec:e6:7d:13:8e:86:15:3a:31:
f1:a6:50:86:41:e9:1c:21:3a:b8:82:45:f5:c3:ac:28:29:28:
1e:4a:65:f9:91:5a:41:86:21:9e:51:0a:76:b3:12:45:bb:1c:
69:f8:3b:1c:2f:a6:bc:a5:c8:fc:9b:aa:34:94:5d:c7:39:39:
f7:43:b8:15:6d:7a:d2:28:79:4c:32:24:6c:09:94:7b:87:28:
13:b5:8b:1b:f9:d1:c3:e2:93:2f:fc:c9:b9:e6:4b:53:25:45:
1b:25:5c:6a:cb:db:57:78:3c:66:02:a4:05:5f:29:d4:51:69:
b1:5c:9f:92:71:d5:a9:47:07:41:05:71:6b:7b:71:0d:f0:20:
35:6d:62:64:dd:75:20:f1:67:ca:ff:36:e3:ea:1a:0b:26:6e:
fa:d8:c1:ee:dd:5f:f2:86:37:69:f6:e3:f6:f3:66:2a:d4:1e:
77:e1:1e:54:67:f4:94:9b:14:01:98:9b:4f:11:9e:5d:08:05:
5b:ab:be:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqaKd/Igy5TofpW6RcNeR40MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZGY3NmM1NGI5ZTY5MzVjMzBhOWI0YzliYTkzMDlhYzQ3
MGVjMDIwHhcNMjMwOTE1MTg0NTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTVkMzZlNjNmZDQyODI2NWQyYzJmYjNkODU0NzZhNzJiNWI0OTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyKymJIgcMfETecTvGsgOm6MD3Di
C/l3oS9zldt8rZXirZ1a+xrhUlW+EUmfao4E+rpw2UE/Ee3GOztNQaJnpysXHHcl
/YXmd2TnfIh4j6nFs+/n8BIWq1rWaKD9i1/vmF4y26SOtL0cNPnHLn1QwOpzlKZN
UVldlon0h/uDrlVjiVbpMq9KzvNhyvQ53CWQf1TsTW86jkIGnw4yUoB+xkVRTh24
cO0nSFtc/barxPaHUT9+ahjE1AmSTAF82QJIETsA5G68jKC1H1iB8Pld8LF2u3vu
8aOTYybuFwnSkl2fbze2UlS88Qx8Jx1ZkDHFqPjtMi7D7+C+2MBv2yWvRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGpdNuY/1CgmXSwvs9hUdqcrW0lcMB8GA1UdIwQY
MBaAFIvfdsVLnmk1wwqbTJupMJrEcOwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgt
OGQyMTg2NjUwMjdkLzEvYWwwMjVqX1VLQ1pkTEMtejJGUjJweXRiU1Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgtOGQyMTg2NjUwMjdk
LzEvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABWYmMA0G
CSqGSIb3DQEBCwUAA4IBAQBvPyNKYf0K9+701Kr3jG+JvD5FR+wy73wEgpQHbnzO
BvdZXWy19dOqm0sN3SHvXIokS+Q46dMQqXMHAZdFrKLs5n0TjoYVOjHxplCGQekc
ITq4gkX1w6woKSgeSmX5kVpBhiGeUQp2sxJFuxxp+DscL6a8pcj8m6o0lF3HOTn3
Q7gVbXrSKHlMMiRsCZR7hygTtYsb+dHD4pMv/Mm55ktTJUUbJVxqy9tXeDxmAqQF
XynUUWmxXJ+ScdWpRwdBBXFre3EN8CA1bWJk3XUg8WfK/zbj6hoLJm762MHu3V/y
hjdp9uP282Yq1B534R5UZ/SUmxQBmJtPEZ5dCAVbq76o
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:06 2024 by rpki-client on console-ams.rpki-client.org