Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uAlqOBKPvLcx5XaFysCHfy4L2oo.roa
File: uAlqOBKPvLcx5XaFysCHfy4L2oo.roa (raw, json)
Hash identifier: xo/yJr6a1DXVN5Yn2pygGAfK25exNYs1FWTzI6vDLbQ=
Subject key identifier: B8:09:6A:38:12:8F:BC:B7:31:E5:76:85:CA:C0:87:7F:2E:0B:DA:8A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CE8492EFF8295273B1B4E2640C3055838
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uAlqOBKPvLcx5XaFysCHfy4L2oo.roa
Signing time: Mon 08 Jan 2024 08:55:59 +0000
ROA not before: Mon 08 Jan 2024 08:55:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 2a00:1c8d::/32 maxlen: 32
2a00:1c8a::/32 maxlen: 32
2a00:1c8b::/32 maxlen: 32
2a00:1c89::/32 maxlen: 32
2a00:1c8c::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 15 Jan 2024 11:20:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e8:49:2e:ff:82:95:27:3b:1b:4e:26:40:c3:05:58:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 8 08:55:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8096a38128fbcb731e57685cac0877f2e0bda8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:9f:a8:4c:27:d1:86:3e:7b:98:e0:fc:79:27:
40:9c:2a:bb:6c:e2:9c:2c:96:7a:af:b2:60:99:6c:
ca:a4:59:76:dd:c5:57:55:a4:9e:17:f0:79:3a:10:
ed:88:04:1b:b8:52:af:54:b5:89:f1:18:66:d9:6d:
a6:21:a7:59:91:a4:4b:a8:2d:88:70:71:22:72:34:
85:5b:9b:17:29:5e:1a:07:01:23:bf:04:fc:5c:a4:
e9:62:d4:70:6a:c0:c7:3c:6d:39:b3:15:7b:7c:2c:
cf:f5:11:31:81:71:ba:03:88:4a:0b:df:29:d2:03:
03:9b:ac:3e:9e:b3:26:19:c4:6c:4f:28:96:32:45:
95:4e:74:52:0c:92:9d:60:3d:bc:6b:a9:30:1e:a6:
26:90:54:82:70:72:11:6c:23:1c:6b:ad:47:b2:ad:
72:0d:4b:94:4d:fd:7f:66:a4:8b:61:fc:79:dc:57:
64:a1:52:7c:9e:53:c2:25:88:d2:7d:2a:1d:19:b4:
39:06:4f:ce:39:c7:e6:d6:d9:ae:ca:a5:32:96:4b:
4c:c3:9a:99:41:70:1b:7d:0d:5a:a3:d0:b5:59:38:
46:0e:d2:73:ad:91:cf:e1:68:5e:60:2c:e8:d6:69:
56:d6:6c:64:59:18:74:68:0b:a6:0c:0a:a6:44:43:
c5:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:09:6A:38:12:8F:BC:B7:31:E5:76:85:CA:C0:87:7F:2E:0B:DA:8A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uAlqOBKPvLcx5XaFysCHfy4L2oo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1c89::-2a00:1c8d:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7d:a1:ab:49:1b:d5:31:8e:e5:9e:37:8c:a5:d9:dd:87:fb:ab:
e3:85:85:33:b1:21:bb:37:1e:fa:7b:17:b4:35:2d:e5:8a:87:
62:4a:28:59:c5:be:25:ff:9e:73:e5:ee:d5:e6:bd:1e:e1:b6:
43:39:ff:5e:0a:c4:dd:fc:a2:08:ea:f3:e4:89:5e:20:4d:b8:
c5:8d:af:55:6c:be:73:14:97:62:b0:ee:5c:11:bb:02:b2:fe:
30:e5:bf:b4:d0:ec:f0:ac:82:80:d5:57:d8:90:1b:f7:8e:b9:
d0:93:6d:32:f5:56:60:1c:d0:5c:2a:96:d9:7b:91:3b:e5:09:
ab:0b:15:01:40:64:07:95:c2:f2:b4:61:35:d1:aa:97:9d:95:
db:2c:61:97:b5:85:41:e4:81:96:27:6c:65:bd:f0:b9:7a:06:
40:be:3c:e6:93:a5:37:f1:b6:33:1f:f8:2f:9b:c6:bf:45:b4:
92:7f:87:3a:ee:f3:d7:b4:4c:55:d8:ec:b2:72:f8:7e:3c:19:
d0:bf:78:75:cf:77:6a:b4:e2:57:c7:fc:02:a9:dc:83:c5:67:
23:be:bd:30:9f:5f:bc:f4:ff:19:22:0f:68:89:1a:c2:ab:1a:
9f:2a:9b:d9:55:77:85:32:6d:4d:e0:91:61:22:3c:5e:7d:e5:
46:dd:6a:61
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYzoSS7/gpUnOxtOJkDDBVg4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTA4MDg1NTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODA5NmEzODEyOGZiY2I3MzFlNTc2ODVjYWMwODc3ZjJlMGJkYThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkp+oTCfRhj57mOD8eSdAnCq7bOKc
LJZ6r7JgmWzKpFl23cVXVaSeF/B5OhDtiAQbuFKvVLWJ8Rhm2W2mIadZkaRLqC2I
cHEicjSFW5sXKV4aBwEjvwT8XKTpYtRwasDHPG05sxV7fCzP9RExgXG6A4hKC98p
0gMDm6w+nrMmGcRsTyiWMkWVTnRSDJKdYD28a6kwHqYmkFSCcHIRbCMca61Hsq1y
DUuUTf1/ZqSLYfx53FdkoVJ8nlPCJYjSfSodGbQ5Bk/OOcfm1tmuyqUylktMw5qZ
QXAbfQ1ao9C1WThGDtJzrZHP4WheYCzo1mlW1mxkWRh0aAumDAqmREPFVwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFLgJajgSj7y3MeV2hcrAh38uC9qKMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdUFscU9CS1B2TGN4NVhhRnlzQ0hmeTRMMm9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqAByJ
AwUBKgAcjDANBgkqhkiG9w0BAQsFAAOCAQEAfaGrSRvVMY7lnjeMpdndh/ur44WF
M7Ehuzce+nsXtDUt5YqHYkooWcW+Jf+ec+Xu1ea9HuG2Qzn/XgrE3fyiCOrz5Ile
IE24xY2vVWy+cxSXYrDuXBG7ArL+MOW/tNDs8KyCgNVX2JAb94650JNtMvVWYBzQ
XCqW2XuRO+UJqwsVAUBkB5XC8rRhNdGql52V2yxhl7WFQeSBlidsZb3wuXoGQL48
5pOlN/G2Mx/4L5vGv0W0kn+HOu7z17RMVdjssnL4fjwZ0L94dc93arTiV8f8Aqnc
g8VnI769MJ9fvPT/GSIPaIkawqsanyqb2VV3hTJtTeCRYSI8Xn3lRt1qYQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:49 2024 by rpki-client on console-ams.rpki-client.org