Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ukdkIJNjx3FnaeQzYZsgOaQ5VY0.roa
File: ukdkIJNjx3FnaeQzYZsgOaQ5VY0.roa (raw, json)
Hash identifier: nXLf3Ayj2jC7WJgMDcUdQTBgFXxzW7Ib6Goq+AxTNc0=
Subject key identifier: BA:47:64:20:93:63:C7:71:67:69:E4:33:61:9B:20:39:A4:39:55:8D
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018C9C58464524EEDFEAFF22A6AAB4343855
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ukdkIJNjx3FnaeQzYZsgOaQ5VY0.roa
Signing time: Sun 24 Dec 2023 15:01:19 +0000
ROA not before: Sun 24 Dec 2023 15:01:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209533
IP address blocks: 2a0c:9a47::/44 maxlen: 44
2a0c:9a47:20::/48 maxlen: 48
2a0c:9a40:a000::/36 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9c:58:46:45:24:ee:df:ea:ff:22:a6:aa:b4:34:38:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Dec 24 15:01:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba4764209363c7716769e433619b2039a439558d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:e2:15:70:69:b6:58:5b:36:a9:07:67:5d:ad:
a6:23:59:5c:b8:b1:2b:13:d3:ff:d1:a0:52:91:fa:
54:a9:9d:05:0f:11:6d:77:e6:b9:f9:9c:52:05:29:
a8:5a:02:43:a5:b3:a4:61:a2:0d:fc:93:19:4e:a8:
e2:c9:f6:f9:57:2b:57:fb:f8:2f:7b:12:15:2a:aa:
4b:23:93:57:22:fa:32:44:a1:8f:b6:c9:e0:62:50:
dd:82:ca:17:03:f0:05:75:31:17:75:0f:fc:6f:47:
a8:c2:e4:53:f3:ef:21:0f:ab:f5:89:d3:72:f5:e4:
69:49:51:18:44:f1:26:43:41:29:cc:32:34:1a:ef:
6f:8b:02:f9:d3:4a:5f:ee:17:29:be:4a:76:7e:08:
3d:bf:8b:ab:1c:1b:62:3c:87:0d:d8:c3:65:b7:68:
c2:20:be:f1:78:95:19:24:ac:6e:a9:ba:96:e0:e5:
0b:ae:50:3e:85:83:6f:43:2c:60:f8:0e:83:e3:6e:
f1:d6:e3:a5:5a:c0:45:3b:05:b3:7e:64:9c:3e:ca:
f8:51:52:2e:0e:e1:06:3f:9f:d1:6f:7f:6a:aa:3c:
19:56:ba:69:38:53:51:7e:f3:8c:b4:56:57:1c:60:
27:85:bf:2b:95:d4:b9:8d:dc:e4:09:15:a1:8e:8c:
91:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:47:64:20:93:63:C7:71:67:69:E4:33:61:9B:20:39:A4:39:55:8D
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ukdkIJNjx3FnaeQzYZsgOaQ5VY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:a000::/36
2a0c:9a47::/44
2a0c:9a47:20::/48
Signature Algorithm: sha256WithRSAEncryption
b9:39:37:4e:72:9b:ca:5a:91:d8:be:06:45:96:3d:f1:c7:6a:
13:45:32:97:ba:3e:89:21:19:19:7d:a6:84:07:aa:89:7e:3d:
39:21:ad:73:13:cf:2a:6b:d9:f7:34:f2:08:c8:6f:3f:7d:13:
a8:ed:58:47:bf:1f:ea:ef:cf:c7:c9:e5:e6:a4:db:ee:29:40:
a8:90:fa:bc:8a:31:e8:38:bd:ee:d9:6b:d9:84:7f:49:12:7b:
04:95:dd:9d:dd:06:5c:89:a6:2f:5c:ba:63:7a:4b:66:4f:5b:
b3:47:b7:53:f8:42:22:d6:42:e0:75:95:fd:9c:01:cd:a5:61:
e5:be:d9:b7:57:6b:34:bd:95:cb:ad:9c:64:cc:e5:41:d7:e7:
3f:c2:a7:0e:c2:f2:71:4d:ce:15:26:40:90:2c:67:00:e3:d0:
76:99:86:d0:5c:cc:1d:e9:38:12:b6:02:49:fc:cb:95:be:94:
7c:d1:32:f3:6d:73:13:5c:25:45:f2:e5:34:0b:d0:88:f7:19:
08:09:a8:ee:61:60:d4:69:71:93:9c:e3:bf:1d:c2:a8:f3:0b:
38:d9:24:e8:1d:97:18:bd:51:1c:a3:0d:18:9a:f4:91:36:b3:
67:98:45:99:84:87:06:a7:a3:3b:fc:2d:6b:7b:c1:95:40:bf:
43:a3:df:65
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYycWEZFJO7f6v8ipqq0NDhVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMxMjI0MTUwMTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTQ3NjQyMDkzNjNjNzcxNjc2OWU0MzM2MTliMjAzOWE0Mzk1NThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOIVcGm2WFs2qQdnXa2mI1lcuLEr
E9P/0aBSkfpUqZ0FDxFtd+a5+ZxSBSmoWgJDpbOkYaIN/JMZTqjiyfb5VytX+/gv
exIVKqpLI5NXIvoyRKGPtsngYlDdgsoXA/AFdTEXdQ/8b0eowuRT8+8hD6v1idNy
9eRpSVEYRPEmQ0EpzDI0Gu9viwL500pf7hcpvkp2fgg9v4urHBtiPIcN2MNlt2jC
IL7xeJUZJKxuqbqW4OULrlA+hYNvQyxg+A6D427x1uOlWsBFOwWzfmScPsr4UVIu
DuEGP5/Rb39qqjwZVrppOFNRfvOMtFZXHGAnhb8rldS5jdzkCRWhjoyRIQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLpHZCCTY8dxZ2nkM2GbIDmkOVWNMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvdWtka0lKTmp4M0ZuYWVRellac2dPYVE1VlkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAAjAaAwYEKgyaQKAD
BwQqDJpHAAADBwAqDJpHACAwDQYJKoZIhvcNAQELBQADggEBALk5N05ym8pakdi+
BkWWPfHHahNFMpe6PokhGRl9poQHqol+PTkhrXMTzypr2fc08gjIbz99E6jtWEe/
H+rvz8fJ5eak2+4pQKiQ+ryKMeg4ve7Za9mEf0kSewSV3Z3dBlyJpi9cumN6S2ZP
W7NHt1P4QiLWQuB1lf2cAc2lYeW+2bdXazS9lcutnGTM5UHX5z/Cpw7C8nFNzhUm
QJAsZwDj0HaZhtBczB3pOBK2Akn8y5W+lHzRMvNtcxNcJUXy5TQL0Ij3GQgJqO5h
YNRpcZOc478dwqjzCzjZJOgdlxi9URyjDRia9JE2s2eYRZmEhwanozv8LWt7wZVA
v0Oj32U=
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:36:58 2024 by rpki-client on console-fra.rpki-client.org