Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/U6J_NpEoI-k3oz7D7BnqWRF-wLw.roa
File: U6J_NpEoI-k3oz7D7BnqWRF-wLw.roa (raw, json)
Hash identifier: qNaXFwv/tvvYCvLGNJSw5azGQxeiS5cTaDe/28+Y22o=
Subject key identifier: 53:A2:7F:36:91:28:23:E9:37:A3:3E:C3:EC:19:EA:59:11:7E:C0:BC
Certificate issuer: /CN=56afcd8fb40aae1d243c2a8ce2541a69987eed13
Certificate serial: 018571B0E0B795D1701819C90DA0CE02A078
Authority key identifier: 56:AF:CD:8F:B4:0A:AE:1D:24:3C:2A:8C:E2:54:1A:69:98:7E:ED:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/U6J_NpEoI-k3oz7D7BnqWRF-wLw.roa
Signing time: Mon 02 Jan 2023 08:54:55 +0000
ROA not before: Mon 02 Jan 2023 08:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212568
IP address blocks: 2a11:e487:affe::/48 maxlen: 48
2a11:e487:cafe::/48 maxlen: 48
2a11:e487:dead::/48 maxlen: 48
2a11:e487:42::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:e0:b7:95:d1:70:18:19:c9:0d:a0:ce:02:a0:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56afcd8fb40aae1d243c2a8ce2541a69987eed13
Validity
Not Before: Jan 2 08:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53a27f36912823e937a33ec3ec19ea59117ec0bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:02:4f:cc:07:f0:0e:93:ba:5f:1a:e2:09:47:
ca:86:a9:0c:c2:2a:88:14:7e:50:84:3a:4d:82:12:
cc:d5:fd:f1:74:6f:0d:8d:44:2f:5b:af:f1:01:5c:
d2:b3:15:59:9c:c4:f6:bb:e4:0c:90:0c:d8:9c:0e:
b9:2d:9d:40:47:28:2f:7b:6f:9a:66:45:b6:a5:95:
42:4b:9d:26:1f:c6:d7:da:0f:b4:60:04:71:81:28:
91:1a:d3:1d:bd:2d:90:43:83:72:41:b1:6a:d4:e3:
a3:53:aa:c4:37:dd:ed:07:e7:16:3d:d3:85:5e:1d:
e1:7d:55:63:70:50:dc:0c:cd:de:b6:0b:86:11:67:
b3:9a:4c:33:24:0c:6b:ef:ce:85:c4:2f:ea:63:c8:
4d:e2:ba:10:04:b4:87:b5:fb:bf:56:91:5e:14:02:
15:10:b1:67:8d:e3:4c:bb:c3:0e:98:26:ad:ab:dd:
96:62:a5:e3:49:98:0e:d0:06:21:91:9e:3b:2e:5b:
d4:21:b3:bf:aa:fb:7c:22:bb:15:12:7a:09:f4:d2:
73:dd:4e:3c:78:64:ce:b9:69:5d:f6:4d:82:35:2a:
e0:48:b6:76:d0:c3:0b:cd:c0:aa:36:3c:43:2c:e3:
04:8a:ef:fe:cb:f8:24:20:f9:20:ae:cf:e2:ae:56:
e4:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:A2:7F:36:91:28:23:E9:37:A3:3E:C3:EC:19:EA:59:11:7E:C0:BC
X509v3 Authority Key Identifier:
keyid:56:AF:CD:8F:B4:0A:AE:1D:24:3C:2A:8C:E2:54:1A:69:98:7E:ED:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/U6J_NpEoI-k3oz7D7BnqWRF-wLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:e487:42::/48
2a11:e487:affe::/48
2a11:e487:cafe::/48
2a11:e487:dead::/48
Signature Algorithm: sha256WithRSAEncryption
04:46:9e:70:4a:d3:4b:90:22:eb:78:f1:03:56:67:b3:69:1e:
9a:b1:b6:4d:ed:b3:58:fa:fb:ea:a0:3f:45:42:32:d5:d0:fa:
74:3c:ad:93:01:44:50:2e:96:3d:56:60:40:be:e1:9a:05:65:
04:42:19:2b:13:fe:f6:63:d1:da:87:94:9a:67:e1:3e:4b:a1:
8a:d3:c6:59:10:c9:50:e7:bd:72:3a:a6:c4:99:8d:ce:14:99:
5f:1d:fa:da:17:2b:4d:51:1e:9a:b6:74:e0:fd:c8:1a:dc:5e:
26:4d:49:2a:7f:b7:15:ee:d2:ec:ed:40:04:3f:40:c0:7d:0f:
b7:f2:5b:8c:93:56:00:7f:15:e8:b2:18:9f:f8:0e:e1:9e:5d:
e0:9f:ab:84:53:bd:23:7c:dd:73:df:0f:52:d3:d0:eb:61:09:
ca:7a:bc:d4:5d:70:f0:aa:1b:e0:fd:90:d6:a1:88:88:bf:7c:
b4:6b:2e:8c:19:ae:1b:d5:0b:57:21:92:42:76:40:70:71:2f:
96:f2:01:ed:e7:cc:d1:fd:fe:20:cf:48:4e:98:bd:15:05:49:
17:3b:d3:60:21:2b:24:ce:ea:08:52:c8:3e:7d:54:a4:be:5c:
50:93:70:ac:a2:25:74:90:88:a1:8a:6d:17:33:5b:73:c1:74:
1c:c7:2a:ae
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVxsOC3ldFwGBnJDaDOAqB4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YWZjZDhmYjQwYWFlMWQyNDNjMmE4Y2UyNTQxYTY5OTg3
ZWVkMTMwHhcNMjMwMTAyMDg1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2EyN2YzNjkxMjgyM2U5MzdhMzNlYzNlYzE5ZWE1OTExN2VjMGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwJPzAfwDpO6XxriCUfKhqkMwiqI
FH5QhDpNghLM1f3xdG8NjUQvW6/xAVzSsxVZnMT2u+QMkAzYnA65LZ1ARygve2+a
ZkW2pZVCS50mH8bX2g+0YARxgSiRGtMdvS2QQ4NyQbFq1OOjU6rEN93tB+cWPdOF
Xh3hfVVjcFDcDM3etguGEWezmkwzJAxr786FxC/qY8hN4roQBLSHtfu/VpFeFAIV
ELFnjeNMu8MOmCatq92WYqXjSZgO0AYhkZ47LlvUIbO/qvt8IrsVEnoJ9NJz3U48
eGTOuWld9k2CNSrgSLZ20MMLzcCqNjxDLOMEiu/+y/gkIPkgrs/irlbkAQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFOifzaRKCPpN6M+w+wZ6lkRfsC8MB8GA1UdIwQY
MBaAFFavzY+0Cq4dJDwqjOJUGmmYfu0TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnFfTmo3UUtyaDBrUENxTTRsUWFhWmgtN1JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS80YzI2MzctM2JiYi00YTUzLWEyMTYt
MjM3YmU3NzMwMDdhLzEvVTZKX05wRW9JLWszb3o3RDdCbnFXUkYtd0x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS80YzI2MzctM2JiYi00YTUzLWEyMTYtMjM3YmU3NzMwMDdh
LzEvVnFfTmo3UUtyaDBrUENxTTRsUWFhWmgtN1JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAKhHkhwBC
AwcAKhHkh6/+AwcAKhHkh8r+AwcAKhHkh96tMA0GCSqGSIb3DQEBCwUAA4IBAQAE
Rp5wStNLkCLrePEDVmezaR6asbZN7bNY+vvqoD9FQjLV0Pp0PK2TAURQLpY9VmBA
vuGaBWUEQhkrE/72Y9Hah5SaZ+E+S6GK08ZZEMlQ571yOqbEmY3OFJlfHfraFytN
UR6atnTg/cga3F4mTUkqf7cV7tLs7UAEP0DAfQ+38luMk1YAfxXoshif+A7hnl3g
n6uEU70jfN1z3w9S09DrYQnKerzUXXDwqhvg/ZDWoYiIv3y0ay6MGa4b1QtXIZJC
dkBwcS+W8gHt58zR/f4gz0hOmL0VBUkXO9NgISskzuoIUsg+fVSkvlxQk3CsoiV0
kIihim0XM1tzwXQcxyqu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:52 2024 by rpki-client on console-fra.rpki-client.org