Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/uqVx4UkMwfgnovGj5mO7epKaq5g.roa
File: uqVx4UkMwfgnovGj5mO7epKaq5g.roa (raw, json)
Hash identifier: B4fjoeESWT+BQavDo5tEXDEt/K2PSdH7wwLGZjFhVe8=
Subject key identifier: BA:A5:71:E1:49:0C:C1:F8:27:A2:F1:A3:E6:63:BB:7A:92:9A:AB:98
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01918ED1FBDF35E96BB04C319AC4EED745CD
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/uqVx4UkMwfgnovGj5mO7epKaq5g.roa
Signing time: Mon 26 Aug 2024 13:13:31 +0000
ROA not before: Mon 26 Aug 2024 13:13:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50225
IP address blocks: 2a0c:a584::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 04 Oct 2024 08:54:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8e:d1:fb:df:35:e9:6b:b0:4c:31:9a:c4:ee:d7:45:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Aug 26 13:13:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=baa571e1490cc1f827a2f1a3e663bb7a929aab98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:16:1b:63:b2:e7:9c:d1:dd:12:94:30:61:46:
40:53:98:46:05:71:01:64:12:d7:a5:09:08:30:69:
43:ff:4d:4c:f8:b0:42:07:eb:53:00:f9:e1:75:3b:
63:e4:3d:12:e2:25:be:38:63:ce:7f:fd:84:06:b7:
b0:2b:ce:55:7d:f4:8d:85:98:ac:9a:c8:53:60:d8:
0e:88:ef:74:4d:96:04:b0:58:30:9f:da:e0:90:5d:
7b:9e:c4:3e:26:4f:7e:14:1c:70:d7:30:01:dd:1d:
2e:56:9a:5d:88:0c:9d:cb:b7:51:18:3e:44:89:2b:
9a:53:2f:b2:9a:10:37:4f:25:e1:43:ce:57:c7:e0:
9f:56:a7:2d:e7:72:f0:a6:11:99:17:93:9e:e7:16:
33:91:07:73:19:32:b4:63:81:76:6b:a3:2c:4d:ad:
e8:42:a4:ec:f5:47:0c:9c:d5:8e:d8:55:78:99:f9:
e6:58:e8:11:b0:22:48:41:2a:09:96:55:c7:7a:68:
b1:a9:4f:b2:59:a7:5a:06:0f:f7:b0:ce:5b:15:c6:
71:0d:2c:f9:49:c4:65:14:5d:ec:02:7a:60:b5:d8:
77:96:c0:79:be:f4:93:b3:75:d2:57:b3:37:2d:17:
c7:99:09:c0:7c:ef:cd:f6:c5:0d:48:7c:1a:9d:18:
76:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:A5:71:E1:49:0C:C1:F8:27:A2:F1:A3:E6:63:BB:7A:92:9A:AB:98
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/uqVx4UkMwfgnovGj5mO7epKaq5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:a584::/32
Signature Algorithm: sha256WithRSAEncryption
95:f6:d7:4a:e9:2d:12:1a:92:74:a2:91:06:d8:bb:94:bb:db:
2a:b4:ba:53:3a:54:58:b3:36:ee:7f:9c:4a:1d:03:5d:f4:3f:
8a:d1:06:e3:12:fd:b6:5a:58:28:a8:41:b3:16:39:a5:94:81:
87:90:01:7e:70:02:10:e6:d6:47:43:4e:ee:50:6a:09:7c:35:
bb:c1:ae:46:ea:a6:14:0b:97:fa:03:8e:fd:4a:53:7d:61:a3:
e9:0c:40:2a:15:60:48:5a:f7:4a:a1:f7:53:19:26:ba:3d:c9:
a6:dd:a4:0a:7c:e6:da:11:cc:cf:e1:fc:38:56:f9:50:b6:54:
40:ef:5b:ae:74:16:88:88:93:e0:94:37:57:32:49:8d:28:47:
74:7a:f8:43:04:f2:57:f2:ba:75:77:1e:f5:4c:d6:25:5b:24:
f7:35:82:b6:31:f3:18:53:5e:a4:80:6e:8c:d1:ea:69:bf:56:
15:cf:c9:cb:89:a2:dd:48:39:4c:a7:23:df:8c:07:93:e0:32:
c4:6a:f8:31:9f:d6:30:65:03:23:d9:94:c4:52:dd:1f:f0:e1:
1c:36:be:42:a3:6e:94:cc:f6:66:29:ed:55:bc:8a:b2:17:d1:
84:4c:12:ee:5e:70:eb:9a:8a:c8:80:de:7b:4a:c7:a0:c1:e6:
c7:51:2b:29
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZGO0fvfNelrsEwxmsTu10XNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwODI2MTMxMzMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWE1NzFlMTQ5MGNjMWY4MjdhMmYxYTNlNjYzYmI3YTkyOWFhYjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6BYbY7LnnNHdEpQwYUZAU5hGBXEB
ZBLXpQkIMGlD/01M+LBCB+tTAPnhdTtj5D0S4iW+OGPOf/2EBrewK85VffSNhZis
mshTYNgOiO90TZYEsFgwn9rgkF17nsQ+Jk9+FBxw1zAB3R0uVppdiAydy7dRGD5E
iSuaUy+ymhA3TyXhQ85Xx+CfVqct53LwphGZF5Oe5xYzkQdzGTK0Y4F2a6MsTa3o
QqTs9UcMnNWO2FV4mfnmWOgRsCJIQSoJllXHemixqU+yWadaBg/3sM5bFcZxDSz5
ScRlFF3sAnpgtdh3lsB5vvSTs3XSV7M3LRfHmQnAfO/N9sUNSHwanRh2nwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLqlceFJDMH4J6Lxo+Zju3qSmquYMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvdXFWeDRVa013Zmdub3ZHajVtTzdlcEthcTVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgylhDAN
BgkqhkiG9w0BAQsFAAOCAQEAlfbXSuktEhqSdKKRBti7lLvbKrS6UzpUWLM27n+c
Sh0DXfQ/itEG4xL9tlpYKKhBsxY5pZSBh5ABfnACEObWR0NO7lBqCXw1u8GuRuqm
FAuX+gOO/UpTfWGj6QxAKhVgSFr3SqH3Uxkmuj3Jpt2kCnzm2hHMz+H8OFb5ULZU
QO9brnQWiIiT4JQ3VzJJjShHdHr4QwTyV/K6dXce9UzWJVsk9zWCtjHzGFNepIBu
jNHqab9WFc/Jy4mi3Ug5TKcj34wHk+AyxGr4MZ/WMGUDI9mUxFLdH/DhHDa+QqNu
lMz2ZintVbyKshfRhEwS7l5w65qKyIDee0rHoMHmx1ErKQ==
-----END CERTIFICATE-----
Generated at Fri Oct 4 10:11:12 2024 by rpki-client on console-fra.rpki-client.org