Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/cUzLT6zolPnbidNZ7ndBV0pG-ok.roa
File: cUzLT6zolPnbidNZ7ndBV0pG-ok.roa (raw, json)
Hash identifier: pxU69FwsTAkX7VaVwpWnjreq3i0qeicPRoDaHj43zKc=
Subject key identifier: 71:4C:CB:4F:AC:E8:94:F9:DB:89:D3:59:EE:77:41:57:4A:46:FA:89
Certificate issuer: /CN=9e55320077696944b1613c2e8c9c606a1e06eb79
Certificate serial: 01856FA6FA1A2E0A11BC6BA298BEB9BB1FA0
Authority key identifier: 9E:55:32:00:77:69:69:44:B1:61:3C:2E:8C:9C:60:6A:1E:06:EB:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/cUzLT6zolPnbidNZ7ndBV0pG-ok.roa
Signing time: Sun 01 Jan 2023 23:24:51 +0000
ROA not before: Sun 01 Jan 2023 23:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201086
IP address blocks: 2a0e:9c00::/29 maxlen: 29
2a0c:f340::/32 maxlen: 32
2a06:af40::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 01 Oct 2023 10:24:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a6:fa:1a:2e:0a:11:bc:6b:a2:98:be:b9:bb:1f:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e55320077696944b1613c2e8c9c606a1e06eb79
Validity
Not Before: Jan 1 23:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=714ccb4face894f9db89d359ee7741574a46fa89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e7:70:18:e1:1a:a5:e7:df:b8:70:c0:9f:e9:
bf:40:f9:31:8b:c7:93:43:28:d4:d5:db:60:b9:63:
d0:7f:34:d0:7d:75:d9:e3:b7:80:db:c5:99:70:dd:
5d:b5:ec:a5:d7:fc:37:0f:25:8f:ad:7a:10:7a:4d:
85:71:4f:88:f4:80:bf:dd:58:28:c1:65:31:74:a7:
10:df:2c:60:14:6a:47:aa:b9:15:f2:49:47:df:42:
34:13:73:83:12:2f:84:6e:93:70:be:75:b7:77:53:
35:96:5a:18:e4:fe:ff:cb:d5:f7:5e:71:d6:42:50:
5b:7f:ad:ed:8e:4e:6b:d1:b8:2f:28:26:a7:be:d2:
e8:cd:3b:3d:28:8c:8b:d0:ce:87:eb:41:2f:c2:aa:
35:d1:7f:c8:30:1f:1e:5f:37:4f:c7:fd:68:36:c1:
ab:43:c5:4a:98:89:1b:99:42:ee:2e:cd:21:85:91:
7f:3b:4f:b3:db:70:4b:48:68:11:5c:1a:aa:75:3a:
d6:bc:40:10:7e:7d:34:3c:59:f6:96:0a:72:ee:f3:
7c:cb:45:e8:ea:b8:a6:b3:47:8f:5a:12:ee:4d:6e:
b9:56:c2:7c:b6:39:4e:b2:cd:c1:92:f8:8c:07:ed:
b3:33:a8:7d:eb:bf:c8:b3:fb:53:17:e7:94:3b:d9:
6b:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:4C:CB:4F:AC:E8:94:F9:DB:89:D3:59:EE:77:41:57:4A:46:FA:89
X509v3 Authority Key Identifier:
keyid:9E:55:32:00:77:69:69:44:B1:61:3C:2E:8C:9C:60:6A:1E:06:EB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/cUzLT6zolPnbidNZ7ndBV0pG-ok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/nlUyAHdpaUSxYTwujJxgah4G63k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:af40::/29
2a0c:f340::/32
2a0e:9c00::/29
Signature Algorithm: sha256WithRSAEncryption
01:90:4f:9c:6b:1a:c7:b0:d1:77:d5:bc:5d:e7:41:1d:0c:79:
2d:81:72:4a:2e:df:56:9f:7b:f4:5e:0b:79:76:a3:f1:03:2f:
47:64:f7:0a:e9:16:73:51:da:f1:11:da:f9:c3:b6:91:6f:2c:
22:56:3d:e1:0f:73:ca:88:e0:0f:24:ba:88:6c:7b:9d:0b:9e:
2c:71:cf:ff:68:70:fd:03:e7:54:da:54:fe:5f:36:c7:f2:ea:
7b:9e:0b:6e:e2:6f:7b:04:e0:68:90:f4:2d:5d:a4:80:de:e9:
a2:57:0c:c4:d0:02:d1:50:5b:d5:53:70:7e:92:2a:b9:e6:99:
bb:03:f9:8b:ec:eb:bb:c9:23:84:72:7b:ab:00:3d:88:8a:82:
53:52:24:db:40:3b:2e:9d:f7:e5:08:e0:cf:b9:e3:7c:0b:3c:
76:a5:d0:57:ab:cc:65:06:52:c9:1b:69:d7:b4:b6:f0:4b:2b:
8a:4f:41:a5:fb:9e:26:d4:0f:9b:48:e1:98:97:98:58:65:09:
83:a2:96:50:5a:ca:00:61:14:69:2a:5a:6f:43:f7:23:02:c0:
70:c6:2b:5b:24:25:79:1a:6d:b0:aa:40:ff:b9:65:91:8d:9c:
4a:45:5a:f4:36:1f:8b:31:ad:7a:07:f1:fb:a7:14:3e:21:e5:
ab:39:c2:6b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvpvoaLgoRvGuimL65ux+gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNTUzMjAwNzc2OTY5NDRiMTYxM2MyZThjOWM2MDZhMWUw
NmViNzkwHhcNMjMwMTAxMjMyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTRjY2I0ZmFjZTg5NGY5ZGI4OWQzNTllZTc3NDE1NzRhNDZmYTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApudwGOEapeffuHDAn+m/QPkxi8eT
QyjU1dtguWPQfzTQfXXZ47eA28WZcN1dteyl1/w3DyWPrXoQek2FcU+I9IC/3Vgo
wWUxdKcQ3yxgFGpHqrkV8klH30I0E3ODEi+EbpNwvnW3d1M1lloY5P7/y9X3XnHW
QlBbf63tjk5r0bgvKCanvtLozTs9KIyL0M6H60Evwqo10X/IMB8eXzdPx/1oNsGr
Q8VKmIkbmULuLs0hhZF/O0+z23BLSGgRXBqqdTrWvEAQfn00PFn2lgpy7vN8y0Xo
6rims0ePWhLuTW65VsJ8tjlOss3BkviMB+2zM6h967/Is/tTF+eUO9lrOQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHFMy0+s6JT524nTWe53QVdKRvqJMB8GA1UdIwQY
MBaAFJ5VMgB3aWlEsWE8LoycYGoeBut5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmxVeUFIZHBhVVN4WVR3dWpKeGdhaDRHNjNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8yNjBiNjEtYTM0OC00ZDQ3LTkyZjYt
MWUwZThiOTA5ZTM0LzEvY1V6TFQ2em9sUG5iaWROWjduZEJWMHBHLW9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8yNjBiNjEtYTM0OC00ZDQ3LTkyZjYtMWUwZThiOTA5ZTM0
LzEvbmxVeUFIZHBhVVN4WVR3dWpKeGdhaDRHNjNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgavQAMF
ACoM80ADBQMqDpwAMA0GCSqGSIb3DQEBCwUAA4IBAQABkE+caxrHsNF31bxd50Ed
DHktgXJKLt9Wn3v0Xgt5dqPxAy9HZPcK6RZzUdrxEdr5w7aRbywiVj3hD3PKiOAP
JLqIbHudC54scc//aHD9A+dU2lT+XzbH8up7ngtu4m97BOBokPQtXaSA3umiVwzE
0ALRUFvVU3B+kiq55pm7A/mL7Ou7ySOEcnurAD2IioJTUiTbQDsunfflCODPueN8
Czx2pdBXq8xlBlLJG2nXtLbwSyuKT0Gl+54m1A+bSOGYl5hYZQmDopZQWsoAYRRp
KlpvQ/cjAsBwxitbJCV5Gm2wqkD/uWWRjZxKRVr0Nh+LMa16B/H7pxQ+IeWrOcJr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:51 2024 by rpki-client on console-fra.rpki-client.org