Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/udbfjUyYADtTtbsB28D41Zlitxs.roa
File: udbfjUyYADtTtbsB28D41Zlitxs.roa (raw, json)
Hash identifier: ndLCx+zvMlvNqE7ZpKVdpRpJ9ho1ID1Z3a3CzVBO6yo=
Subject key identifier: B9:D6:DF:8D:4C:98:00:3B:53:B5:BB:01:DB:C0:F8:D5:99:62:B7:1B
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01900E427487D75ED179A16A4A1D430E2776
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/udbfjUyYADtTtbsB28D41Zlitxs.roa
Signing time: Wed 12 Jun 2024 21:02:34 +0000
ROA not before: Wed 12 Jun 2024 21:02:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215434
IP address blocks: 2a05:9a40::/29 maxlen: 29
2a06:5fc0::/29 maxlen: 29
2a10:77c0::/29 maxlen: 29
2a13:afc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 16 Jul 2024 19:39:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:0e:42:74:87:d7:5e:d1:79:a1:6a:4a:1d:43:0e:27:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Jun 12 21:02:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9d6df8d4c98003b53b5bb01dbc0f8d59962b71b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:48:b5:d2:47:b1:f2:2a:8c:64:e9:4d:2d:27:
79:0b:bb:ec:aa:60:47:42:0a:40:97:5e:9c:50:3a:
aa:48:07:f3:a0:f8:6b:9a:e0:29:9c:c3:18:df:bf:
62:04:00:e3:bc:73:5d:fb:2c:65:d2:14:fe:42:98:
3f:72:61:00:dd:1b:fb:0b:b9:c7:1f:2b:53:72:f1:
bd:5c:6e:6d:db:a5:61:d5:6e:36:f3:bc:9d:18:a6:
e3:01:c6:5d:b1:4b:15:ea:8f:e8:e3:e9:e4:b7:57:
19:f4:17:d1:3e:8d:48:47:3d:16:01:be:4d:89:06:
87:3c:e9:a0:ae:db:9e:4a:e1:80:34:34:27:ed:6d:
3d:2d:c8:bd:64:06:61:2d:69:82:b1:83:26:80:cd:
9b:42:a4:9b:14:89:46:d0:16:c5:5e:57:56:ab:a5:
02:55:b6:82:31:e4:75:ec:97:19:a5:30:32:d9:e2:
d1:d4:be:a9:d4:12:13:67:22:74:2e:69:cd:9a:2c:
e8:bb:b0:a2:19:2c:f7:e8:a7:db:2e:a0:d9:5b:f2:
04:ea:0b:5c:a0:15:22:1b:3d:ab:c0:e4:b8:0b:62:
d6:80:f2:ad:ec:d4:be:5d:76:6d:eb:58:f6:d7:36:
c0:32:3b:30:3c:25:53:fb:a1:1d:8f:6e:70:d0:9e:
9b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:D6:DF:8D:4C:98:00:3B:53:B5:BB:01:DB:C0:F8:D5:99:62:B7:1B
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/udbfjUyYADtTtbsB28D41Zlitxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:9a40::/29
2a06:5fc0::/29
2a10:77c0::/29
2a13:afc0::/29
Signature Algorithm: sha256WithRSAEncryption
9b:0d:5d:1e:26:be:e4:5f:d6:98:a1:8b:a6:58:9d:04:49:21:
01:81:bc:97:9a:d0:3c:77:90:4a:99:34:e0:fd:ff:9f:82:06:
d6:d3:50:3c:a4:38:37:fa:7f:39:b5:3f:fb:7a:af:42:e2:f3:
01:c3:ae:26:60:4f:bb:e9:58:3e:37:c2:07:57:23:b2:22:43:
88:53:2b:3e:27:e8:bb:57:0d:f9:51:c1:eb:5a:ea:7a:b3:e5:
ec:5a:6c:a6:7a:6e:28:35:77:61:c6:28:02:9c:6f:07:28:b7:
0b:6b:e2:4e:8b:2d:e0:57:74:e3:73:74:cf:b5:7a:32:0c:c2:
f4:d8:5a:68:39:cb:26:b8:68:c5:ec:ce:27:c1:b7:1c:9b:ab:
70:89:28:1b:21:df:24:aa:60:2d:98:3f:eb:2f:e3:c4:a1:bc:
06:40:67:fe:45:17:9f:29:71:c5:dc:e3:ea:1b:80:82:df:0d:
60:36:59:f9:83:de:7d:4a:64:fb:aa:91:19:b5:3b:3e:59:41:
04:ce:b7:0d:cd:35:2c:09:93:20:49:b9:c8:0c:ae:fd:fc:d0:
90:e3:d7:8e:ca:8c:ba:ce:0a:cf:cd:11:eb:8c:e9:62:95:82:
6f:18:5c:a1:98:3d:30:ac:b9:6b:2a:cc:68:1a:06:bb:ba:de:
20:fb:84:c1
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZAOQnSH117ReaFqSh1DDid2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQwNjEyMjEwMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWQ2ZGY4ZDRjOTgwMDNiNTNiNWJiMDFkYmMwZjhkNTk5NjJiNzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Ui10kex8iqMZOlNLSd5C7vsqmBH
QgpAl16cUDqqSAfzoPhrmuApnMMY379iBADjvHNd+yxl0hT+Qpg/cmEA3Rv7C7nH
HytTcvG9XG5t26Vh1W4287ydGKbjAcZdsUsV6o/o4+nkt1cZ9BfRPo1IRz0WAb5N
iQaHPOmgrtueSuGANDQn7W09Lci9ZAZhLWmCsYMmgM2bQqSbFIlG0BbFXldWq6UC
VbaCMeR17JcZpTAy2eLR1L6p1BITZyJ0LmnNmizou7CiGSz36KfbLqDZW/IE6gtc
oBUiGz2rwOS4C2LWgPKt7NS+XXZt61j21zbAMjswPCVT+6Edj25w0J6bbwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFLnW341MmAA7U7W7AdvA+NWZYrcbMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvdWRiZmpVeVlBRHRUdGJzQjI4RDQxWmxpdHhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgWaQAMF
AyoGX8ADBQMqEHfAAwUDKhOvwDANBgkqhkiG9w0BAQsFAAOCAQEAmw1dHia+5F/W
mKGLplidBEkhAYG8l5rQPHeQSpk04P3/n4IG1tNQPKQ4N/p/ObU/+3qvQuLzAcOu
JmBPu+lYPjfCB1cjsiJDiFMrPifou1cN+VHB61rqerPl7FpspnpuKDV3YcYoApxv
Byi3C2viTost4Fd043N0z7V6MgzC9NhaaDnLJrhoxezOJ8G3HJurcIkoGyHfJKpg
LZg/6y/jxKG8BkBn/kUXnylxxdzj6huAgt8NYDZZ+YPefUpk+6qRGbU7PllBBM63
Dc01LAmTIEm5yAyu/fzQkOPXjsqMus4Kz80R64zpYpWCbxhcoZg9MKy5ayrMaBoG
u7reIPuEwQ==
-----END CERTIFICATE-----
Generated at Tue Jul 16 23:30:17 2024 by rpki-client on console-ams.rpki-client.org