Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/uql2vpGxrGdtA5Gl28tpTglqNYM.roa
File: uql2vpGxrGdtA5Gl28tpTglqNYM.roa (raw, json)
Hash identifier: MYOAJDrF99ey4AK3sLL6b4wh3cdKh0XERn/N9KlqA88=
Subject key identifier: BA:A9:76:BE:91:B1:AC:67:6D:03:91:A5:DB:CB:69:4E:09:6A:35:83
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 018CC80135DF7D3A61889EC2B1BBE3106A99
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/uql2vpGxrGdtA5Gl28tpTglqNYM.roa
Signing time: Tue 02 Jan 2024 02:29:31 +0000
ROA not before: Tue 02 Jan 2024 02:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24940
IP address blocks: 2001:67c:1164::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:35:df:7d:3a:61:88:9e:c2:b1:bb:e3:10:6a:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Jan 2 02:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=baa976be91b1ac676d0391a5dbcb694e096a3583
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0d:2b:03:f1:25:93:fc:00:dc:8d:3a:c8:3c:
38:74:b5:3f:1d:c9:d2:c1:55:ba:9b:1e:ef:51:6d:
7e:c1:03:e7:f4:18:94:fb:93:5c:c9:5e:b4:33:8c:
64:26:e9:70:a2:c9:5e:ac:db:6e:49:8e:09:27:4d:
25:7f:5a:27:f7:31:44:f2:32:b6:79:63:fe:69:4a:
81:85:b7:cb:05:63:22:71:4b:4f:44:7f:ab:f1:03:
68:23:5c:fb:f6:0f:e2:48:11:eb:c8:fa:f2:45:c0:
ef:00:16:0b:a6:70:85:89:fa:12:4f:d0:b3:b0:6d:
c1:33:ec:5d:9a:51:20:fc:d0:22:36:6e:b6:25:55:
cc:ce:6e:10:3c:46:53:d0:86:79:06:e6:6a:e3:d4:
6a:41:e0:87:ac:9e:12:dd:e0:96:88:4f:cb:0d:a7:
c3:b7:ac:53:b1:fe:cb:d4:4d:0f:b9:26:87:26:fe:
78:d3:c5:d5:17:51:d5:2f:20:d6:9a:38:4e:d0:4a:
fa:6a:45:35:e4:2d:80:62:75:d2:8d:93:70:c1:46:
42:10:98:d5:6d:e9:93:ca:90:bd:76:c0:a7:bf:7b:
7f:b3:7e:20:a7:2f:7a:c2:32:33:68:d1:a0:8f:6f:
be:e9:35:78:31:4f:85:86:53:9a:b9:ca:8b:94:75:
cc:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:A9:76:BE:91:B1:AC:67:6D:03:91:A5:DB:CB:69:4E:09:6A:35:83
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/uql2vpGxrGdtA5Gl28tpTglqNYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1164::/48
Signature Algorithm: sha256WithRSAEncryption
80:ce:3c:d3:25:e6:7f:de:56:fc:75:7b:e1:6c:7e:98:53:b2:
4e:31:12:c1:49:2c:e6:79:f2:50:7d:69:ed:af:92:6c:30:0f:
c5:56:ad:15:c0:5b:72:74:f5:5d:0b:0a:1d:e6:5a:e8:95:bd:
52:1a:21:d1:ac:19:7c:74:22:df:38:c1:1f:05:e5:2d:55:2f:
24:ff:a7:c0:c1:c0:7b:fa:ce:f6:70:0c:ab:9d:6f:5b:e8:ed:
6a:ea:fa:a5:2c:11:06:38:2b:6f:5a:24:c2:37:a5:68:73:e6:
39:7f:de:21:7b:41:78:7b:98:06:ab:06:39:cb:1b:a2:bf:6c:
48:42:29:25:c6:87:c7:2c:b3:db:a5:8a:12:f4:1f:d9:b7:63:
d0:de:eb:b7:16:fa:df:3c:24:cb:67:bc:8c:e9:a6:91:c2:3c:
da:59:fd:2d:db:e7:c4:68:8c:2c:6c:57:87:db:b1:5b:05:8f:
eb:fa:47:67:c1:5b:d3:8b:f7:21:e8:45:8e:82:c5:2f:41:ad:
5e:4c:a8:ba:62:ca:1d:a8:c6:03:68:43:ee:32:91:f0:08:e2:
ad:7a:cd:05:20:4b:0a:ec:b4:bf:a8:28:fa:34:8f:a2:c7:79:
c2:6c:32:f4:e4:cc:ac:69:8d:8f:a5:cd:af:01:d1:2c:fe:de:
45:61:47:cf
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIATXffTphiJ7CsbvjEGqZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0
ZTk4MWIwHhcNMjQwMTAyMDIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWE5NzZiZTkxYjFhYzY3NmQwMzkxYTVkYmNiNjk0ZTA5NmEzNTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtw0rA/Elk/wA3I06yDw4dLU/HcnS
wVW6mx7vUW1+wQPn9BiU+5NcyV60M4xkJulwoslerNtuSY4JJ00lf1on9zFE8jK2
eWP+aUqBhbfLBWMicUtPRH+r8QNoI1z79g/iSBHryPryRcDvABYLpnCFifoST9Cz
sG3BM+xdmlEg/NAiNm62JVXMzm4QPEZT0IZ5BuZq49RqQeCHrJ4S3eCWiE/LDafD
t6xTsf7L1E0PuSaHJv5408XVF1HVLyDWmjhO0Er6akU15C2AYnXSjZNwwUZCEJjV
bemTypC9dsCnv3t/s34gpy96wjIzaNGgj2++6TV4MU+FhlOaucqLlHXMiQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLqpdr6RsaxnbQORpdvLaU4JajWDMB8GA1UdIwQY
MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt
MTYxZjM0MjM4N2QxLzEvdXFsMnZwR3hyR2R0QTVHbDI4dHBUZ2xxTllNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx
LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBFk
MA0GCSqGSIb3DQEBCwUAA4IBAQCAzjzTJeZ/3lb8dXvhbH6YU7JOMRLBSSzmefJQ
fWntr5JsMA/FVq0VwFtydPVdCwod5lrolb1SGiHRrBl8dCLfOMEfBeUtVS8k/6fA
wcB7+s72cAyrnW9b6O1q6vqlLBEGOCtvWiTCN6Voc+Y5f94he0F4e5gGqwY5yxui
v2xIQiklxofHLLPbpYoS9B/Zt2PQ3uu3FvrfPCTLZ7yM6aaRwjzaWf0t2+fEaIws
bFeH27FbBY/r+kdnwVvTi/ch6EWOgsUvQa1eTKi6YsodqMYDaEPuMpHwCOKtes0F
IEsK7LS/qCj6NI+ix3nCbDL05MysaY2Ppc2vAdEs/t5FYUfP
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:19:21 2025 by rpki-client