Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/uFgqKbxsHW9mTlfIJecpPhvwJQY.roa
File: uFgqKbxsHW9mTlfIJecpPhvwJQY.roa (raw, json)
Hash identifier: Nh5T/z4sUUVUdrotKdiIAEa5zE1QJjoHinwV6DnDLVQ=
Subject key identifier: B8:58:2A:29:BC:6C:1D:6F:66:4E:57:C8:25:E7:29:3E:1B:F0:25:06
Certificate issuer: /CN=48abf29fdef8570502f4b51be5ffc05c4d9b3465
Certificate serial: 018CC801A1CCA802FB01830F05A74B928390
Authority key identifier: 48:AB:F2:9F:DE:F8:57:05:02:F4:B5:1B:E5:FF:C0:5C:4D:9B:34:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SKvyn974VwUC9LUb5f_AXE2bNGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/uFgqKbxsHW9mTlfIJecpPhvwJQY.roa
Signing time: Tue 02 Jan 2024 02:29:59 +0000
ROA not before: Tue 02 Jan 2024 02:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210818
IP address blocks: 2a11:8a85::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 01 Jun 2024 18:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:a1:cc:a8:02:fb:01:83:0f:05:a7:4b:92:83:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48abf29fdef8570502f4b51be5ffc05c4d9b3465
Validity
Not Before: Jan 2 02:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8582a29bc6c1d6f664e57c825e7293e1bf02506
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:62:72:60:f0:fd:e8:e1:16:ec:ec:f7:26:9c:
7d:51:b4:56:dd:5f:a8:48:40:9b:fc:13:67:ae:eb:
90:80:80:44:e1:88:7e:ad:00:44:0e:d5:fb:53:c0:
23:46:35:26:01:6c:52:a2:04:f2:3d:b1:10:ae:0a:
6c:9c:3d:7e:c5:6b:9c:f4:81:c5:d9:ec:70:b9:8c:
c1:4f:21:ed:6a:fc:c3:51:3d:5d:8c:a1:e0:2f:32:
83:a8:a4:94:ae:f0:91:c1:8a:e9:10:89:65:96:ab:
a4:fa:8f:6d:a9:43:73:e8:68:28:1a:61:14:30:80:
53:5b:6a:5e:1d:37:dc:18:0a:8e:26:a6:37:e5:28:
6f:f3:ec:16:86:c3:9d:14:a7:9e:03:27:df:7e:c7:
01:c6:8e:5f:4c:8d:3d:1d:ed:bf:4d:0c:91:16:66:
f5:f1:ed:41:12:e0:5f:0b:01:91:06:30:ce:95:65:
47:be:aa:72:2c:4c:cc:df:76:37:d8:bb:49:c3:96:
12:02:2c:e8:82:dd:01:dd:80:a7:75:e5:63:50:24:
86:93:fc:94:37:a4:b4:0b:63:24:c7:b4:95:cb:ab:
b0:42:40:5f:5a:34:41:ff:78:31:cc:f5:d9:7b:3a:
91:1f:c3:d5:00:07:af:61:43:06:d0:e0:08:80:01:
87:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:58:2A:29:BC:6C:1D:6F:66:4E:57:C8:25:E7:29:3E:1B:F0:25:06
X509v3 Authority Key Identifier:
keyid:48:AB:F2:9F:DE:F8:57:05:02:F4:B5:1B:E5:FF:C0:5C:4D:9B:34:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SKvyn974VwUC9LUb5f_AXE2bNGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/uFgqKbxsHW9mTlfIJecpPhvwJQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/SKvyn974VwUC9LUb5f_AXE2bNGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:8a85::/32
Signature Algorithm: sha256WithRSAEncryption
22:fd:63:6e:6a:ab:3d:7d:ca:02:a4:48:19:84:02:13:c8:d4:
ac:29:0d:26:93:9a:fe:c0:b4:07:7c:05:50:e6:d1:d4:f5:89:
be:86:1e:c2:58:f0:f1:01:e5:50:01:e9:a2:b1:0c:6c:72:fa:
c7:e7:05:25:56:29:5d:c5:e3:3a:c9:fb:05:8c:0f:29:17:48:
37:50:8d:ac:8a:ce:6c:d6:ca:4c:11:96:17:19:51:a0:de:02:
62:9e:01:cd:52:8e:98:05:aa:f0:a6:99:44:54:f3:49:aa:0f:
69:e9:4c:1a:c2:e9:0a:0f:8a:b8:8e:74:4f:cc:ed:49:14:de:
97:e5:75:ac:48:ac:3f:a4:9a:a5:2f:56:12:f3:39:07:9c:fd:
fb:a6:50:2d:ed:92:31:61:47:0e:c0:9e:30:05:d1:ae:3b:72:
bb:1d:c7:06:86:29:d9:8d:99:1a:dc:f7:b4:7e:4f:38:8e:52:
89:f0:96:b9:7d:58:8e:c8:65:7d:26:99:b7:4d:26:54:bd:d4:
63:e4:83:c3:60:95:69:98:40:1f:2f:35:6d:20:b3:a8:38:5c:
f4:d3:b9:bc:a9:09:67:fb:25:5c:c7:00:14:27:e2:5d:4e:8d:
4f:8b:42:a9:de:c1:b2:26:54:0e:b7:e4:b4:1e:42:48:7b:7c:
36:4e:a2:6a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzIAaHMqAL7AYMPBadLkoOQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4YWJmMjlmZGVmODU3MDUwMmY0YjUxYmU1ZmZjMDVjNGQ5
YjM0NjUwHhcNMjQwMTAyMDIyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODU4MmEyOWJjNmMxZDZmNjY0ZTU3YzgyNWU3MjkzZTFiZjAyNTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomJyYPD96OEW7Oz3Jpx9UbRW3V+o
SECb/BNnruuQgIBE4Yh+rQBEDtX7U8AjRjUmAWxSogTyPbEQrgpsnD1+xWuc9IHF
2exwuYzBTyHtavzDUT1djKHgLzKDqKSUrvCRwYrpEIlllquk+o9tqUNz6GgoGmEU
MIBTW2peHTfcGAqOJqY35Shv8+wWhsOdFKeeAyfffscBxo5fTI09He2/TQyRFmb1
8e1BEuBfCwGRBjDOlWVHvqpyLEzM33Y32LtJw5YSAizogt0B3YCndeVjUCSGk/yU
N6S0C2Mkx7SVy6uwQkBfWjRB/3gxzPXZezqRH8PVAAevYUMG0OAIgAGHUQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLhYKim8bB1vZk5XyCXnKT4b8CUGMB8GA1UdIwQY
MBaAFEir8p/e+FcFAvS1G+X/wFxNmzRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0t2eW45NzRWd1VDOUxVYjVmX0FYRTJiTkdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hZjQxY2ItZmY5MS00NTljLTlhNjQt
YWJhMTEzZjNlM2FlLzEvdUZncUtieHNIVzltVGxmSUplY3BQaHZ3SlFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hZjQxY2ItZmY5MS00NTljLTlhNjQtYWJhMTEzZjNlM2Fl
LzEvU0t2eW45NzRWd1VDOUxVYjVmX0FYRTJiTkdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhGKhTAN
BgkqhkiG9w0BAQsFAAOCAQEAIv1jbmqrPX3KAqRIGYQCE8jUrCkNJpOa/sC0B3wF
UObR1PWJvoYewljw8QHlUAHporEMbHL6x+cFJVYpXcXjOsn7BYwPKRdIN1CNrIrO
bNbKTBGWFxlRoN4CYp4BzVKOmAWq8KaZRFTzSaoPaelMGsLpCg+KuI50T8ztSRTe
l+V1rEisP6SapS9WEvM5B5z9+6ZQLe2SMWFHDsCeMAXRrjtyux3HBoYp2Y2ZGtz3
tH5POI5SifCWuX1YjshlfSaZt00mVL3UY+SDw2CVaZhAHy81bSCzqDhc9NO5vKkJ
Z/slXMcAFCfiXU6NT4tCqd7BsiZUDrfktB5CSHt8Nk6iag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:43 2024 by rpki-client on console-ams.rpki-client.org