Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/UcbiYnov5XIHnMbudgsCreaH_XM.roa
File: UcbiYnov5XIHnMbudgsCreaH_XM.roa (raw, json)
Hash identifier: okEodlXH/CHO6tU1ZN2zJdSKBoWy5eisS5rz3urt/WY=
Subject key identifier: 51:C6:E2:62:7A:2F:E5:72:07:9C:C6:EE:76:0B:02:AD:E6:87:FD:73
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 018CC56E1CC216A4444D402269B05BF8C056
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/UcbiYnov5XIHnMbudgsCreaH_XM.roa
Signing time: Mon 01 Jan 2024 14:29:37 +0000
ROA not before: Mon 01 Jan 2024 14:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 89.46.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 May 2024 04:36:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:1c:c2:16:a4:44:4d:40:22:69:b0:5b:f8:c0:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: Jan 1 14:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=51c6e2627a2fe572079cc6ee760b02ade687fd73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:62:5e:70:7e:41:1e:57:10:a3:4e:92:7b:97:
15:1f:6d:48:05:60:53:92:f5:56:01:39:70:92:4a:
b6:9c:86:f6:cb:c1:b0:aa:35:12:51:f1:49:e6:04:
b0:6b:b4:ec:6e:3e:cc:a0:ab:28:a9:5a:89:96:49:
61:01:57:be:05:19:9f:45:70:94:a9:2c:31:d7:41:
61:98:ba:92:b6:17:56:fe:80:2e:81:5c:98:d0:05:
fa:3e:ec:81:29:3c:87:85:bd:1b:16:ad:0c:94:5a:
58:70:c8:17:12:34:f3:e8:58:dd:4f:7e:e1:a3:f5:
c1:6a:6e:9a:b8:8c:e8:4e:64:d8:4b:20:5d:6b:2a:
c7:1a:0f:8f:fc:b2:25:df:d6:a5:dc:75:6d:6b:d8:
f2:40:e7:09:d1:9a:3c:31:d0:ca:2d:d6:d7:17:86:
e1:3a:ca:8f:f4:a3:a6:bb:5b:3b:d7:cd:65:ad:5a:
bc:fc:7f:58:28:6b:d9:22:19:39:26:e7:75:11:e6:
5f:e5:c0:b3:59:33:a1:56:ea:c5:4d:d8:6a:3d:6d:
f0:d9:26:ef:3b:ca:37:c5:fd:f6:31:fb:8f:74:26:
58:26:04:12:2a:eb:ca:48:fe:42:d5:89:f6:20:ac:
45:4b:34:f4:e2:8c:32:29:12:ac:c9:ba:95:48:e3:
5c:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:C6:E2:62:7A:2F:E5:72:07:9C:C6:EE:76:0B:02:AD:E6:87:FD:73
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/UcbiYnov5XIHnMbudgsCreaH_XM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.11.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:27:ed:1f:9c:7e:3f:36:fd:1c:f7:75:69:1a:42:6a:c9:f9:
96:c3:d1:c7:62:53:6d:61:5e:da:0d:7d:ba:95:4a:d7:b3:4e:
e1:dd:7f:e4:00:13:28:6b:b6:58:bd:25:89:e6:f7:2e:a2:a1:
0f:05:e5:63:89:f8:90:a4:5a:1a:85:c6:b6:9d:d3:16:2b:3b:
35:20:5d:d8:cf:35:03:86:56:37:05:e8:29:2f:9d:b1:69:ec:
58:ee:a1:fd:54:65:6e:14:10:1b:70:22:8c:e1:db:d7:02:3a:
77:d7:7e:71:d0:25:c2:98:77:33:5e:9f:d9:af:71:9f:fd:5a:
d3:e8:2a:5a:26:7c:f0:ff:c8:e0:71:1d:23:32:2a:88:15:78:
ac:fc:76:36:da:a4:3c:d3:0f:93:d4:a5:f0:3d:da:d5:7d:6e:
3d:9a:26:7a:82:c4:32:7b:f6:2d:ea:3f:8e:de:1f:11:05:45:
f4:33:87:d0:80:91:56:98:b8:fc:42:d8:fc:d5:23:76:dd:cf:
88:92:40:4d:a6:08:60:67:8b:24:1c:ed:cc:1c:f1:62:0d:16:
b3:67:61:30:90:93:9b:86:0b:b8:16:e6:f3:43:e3:ba:35:16:
7e:d0:04:da:91:5c:ca:67:c4:87:97:46:d0:e8:9d:3c:5b:db:
16:bd:e3:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbhzCFqRETUAiabBb+MBWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjQwMTAxMTQyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWM2ZTI2MjdhMmZlNTcyMDc5Y2M2ZWU3NjBiMDJhZGU2ODdmZDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2JecH5BHlcQo06Se5cVH21IBWBT
kvVWATlwkkq2nIb2y8GwqjUSUfFJ5gSwa7Tsbj7MoKsoqVqJlklhAVe+BRmfRXCU
qSwx10FhmLqSthdW/oAugVyY0AX6PuyBKTyHhb0bFq0MlFpYcMgXEjTz6FjdT37h
o/XBam6auIzoTmTYSyBdayrHGg+P/LIl39al3HVta9jyQOcJ0Zo8MdDKLdbXF4bh
OsqP9KOmu1s7181lrVq8/H9YKGvZIhk5Jud1EeZf5cCzWTOhVurFTdhqPW3w2Sbv
O8o3xf32MfuPdCZYJgQSKuvKSP5C1Yn2IKxFSzT04owyKRKsybqVSONcKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFHG4mJ6L+VyB5zG7nYLAq3mh/1zMB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEvVWNiaVlub3Y1WElIbk1idWRnc0NyZWFIX1hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWS4LMA0G
CSqGSIb3DQEBCwUAA4IBAQBLJ+0fnH4/Nv0c93VpGkJqyfmWw9HHYlNtYV7aDX26
lUrXs07h3X/kABMoa7ZYvSWJ5vcuoqEPBeVjifiQpFoahca2ndMWKzs1IF3YzzUD
hlY3BegpL52xaexY7qH9VGVuFBAbcCKM4dvXAjp3135x0CXCmHczXp/Zr3Gf/VrT
6CpaJnzw/8jgcR0jMiqIFXis/HY22qQ80w+T1KXwPdrVfW49miZ6gsQye/Yt6j+O
3h8RBUX0M4fQgJFWmLj8Qtj81SN23c+IkkBNpghgZ4skHO3MHPFiDRazZ2EwkJOb
hgu4FubzQ+O6NRZ+0ATakVzKZ8SHl0bQ6J08W9sWveOC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:14 2024 by rpki-client on console-ams.rpki-client.org