Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/uGc5EqKq-kVOpbSX0G_cSzXiKtk.roa
File: uGc5EqKq-kVOpbSX0G_cSzXiKtk.roa (raw, json)
Hash identifier: YA8tQdK8VJOL4bkR/bpvKLje7fttvbRmxU0W0Nw95DI=
Subject key identifier: B8:67:39:12:A2:AA:FA:45:4E:A5:B4:97:D0:6F:DC:4B:35:E2:2A:D9
Certificate issuer: /CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Certificate serial: 01909E9F8B68CA848E3C517C68010FF3150F
Authority key identifier: CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/uGc5EqKq-kVOpbSX0G_cSzXiKtk.roa
Signing time: Wed 10 Jul 2024 21:49:34 +0000
ROA not before: Wed 10 Jul 2024 21:49:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30788
IP address blocks: 2a0f:4300::/29 maxlen: 29
2a11:1840::/29 maxlen: 29
2a11:2d80::/29 maxlen: 29
2a11:31c0::/29 maxlen: 29
2a11:3f00::/29 maxlen: 29
2a11:41c0::/29 maxlen: 29
2a12:3cc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 16 Aug 2024 14:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9e:9f:8b:68:ca:84:8e:3c:51:7c:68:01:0f:f3:15:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Validity
Not Before: Jul 10 21:49:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8673912a2aafa454ea5b497d06fdc4b35e22ad9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f7:87:57:38:07:b1:08:68:26:4f:da:d2:2b:
96:98:85:bf:c4:19:8e:c5:20:b8:63:56:ac:ea:2a:
af:7d:cf:d9:0e:f2:50:73:7d:6f:a9:a2:4e:88:a4:
b5:97:39:c4:b9:d0:48:ca:8f:05:05:1c:14:5d:97:
9a:07:be:41:bf:3e:f1:4d:54:fc:43:75:90:25:75:
fd:ae:d7:34:68:cb:26:8e:07:f2:dc:62:7b:b1:bf:
a6:e3:ad:c6:05:fa:e9:8b:de:19:23:f0:aa:77:08:
b7:cb:fa:e3:0b:12:08:43:b0:66:97:e5:24:9b:43:
ce:87:83:cd:6c:73:c6:50:8d:18:e8:b1:70:c5:6c:
04:aa:bf:7e:8f:05:40:76:b6:d1:de:cc:fc:88:18:
39:6c:8d:ed:25:dc:2a:fd:03:d1:f0:74:d3:23:0d:
7a:c1:89:1c:de:09:88:99:89:85:68:3c:0e:3c:c1:
0d:d1:41:73:41:56:d0:92:88:25:41:17:84:26:6f:
a8:38:92:a2:78:45:b9:33:4e:33:de:2d:7b:88:27:
2e:14:42:2c:d5:2b:60:d7:db:d7:fd:60:19:b3:7a:
3c:4f:4f:54:a1:27:b6:af:b6:d9:0e:e5:91:89:e1:
7c:9e:bc:73:9b:00:5c:dc:e0:17:88:e1:4c:fe:3b:
2a:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:67:39:12:A2:AA:FA:45:4E:A5:B4:97:D0:6F:DC:4B:35:E2:2A:D9
X509v3 Authority Key Identifier:
keyid:CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/uGc5EqKq-kVOpbSX0G_cSzXiKtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/zdvvuo_jwfZoyERDhP5KOp9Nh_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:4300::/29
2a11:1840::/29
2a11:2d80::/29
2a11:31c0::/29
2a11:3f00::/29
2a11:41c0::/29
2a12:3cc0::/29
Signature Algorithm: sha256WithRSAEncryption
a7:df:ad:a1:2a:ab:dd:96:aa:ee:e4:05:4d:02:60:bb:85:64:
15:74:8b:26:64:09:81:cc:70:c1:e2:ba:86:49:5f:b3:38:fa:
b3:eb:b8:1e:de:e2:57:3b:c3:f0:06:10:d5:38:fb:dc:2c:0c:
6e:7c:8c:a4:34:1b:dd:9c:a4:93:e8:e2:54:ca:9a:b8:45:61:
65:2e:d2:b5:07:82:0a:5c:32:5a:9a:68:05:28:1a:ad:10:b4:
aa:61:77:4d:83:b7:4d:4a:dd:70:bc:63:a6:6b:c9:9b:63:c9:
aa:41:ed:97:16:ae:18:f3:09:62:7d:b0:26:67:57:44:d5:bf:
30:f2:c9:a9:9b:a0:1f:11:7d:ba:d6:95:da:bb:bc:9d:3f:c2:
47:7f:30:23:3b:06:a3:e6:70:9d:30:7c:0e:7d:a4:0d:c1:0d:
f3:d6:b2:cd:70:30:cf:b1:f7:e8:da:9e:2c:50:3b:05:1f:da:
5d:77:42:cb:0a:40:5e:79:53:d4:ad:02:58:ff:4b:d9:82:24:
7a:db:e5:52:b4:27:b0:4c:94:67:3e:db:e9:e6:c5:c3:3e:0b:
4f:dc:15:78:81:b8:b3:57:12:80:ad:90:9f:9d:78:3e:40:38:
8b:64:09:94:43:d6:11:e8:67:7b:13:13:bb:7a:12:30:9c:bf:
35:52:6f:8c
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZCen4toyoSOPFF8aAEP8xUPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZGJlZmJhOGZlM2MxZjY2OGM4NDQ0Mzg0ZmU0YTNhOWY0
ZDg3ZjEwHhcNMjQwNzEwMjE0OTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODY3MzkxMmEyYWFmYTQ1NGVhNWI0OTdkMDZmZGM0YjM1ZTIyYWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPeHVzgHsQhoJk/a0iuWmIW/xBmO
xSC4Y1as6iqvfc/ZDvJQc31vqaJOiKS1lznEudBIyo8FBRwUXZeaB75Bvz7xTVT8
Q3WQJXX9rtc0aMsmjgfy3GJ7sb+m463GBfrpi94ZI/Cqdwi3y/rjCxIIQ7Bml+Uk
m0POh4PNbHPGUI0Y6LFwxWwEqr9+jwVAdrbR3sz8iBg5bI3tJdwq/QPR8HTTIw16
wYkc3gmImYmFaDwOPMEN0UFzQVbQkoglQReEJm+oOJKieEW5M04z3i17iCcuFEIs
1Stg19vX/WAZs3o8T09UoSe2r7bZDuWRieF8nrxzmwBc3OAXiOFM/jsqnQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFLhnORKiqvpFTqW0l9Bv3Es14irZMB8GA1UdIwQY
MBaAFM3b77qP48H2aMhEQ4T+SjqfTYfxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMt
MWEzOWU2YTZkZTkzLzEvdUdjNUVxS3Eta1ZPcGJTWDBHX2NTelhpS3RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMtMWEzOWU2YTZkZTkz
LzEvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKg9DAAMF
AyoRGEADBQMqES2AAwUDKhExwAMFAyoRPwADBQMqEUHAAwUDKhI8wDANBgkqhkiG
9w0BAQsFAAOCAQEAp9+toSqr3Zaq7uQFTQJgu4VkFXSLJmQJgcxwweK6hklfszj6
s+u4Ht7iVzvD8AYQ1Tj73CwMbnyMpDQb3Zykk+jiVMqauEVhZS7StQeCClwyWppo
BSgarRC0qmF3TYO3TUrdcLxjpmvJm2PJqkHtlxauGPMJYn2wJmdXRNW/MPLJqZug
HxF9utaV2ru8nT/CR38wIzsGo+ZwnTB8Dn2kDcEN89ayzXAwz7H36NqeLFA7BR/a
XXdCywpAXnlT1K0CWP9L2YIketvlUrQnsEyUZz7b6ebFwz4LT9wVeIG4s1cSgK2Q
n514PkA4i2QJlEPWEehnexMTu3oSMJy/NVJvjA==
-----END CERTIFICATE-----
Generated at Fri Aug 16 18:39:58 2024 by rpki-client on console-fra.rpki-client.org