Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/UlKR-LNM5DGORngy7eIe9T7zQy4.roa
File: UlKR-LNM5DGORngy7eIe9T7zQy4.roa (raw, json)
Hash identifier: 3RnNVdxSRq9ArRywry66F6G4KE+gMvSw+TQ4PNgFWLQ=
Subject key identifier: 52:52:91:F8:B3:4C:E4:31:8E:46:78:32:ED:E2:1E:F5:3E:F3:43:2E
Certificate issuer: /CN=17526ccac4f9064e058549b30172c84439787fbc
Certificate serial: 018A5A5B4144F0EB7FF0E370EED2B830F916
Authority key identifier: 17:52:6C:CA:C4:F9:06:4E:05:85:49:B3:01:72:C8:44:39:78:7F:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F1JsysT5Bk4FhUmzAXLIRDl4f7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/UlKR-LNM5DGORngy7eIe9T7zQy4.roa
Signing time: Sun 03 Sep 2023 09:24:04 +0000
ROA not before: Sun 03 Sep 2023 09:24:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137409
IP address blocks: 2a0c:b6c1::/32 maxlen: 32
2a0c:b6c0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5a:5b:41:44:f0:eb:7f:f0:e3:70:ee:d2:b8:30:f9:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17526ccac4f9064e058549b30172c84439787fbc
Validity
Not Before: Sep 3 09:24:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=525291f8b34ce4318e467832ede21ef53ef3432e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:d6:f7:5a:19:db:0c:b0:6e:c1:11:ca:0c:05:
93:1f:ae:4b:b9:b6:4d:f4:5e:53:9a:93:bd:e6:f5:
bb:75:fd:43:6d:9b:1d:92:9f:ed:6c:2a:93:e4:f5:
b4:53:d2:43:b2:16:44:87:1f:b8:f3:57:eb:13:cc:
1b:d3:e9:c6:36:ef:98:73:fe:e3:d8:8b:f6:60:47:
92:06:16:d0:b7:d4:85:bc:06:39:5b:80:43:4d:ab:
11:ab:7c:38:52:d3:fd:fe:89:d9:dc:93:9b:d5:a4:
ca:6c:86:93:71:33:46:9f:87:d6:47:48:34:71:b3:
26:63:34:78:47:7c:d6:95:79:6f:92:26:ca:74:9d:
6f:a3:21:df:97:2d:18:56:ea:ed:9e:1a:64:b0:e1:
ce:5c:5a:53:f5:64:d9:d4:79:0f:38:55:91:a3:eb:
bf:d7:3e:fe:39:98:74:46:28:c1:4c:39:dd:62:60:
11:8e:5b:b2:59:dc:f8:6c:a9:d7:fe:ba:ce:bc:33:
a5:47:96:b0:16:dd:bf:43:b8:ee:a8:09:91:7b:d9:
18:3f:37:b4:7a:f6:fa:c0:69:fa:76:3a:6a:2e:e1:
cc:c4:ab:ea:00:70:f3:71:82:78:d8:87:3f:9d:10:
51:ba:19:a8:61:98:aa:54:07:9a:48:92:8b:a4:b3:
e4:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:52:91:F8:B3:4C:E4:31:8E:46:78:32:ED:E2:1E:F5:3E:F3:43:2E
X509v3 Authority Key Identifier:
keyid:17:52:6C:CA:C4:F9:06:4E:05:85:49:B3:01:72:C8:44:39:78:7F:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F1JsysT5Bk4FhUmzAXLIRDl4f7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/UlKR-LNM5DGORngy7eIe9T7zQy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/F1JsysT5Bk4FhUmzAXLIRDl4f7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b6c0::/31
Signature Algorithm: sha256WithRSAEncryption
4a:f2:96:ad:d3:6c:21:24:87:68:c6:2f:3c:6d:3f:b5:8a:a4:
78:78:ac:54:07:ad:da:ec:4c:0f:77:4c:da:5d:45:27:f5:f7:
d1:38:5a:90:3a:44:3e:cb:a7:f8:1f:ed:31:7a:b6:e0:71:4b:
fa:a3:b7:4c:02:e5:4c:1b:ef:36:6e:6a:b4:ab:b5:92:a3:1b:
2b:96:83:51:40:c8:68:67:be:e1:a0:9c:cc:4b:a4:13:78:c6:
57:b0:4f:b2:45:28:d7:85:9a:a0:8e:49:14:e9:4d:58:c0:38:
19:f5:ae:6c:57:8c:35:97:e7:59:32:c5:a5:32:41:7e:e3:44:
20:00:e7:74:a5:fe:07:19:ad:58:bd:74:83:9b:32:b3:64:77:
cf:c4:c0:f5:f4:f4:42:68:b0:83:7f:ea:3d:39:35:41:0e:4e:
60:3b:e1:98:8d:5e:6c:31:ac:f0:d4:7e:cb:9f:a4:da:5d:ec:
26:af:a3:a5:8c:e1:e9:d4:4a:2e:71:22:f8:de:da:cc:6a:5c:
6f:98:d9:44:af:8b:29:c1:6c:6c:0d:f7:30:ba:ba:32:7f:9e:
d5:52:31:23:3b:ba:b6:0c:34:0f:1a:fb:9d:42:97:d6:b0:05:
b4:e9:a2:50:18:84:19:37:6c:cc:3d:ba:1d:22:3b:82:85:47:
07:3a:8a:de
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYpaW0FE8Ot/8ONw7tK4MPkWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NTI2Y2NhYzRmOTA2NGUwNTg1NDliMzAxNzJjODQ0Mzk3
ODdmYmMwHhcNMjMwOTAzMDkyNDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjUyOTFmOGIzNGNlNDMxOGU0Njc4MzJlZGUyMWVmNTNlZjM0MzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitb3WhnbDLBuwRHKDAWTH65LubZN
9F5TmpO95vW7df1DbZsdkp/tbCqT5PW0U9JDshZEhx+481frE8wb0+nGNu+Yc/7j
2Iv2YEeSBhbQt9SFvAY5W4BDTasRq3w4UtP9/onZ3JOb1aTKbIaTcTNGn4fWR0g0
cbMmYzR4R3zWlXlvkibKdJ1voyHfly0YVurtnhpksOHOXFpT9WTZ1HkPOFWRo+u/
1z7+OZh0RijBTDndYmARjluyWdz4bKnX/rrOvDOlR5awFt2/Q7juqAmRe9kYPze0
evb6wGn6djpqLuHMxKvqAHDzcYJ42Ic/nRBRuhmoYZiqVAeaSJKLpLPkYwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFJSkfizTOQxjkZ4Mu3iHvU+80MuMB8GA1UdIwQY
MBaAFBdSbMrE+QZOBYVJswFyyEQ5eH+8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjFKc3lzVDVCazRGaFVtekFYTElSRGw0Zjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9jOWFhODEtNWJmZC00NTM1LTk2MDYt
OTQxY2M2YTdiYWQ5LzEvVWxLUi1MTk01REdPUm5neTdlSWU5VDd6UXk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9jOWFhODEtNWJmZC00NTM1LTk2MDYtOTQxY2M2YTdiYWQ5
LzEvRjFKc3lzVDVCazRGaFVtekFYTElSRGw0Zjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUBKgy2wDAN
BgkqhkiG9w0BAQsFAAOCAQEASvKWrdNsISSHaMYvPG0/tYqkeHisVAet2uxMD3dM
2l1FJ/X30ThakDpEPsun+B/tMXq24HFL+qO3TALlTBvvNm5qtKu1kqMbK5aDUUDI
aGe+4aCczEukE3jGV7BPskUo14WaoI5JFOlNWMA4GfWubFeMNZfnWTLFpTJBfuNE
IADndKX+BxmtWL10g5sys2R3z8TA9fT0Qmiwg3/qPTk1QQ5OYDvhmI1ebDGs8NR+
y5+k2l3sJq+jpYzh6dRKLnEi+N7azGpcb5jZRK+LKcFsbA33MLq6Mn+e1VIxIzu6
tgw0Dxr7nUKX1rAFtOmiUBiEGTdszD26HSI7goVHBzqK3g==
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:30 2024 by rpki-client on console-fra.rpki-client.org