Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/VuLyfac6eWO1dFZGg3O3V8G6XSw.roa
File: VuLyfac6eWO1dFZGg3O3V8G6XSw.roa (raw, json)
Hash identifier: kqgwbatOWUKMqnidpaj6XSbhStgm1wMonoc9pbLeYY4=
Subject key identifier: 56:E2:F2:7D:A7:3A:79:63:B5:74:56:46:83:73:B7:57:C1:BA:5D:2C
Certificate issuer: /CN=3e28d6f13e359dd0bb4534a24655974c57d2b0fe
Certificate serial: 018A5A4BB1AB77A4C02A6F6E26D231E6ACE7
Authority key identifier: 3E:28:D6:F1:3E:35:9D:D0:BB:45:34:A2:46:55:97:4C:57:D2:B0:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PijW8T41ndC7RTSiRlWXTFfSsP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/VuLyfac6eWO1dFZGg3O3V8G6XSw.roa
Signing time: Sun 03 Sep 2023 09:07:04 +0000
ROA not before: Sun 03 Sep 2023 09:07:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198571
IP address blocks: 2a07:db83::/32 maxlen: 32
2a07:db82::/32 maxlen: 32
2a07:db80::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 04 Oct 2023 19:02:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5a:4b:b1:ab:77:a4:c0:2a:6f:6e:26:d2:31:e6:ac:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e28d6f13e359dd0bb4534a24655974c57d2b0fe
Validity
Not Before: Sep 3 09:07:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56e2f27da73a7963b57456468373b757c1ba5d2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a7:78:48:fe:c4:99:df:6e:54:34:eb:51:73:
b0:67:92:02:db:6d:4f:b0:e3:e7:a4:55:26:c1:e2:
6b:cb:28:7a:02:34:4a:4d:e9:b7:1e:64:db:16:02:
4f:13:ca:1c:12:b4:ac:cb:2c:8d:5c:17:1f:f0:03:
a0:d8:93:c7:1d:25:e0:8b:c5:31:11:57:b6:5e:a5:
7b:a8:e8:95:f2:85:77:89:3c:90:86:0f:14:9e:b2:
2e:49:8e:fa:1b:f8:ce:54:ea:b0:24:00:f7:4f:4f:
8d:b9:aa:13:96:91:7a:4f:bf:b9:46:2b:a6:fc:07:
db:fb:be:59:1f:3e:dc:20:33:9d:02:b4:be:7f:81:
f6:7c:f8:64:2f:79:84:5c:27:95:40:90:fc:70:77:
14:ff:ab:4e:81:1c:6b:c8:05:da:81:5c:35:44:18:
e4:01:8b:0c:6d:5c:51:c8:3a:b6:6f:6d:ea:af:f8:
24:fe:67:72:00:56:f8:f0:8a:32:d8:b1:af:31:62:
6f:c0:f0:88:5c:d1:c0:8c:64:8d:eb:21:d0:c4:67:
52:c9:c2:80:49:3e:73:44:5d:75:fb:dd:6b:b3:b5:
72:3c:75:a5:88:ef:c5:93:6a:3c:05:9a:75:86:d4:
f3:bc:6f:7d:6a:12:0c:aa:95:2d:51:fd:a6:b7:fb:
d1:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:E2:F2:7D:A7:3A:79:63:B5:74:56:46:83:73:B7:57:C1:BA:5D:2C
X509v3 Authority Key Identifier:
keyid:3E:28:D6:F1:3E:35:9D:D0:BB:45:34:A2:46:55:97:4C:57:D2:B0:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PijW8T41ndC7RTSiRlWXTFfSsP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/VuLyfac6eWO1dFZGg3O3V8G6XSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/PijW8T41ndC7RTSiRlWXTFfSsP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:db80::/32
2a07:db82::/31
Signature Algorithm: sha256WithRSAEncryption
79:8e:99:ca:c9:13:99:24:1d:71:89:a8:f6:2a:e6:9b:11:c9:
45:dd:92:36:16:af:8b:02:33:3d:69:0a:93:74:12:11:7a:b1:
9a:ef:be:3a:ca:df:8e:ee:c2:54:85:0b:14:83:b7:37:ea:1f:
c4:1d:81:0e:af:17:32:7b:23:65:39:41:27:fa:0f:b5:8e:de:
5f:59:c6:b3:32:6c:8f:65:60:c4:8a:c4:d5:04:0d:da:83:4b:
82:6c:1b:ab:82:45:77:3f:aa:53:fc:57:a5:be:9b:d8:9e:0f:
b0:9e:fb:d3:5d:95:68:9a:88:54:66:3f:e9:27:20:4b:8b:96:
31:c2:02:54:2f:bd:09:66:54:6b:49:35:15:8a:6f:b0:0a:eb:
d1:b6:77:1c:d4:02:ec:a3:93:2e:c1:22:bf:ce:ab:db:5f:2a:
05:21:30:79:22:ce:95:aa:6d:ee:1a:6a:c2:d0:f8:99:9c:bd:
49:44:f7:88:f7:e2:79:1b:f4:cf:2f:2b:25:eb:6c:31:a3:46:
7c:ab:10:ac:8e:e4:4f:20:81:c2:bc:11:a5:f6:b1:b6:8f:f2:
28:41:4b:30:dc:0e:0b:d8:be:3d:b9:84:92:06:98:23:cd:f9:
00:cf:1e:34:1f:a6:2a:a5:17:e7:fa:bf:13:72:be:11:4e:ee:
5b:f7:09:e8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYpaS7Grd6TAKm9uJtIx5qznMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjhkNmYxM2UzNTlkZDBiYjQ1MzRhMjQ2NTU5NzRjNTdk
MmIwZmUwHhcNMjMwOTAzMDkwNzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmUyZjI3ZGE3M2E3OTYzYjU3NDU2NDY4MzczYjc1N2MxYmE1ZDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlad4SP7Emd9uVDTrUXOwZ5IC221P
sOPnpFUmweJryyh6AjRKTem3HmTbFgJPE8ocErSsyyyNXBcf8AOg2JPHHSXgi8Ux
EVe2XqV7qOiV8oV3iTyQhg8UnrIuSY76G/jOVOqwJAD3T0+NuaoTlpF6T7+5Rium
/Afb+75ZHz7cIDOdArS+f4H2fPhkL3mEXCeVQJD8cHcU/6tOgRxryAXagVw1RBjk
AYsMbVxRyDq2b23qr/gk/mdyAFb48Ioy2LGvMWJvwPCIXNHAjGSN6yHQxGdSycKA
ST5zRF11+91rs7VyPHWliO/Fk2o8BZp1htTzvG99ahIMqpUtUf2mt/vRYwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFbi8n2nOnljtXRWRoNzt1fBul0sMB8GA1UdIwQY
MBaAFD4o1vE+NZ3Qu0U0okZVl0xX0rD+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlqVzhUNDFuZEM3UlRTaVJsV1hURmZTc1A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy82NDUwMzgtMjU1Yi00NGRmLWFlOGEt
NTQ4ODE2OTExOWU4LzEvVnVMeWZhYzZlV08xZEZaR2czTzNWOEc2WFN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy82NDUwMzgtMjU1Yi00NGRmLWFlOGEtNTQ4ODE2OTExOWU4
LzEvUGlqVzhUNDFuZEM3UlRTaVJsV1hURmZTc1A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgfbgAMF
ASoH24IwDQYJKoZIhvcNAQELBQADggEBAHmOmcrJE5kkHXGJqPYq5psRyUXdkjYW
r4sCMz1pCpN0EhF6sZrvvjrK347uwlSFCxSDtzfqH8QdgQ6vFzJ7I2U5QSf6D7WO
3l9ZxrMybI9lYMSKxNUEDdqDS4JsG6uCRXc/qlP8V6W+m9ieD7Ce+9NdlWiaiFRm
P+knIEuLljHCAlQvvQlmVGtJNRWKb7AK69G2dxzUAuyjky7BIr/Oq9tfKgUhMHki
zpWqbe4aasLQ+JmcvUlE94j34nkb9M8vKyXrbDGjRnyrEKyO5E8ggcK8EaX2sbaP
8ihBSzDcDgvYvj25hJIGmCPN+QDPHjQfpiqlF+f6vxNyvhFO7lv3Ceg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:14 2024 by rpki-client on console-fra.rpki-client.org