Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/5657c8-5037-48cd-8db5-8115df317235/1/UK5ksLHUZyNsM53ymCxLTSgqw2s.roa
File: UK5ksLHUZyNsM53ymCxLTSgqw2s.roa (raw, json)
Hash identifier: M7HIkJ3ezcMF6B2HhweNXQRcWfi2UzRykFDde7TIuZA=
Subject key identifier: 50:AE:64:B0:B1:D4:67:23:6C:33:9D:F2:98:2C:4B:4D:28:2A:C3:6B
Certificate issuer: /CN=f84a65599afb9d8727c3db947effbae2e5b853d1
Certificate serial: 0185704BC60633156A57C94958D92617537D
Authority key identifier: F8:4A:65:59:9A:FB:9D:87:27:C3:DB:94:7E:FF:BA:E2:E5:B8:53:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-EplWZr7nYcnw9uUfv-64uW4U9E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/5657c8-5037-48cd-8db5-8115df317235/1/UK5ksLHUZyNsM53ymCxLTSgqw2s.roa
Signing time: Mon 02 Jan 2023 02:24:52 +0000
ROA not before: Mon 02 Jan 2023 02:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207498
IP address blocks: 212.6.41.0/24 maxlen: 24
2a0d:9b00::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:c6:06:33:15:6a:57:c9:49:58:d9:26:17:53:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f84a65599afb9d8727c3db947effbae2e5b853d1
Validity
Not Before: Jan 2 02:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50ae64b0b1d467236c339df2982c4b4d282ac36b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:3e:49:a7:d6:67:39:23:06:90:bc:42:3e:ec:
b3:90:1f:10:42:84:5d:82:0d:74:57:fe:28:5f:20:
47:58:05:d0:73:96:18:3b:77:6c:b6:f5:70:ee:ab:
1d:e1:60:d4:19:9c:99:b7:2f:7e:3a:3f:2b:88:3f:
b1:42:7c:fe:16:00:06:d1:4d:f6:8c:c1:06:63:6e:
52:37:c4:8b:c1:18:bd:2f:f8:e8:da:07:02:e4:02:
6f:f9:d9:69:09:30:a1:b3:e2:bb:4b:32:35:92:c2:
b4:1b:9f:18:4a:a1:b6:bf:3b:c6:2a:d2:bd:d9:cb:
96:42:7b:36:d0:de:6e:01:ab:e9:78:cf:86:33:25:
6e:02:13:90:ca:b4:a4:6c:25:cf:20:0a:2f:8a:66:
4f:ee:00:c1:29:3b:a5:be:cc:bf:2a:87:8c:be:46:
58:a1:66:76:64:b7:3a:d4:5b:76:a1:37:57:e1:6f:
09:ae:2f:61:3b:bb:ed:c3:56:5b:cf:a6:07:ea:9c:
69:23:28:85:cf:c3:0b:7a:29:2b:81:3d:5d:7a:bb:
4e:87:2f:49:55:b3:45:4b:fd:1e:99:45:85:57:91:
f1:0a:26:64:f4:d6:34:80:49:30:3c:ea:cd:e7:95:
42:5d:c8:41:e8:8e:44:27:b5:ef:1e:da:60:61:e7:
1e:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:AE:64:B0:B1:D4:67:23:6C:33:9D:F2:98:2C:4B:4D:28:2A:C3:6B
X509v3 Authority Key Identifier:
keyid:F8:4A:65:59:9A:FB:9D:87:27:C3:DB:94:7E:FF:BA:E2:E5:B8:53:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-EplWZr7nYcnw9uUfv-64uW4U9E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/5657c8-5037-48cd-8db5-8115df317235/1/UK5ksLHUZyNsM53ymCxLTSgqw2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/5657c8-5037-48cd-8db5-8115df317235/1/1-EplWZr7nYcnw9uUfv-64uW4U9E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.6.41.0/24
IPv6:
2a0d:9b00::/32
Signature Algorithm: sha256WithRSAEncryption
27:ce:97:2f:68:c9:a0:99:fa:a7:5c:a3:51:43:dc:e2:01:43:
0c:d0:21:c2:71:7e:21:57:ef:3a:b3:55:be:6d:78:5c:05:98:
b5:c2:cb:6b:c6:88:69:33:80:cb:3a:e7:fa:af:41:70:d4:fe:
74:5f:2d:02:f6:01:86:41:a1:5a:0a:50:74:39:62:e6:30:62:
d1:4e:59:e5:d7:45:be:c3:37:54:39:53:a9:be:8a:f2:f0:d9:
21:5a:a7:d0:b7:21:7d:88:65:bc:04:b6:63:cd:b2:8c:3f:7e:
94:dd:12:71:0a:4f:e0:41:7b:83:65:0f:45:63:05:bd:10:03:
af:ce:f2:e4:1b:5b:db:5d:72:25:af:46:32:e7:dc:8f:32:eb:
7e:b8:83:0e:aa:cb:3b:88:88:19:fb:f4:93:7e:47:d5:e0:bb:
6c:a1:0b:05:2f:03:b2:4a:57:23:0b:8f:35:9c:86:32:bf:02:
d4:bb:ef:d6:21:7a:4a:b2:a9:db:4c:c3:84:e7:5a:54:c9:17:
db:5c:b4:78:e7:5e:ef:d4:d9:62:d5:46:d4:a0:e6:30:80:e5:
4e:43:ad:03:d0:3f:91:64:03:9e:38:b8:85:36:9d:3d:bd:6d:
82:83:04:5e:83:6f:8f:3b:d8:0a:51:4c:2a:08:de:cf:d8:14:
77:43:9a:d8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwS8YGMxVqV8lJWNkmF1N9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NGE2NTU5OWFmYjlkODcyN2MzZGI5NDdlZmZiYWUyZTVi
ODUzZDEwHhcNMjMwMTAyMDIyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGFlNjRiMGIxZDQ2NzIzNmMzMzlkZjI5ODJjNGI0ZDI4MmFjMzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlT5Jp9ZnOSMGkLxCPuyzkB8QQoRd
gg10V/4oXyBHWAXQc5YYO3dstvVw7qsd4WDUGZyZty9+Oj8riD+xQnz+FgAG0U32
jMEGY25SN8SLwRi9L/jo2gcC5AJv+dlpCTChs+K7SzI1ksK0G58YSqG2vzvGKtK9
2cuWQns20N5uAavpeM+GMyVuAhOQyrSkbCXPIAovimZP7gDBKTulvsy/KoeMvkZY
oWZ2ZLc61Ft2oTdX4W8Jri9hO7vtw1Zbz6YH6pxpIyiFz8MLeikrgT1dertOhy9J
VbNFS/0emUWFV5HxCiZk9NY0gEkwPOrN55VCXchB6I5EJ7XvHtpgYeceJwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFCuZLCx1GcjbDOd8pgsS00oKsNrMB8GA1UdIwQY
MBaAFPhKZVma+52HJ8PblH7/uuLluFPRMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1FcGxXWnI3blljbnc5dVVmdi02NHVXNFU5RS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEvNTY1N2M4LTUwMzctNDhjZC04ZGI1
LTgxMTVkZjMxNzIzNS8xL1VLNWtzTEhVWnlOc001M3ltQ3hMVFNncXcycy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDEvNTY1N2M4LTUwMzctNDhjZC04ZGI1LTgxMTVkZjMxNzIz
NS8xLzEtRXBsV1pyN25ZY253OXVVZnYtNjR1VzRVOUUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBADUBikw
DQQCAAIwBwMFACoNmwAwDQYJKoZIhvcNAQELBQADggEBACfOly9oyaCZ+qdco1FD
3OIBQwzQIcJxfiFX7zqzVb5teFwFmLXCy2vGiGkzgMs65/qvQXDU/nRfLQL2AYZB
oVoKUHQ5YuYwYtFOWeXXRb7DN1Q5U6m+ivLw2SFap9C3IX2IZbwEtmPNsow/fpTd
EnEKT+BBe4NlD0VjBb0QA6/O8uQbW9tdciWvRjLn3I8y6364gw6qyzuIiBn79JN+
R9Xgu2yhCwUvA7JKVyMLjzWchjK/AtS779YhekqyqdtMw4TnWlTJF9tctHjnXu/U
2WLVRtSg5jCA5U5DrQPQP5FkA544uIU2nT29bYKDBF6Db4872ApRTCoI3s/YFHdD
mtg=
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:49:39 2024 by rpki-client on console-fra.rpki-client.org