Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/f8aa40-23e1-45f6-84f3-08b4205067b3/1/UfwTr4lAYGAMBKZy02WOSBW3azs.roa
File: UfwTr4lAYGAMBKZy02WOSBW3azs.roa (raw, json)
Hash identifier: 3fm6Gik90b0TLJIkKwGNPDWSNDtnPC78ETl8cFM4oH0=
Subject key identifier: 51:FC:13:AF:89:40:60:60:0C:04:A6:72:D3:65:8E:48:15:B7:6B:3B
Certificate issuer: /CN=755397e4fac505622aba4868b9091c4e3ffff6fd
Certificate serial: 01856F1DB1FD3C3D66DA9C49DDCF6E34180B
Authority key identifier: 75:53:97:E4:FA:C5:05:62:2A:BA:48:68:B9:09:1C:4E:3F:FF:F6:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dVOX5PrFBWIqukhouQkcTj__9v0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/f8aa40-23e1-45f6-84f3-08b4205067b3/1/UfwTr4lAYGAMBKZy02WOSBW3azs.roa
Signing time: Sun 01 Jan 2023 20:54:55 +0000
ROA not before: Sun 01 Jan 2023 20:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206479
IP address blocks: 2001:67c:16c8::/48 maxlen: 128
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:b1:fd:3c:3d:66:da:9c:49:dd:cf:6e:34:18:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=755397e4fac505622aba4868b9091c4e3ffff6fd
Validity
Not Before: Jan 1 20:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51fc13af894060600c04a672d3658e4815b76b3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:c9:8a:e3:b6:c9:60:9b:68:d0:92:65:ec:57:
00:8f:57:d6:eb:94:d3:1b:ea:79:84:ea:dd:ea:4b:
94:14:82:08:54:65:71:5a:4d:50:95:02:62:ca:cf:
14:c2:dc:85:8c:c2:e5:98:a4:c0:56:73:b0:c2:be:
e9:9a:42:b5:04:49:67:4b:1f:72:7d:62:72:3e:6a:
38:2d:67:82:f8:5c:cd:f4:5e:8a:da:af:27:c3:1d:
c0:11:a3:2d:08:70:8c:3b:3b:aa:f4:4e:b2:0e:af:
9a:4a:e2:8a:c6:e3:03:ee:4b:ed:99:db:71:ef:aa:
0c:13:7f:3a:90:d9:e3:61:17:dd:90:10:c9:11:88:
db:4c:9a:5c:00:c2:23:fc:07:60:6e:4f:88:27:4b:
db:1a:68:69:47:39:91:ab:7f:5e:19:cf:57:6b:f9:
ac:17:eb:a7:2b:80:8b:a1:27:42:ba:6f:90:6e:2d:
bc:57:e7:7b:17:dc:26:a5:4d:40:87:a7:dd:1b:af:
7c:a4:3f:b6:1a:82:05:b0:87:f1:2e:fa:e6:c0:ce:
0c:0e:c9:ba:38:a3:1c:de:57:21:62:62:ed:3c:51:
23:6e:a9:3d:b7:1f:86:3b:8c:0b:29:b5:91:f8:ab:
dc:e1:9d:f4:36:16:27:40:64:1f:55:fd:cc:2a:58:
60:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:FC:13:AF:89:40:60:60:0C:04:A6:72:D3:65:8E:48:15:B7:6B:3B
X509v3 Authority Key Identifier:
keyid:75:53:97:E4:FA:C5:05:62:2A:BA:48:68:B9:09:1C:4E:3F:FF:F6:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dVOX5PrFBWIqukhouQkcTj__9v0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/f8aa40-23e1-45f6-84f3-08b4205067b3/1/UfwTr4lAYGAMBKZy02WOSBW3azs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/f8aa40-23e1-45f6-84f3-08b4205067b3/1/dVOX5PrFBWIqukhouQkcTj__9v0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:16c8::/48
Signature Algorithm: sha256WithRSAEncryption
ab:c4:8b:f8:6d:ae:a2:ce:d1:f8:78:77:cd:c6:99:dc:96:c8:
6b:26:d0:6d:d9:e8:62:67:55:9c:16:22:0a:13:40:85:48:b2:
57:a5:02:ff:e5:39:9c:63:2e:98:dd:e8:9d:3e:e6:03:91:8b:
e5:03:0f:94:80:1c:ef:34:20:e0:26:d2:42:ae:9f:30:7b:99:
e8:4b:69:09:d2:84:e1:83:1f:47:b1:22:e3:b0:7f:27:33:33:
8f:47:00:78:9c:a6:ab:dd:04:21:48:b2:77:2e:41:98:7f:29:
24:9a:ad:70:67:ff:e9:ee:45:96:c3:4c:de:7d:79:3a:c8:f9:
f4:2c:62:f4:b4:1e:1b:98:d6:69:c2:8f:f4:f9:8b:ff:7a:66:
c2:bb:27:23:2d:65:c2:52:02:44:01:8a:0f:03:d6:a9:25:59:
b5:01:f6:dd:a8:e5:a5:aa:f8:d9:97:1b:4e:3e:19:21:17:d5:
22:a0:97:cd:d1:d4:5d:f7:e1:97:31:ba:d2:dd:3b:16:e6:40:
f4:8b:bc:5a:a1:41:f0:c3:ef:35:e8:f0:2b:67:a5:c3:98:4f:
ef:df:18:79:83:9f:ae:be:8e:c1:a4:ac:2a:80:bd:a0:18:da:
cc:83:3c:66:a3:c3:b4:6e:1e:6c:56:30:19:e1:70:2c:d6:aa:
5a:e4:ea:71
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvHbH9PD1m2pxJ3c9uNBgLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NTM5N2U0ZmFjNTA1NjIyYWJhNDg2OGI5MDkxYzRlM2Zm
ZmY2ZmQwHhcNMjMwMTAxMjA1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWZjMTNhZjg5NDA2MDYwMGMwNGE2NzJkMzY1OGU0ODE1Yjc2YjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMmK47bJYJto0JJl7FcAj1fW65TT
G+p5hOrd6kuUFIIIVGVxWk1QlQJiys8UwtyFjMLlmKTAVnOwwr7pmkK1BElnSx9y
fWJyPmo4LWeC+FzN9F6K2q8nwx3AEaMtCHCMOzuq9E6yDq+aSuKKxuMD7kvtmdtx
76oME386kNnjYRfdkBDJEYjbTJpcAMIj/Adgbk+IJ0vbGmhpRzmRq39eGc9Xa/ms
F+unK4CLoSdCum+Qbi28V+d7F9wmpU1Ah6fdG698pD+2GoIFsIfxLvrmwM4MDsm6
OKMc3lchYmLtPFEjbqk9tx+GO4wLKbWR+Kvc4Z30NhYnQGQfVf3MKlhgawIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFH8E6+JQGBgDASmctNljkgVt2s7MB8GA1UdIwQY
MBaAFHVTl+T6xQViKrpIaLkJHE4///b9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFZPWDVQckZCV0lxdWtob3VRa2NUal9fOXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9mOGFhNDAtMjNlMS00NWY2LTg0ZjMt
MDhiNDIwNTA2N2IzLzEvVWZ3VHI0bEFZR0FNQktaeTAyV09TQlczYXpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9mOGFhNDAtMjNlMS00NWY2LTg0ZjMtMDhiNDIwNTA2N2Iz
LzEvZFZPWDVQckZCV0lxdWtob3VRa2NUal9fOXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBbI
MA0GCSqGSIb3DQEBCwUAA4IBAQCrxIv4ba6iztH4eHfNxpnclshrJtBt2ehiZ1Wc
FiIKE0CFSLJXpQL/5TmcYy6Y3eidPuYDkYvlAw+UgBzvNCDgJtJCrp8we5noS2kJ
0oThgx9HsSLjsH8nMzOPRwB4nKar3QQhSLJ3LkGYfykkmq1wZ//p7kWWw0zefXk6
yPn0LGL0tB4bmNZpwo/0+Yv/embCuycjLWXCUgJEAYoPA9apJVm1AfbdqOWlqvjZ
lxtOPhkhF9UioJfN0dRd9+GXMbrS3TsW5kD0i7xaoUHww+816PArZ6XDmE/v3xh5
g5+uvo7BpKwqgL2gGNrMgzxmo8O0bh5sVjAZ4XAs1qpa5Opx
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:38 2024 by rpki-client on console-ams.rpki-client.org