Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/UG1ZsZAHLwJ7B56BI8w6-aXDUBk.roa
File: UG1ZsZAHLwJ7B56BI8w6-aXDUBk.roa (raw, json)
Hash identifier: aZZBFm4HlI1TB4Rn+cq6f6zbXHmBkdc5uymqLmQRH4Y=
Subject key identifier: 50:6D:59:B1:90:07:2F:02:7B:07:9E:81:23:CC:3A:F9:A5:C3:50:19
Certificate issuer: /CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Certificate serial: 018572EC870767CE6302C829BAD938A86D15
Authority key identifier: 2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/UG1ZsZAHLwJ7B56BI8w6-aXDUBk.roa
Signing time: Mon 02 Jan 2023 14:39:41 +0000
ROA not before: Mon 02 Jan 2023 14:39:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34465
IP address blocks: 2a12:8fc6:cd02::/48 maxlen: 48
2a12:8fc6:ace2::/48 maxlen: 48
2a12:8fc6:ace1::/48 maxlen: 48
2a12:8fc6:cd01::/48 maxlen: 48
2a12:8fc6:cae1::/48 maxlen: 48
2a12:8fc6::/32 maxlen: 32
2a12:8fc6:ce00::/48 maxlen: 48
2a12:8fc6:cd00::/48 maxlen: 48
2a12:8fc6:faa0::/48 maxlen: 48
2a12:8fc6:ca00::/48 maxlen: 48
2a12:8fc6:aa00::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 24 Jan 2023 20:13:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ec:87:07:67:ce:63:02:c8:29:ba:d9:38:a8:6d:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Validity
Not Before: Jan 2 14:39:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=506d59b190072f027b079e8123cc3af9a5c35019
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b1:99:40:1d:a3:f0:f3:da:2a:35:49:23:7e:
09:b0:50:a9:7b:2a:47:35:71:53:cc:b7:37:6a:03:
47:1e:9b:47:80:14:1b:0f:c7:7d:f0:10:98:0b:7c:
81:46:67:c3:c4:b4:b4:a5:88:2c:de:35:9d:f5:e8:
78:b8:9b:e7:4b:18:8a:bb:ae:60:ae:54:4b:8f:87:
b0:a4:4a:f3:c2:4d:c0:a0:da:9f:83:10:e9:80:bf:
d0:0f:68:75:8b:b8:8e:23:73:fd:0b:2b:f1:1e:10:
d6:ec:71:5b:6f:b5:4a:82:21:65:2f:8e:03:a0:90:
29:f1:75:03:64:39:7b:8f:a7:32:c0:02:c2:b3:24:
21:8d:19:6d:1d:2c:af:ad:d9:13:a9:2e:d6:b0:7f:
68:f1:f9:3d:43:4a:47:b1:00:a4:53:49:71:50:d9:
e5:80:f6:05:c5:ee:b7:df:a9:56:27:e4:de:ed:30:
b9:50:03:81:d5:08:42:49:42:d6:ea:6f:2e:f7:c2:
b6:1c:a6:72:b3:54:6c:3c:12:f7:b5:93:ae:dc:dd:
af:09:6e:15:02:58:ef:0c:a1:1a:04:9d:80:8f:f7:
b2:ab:2c:b5:34:2e:ff:2e:02:27:de:6f:49:43:87:
40:2b:10:d8:2f:8f:ee:aa:3f:3c:07:28:a7:6a:ad:
d9:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:6D:59:B1:90:07:2F:02:7B:07:9E:81:23:CC:3A:F9:A5:C3:50:19
X509v3 Authority Key Identifier:
keyid:2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/UG1ZsZAHLwJ7B56BI8w6-aXDUBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:8fc6::/32
Signature Algorithm: sha256WithRSAEncryption
b0:c8:87:e1:f7:5f:b5:09:bc:be:4c:5c:a0:eb:ff:3f:62:ba:
e8:ae:bc:54:0b:df:0a:9e:c9:99:f5:15:4c:08:14:40:84:c5:
99:dc:55:90:35:81:c6:dd:a0:c6:e9:77:9e:cc:a6:ad:82:00:
54:7a:3e:96:7c:95:46:63:a4:6e:9a:f0:ad:5e:6c:32:a2:a8:
df:ce:01:28:c6:17:38:0d:26:9e:af:31:06:74:c4:4a:a4:21:
c5:7e:af:b0:ad:fe:7e:f9:c1:4a:3e:41:4d:a3:e2:ce:e9:f1:
da:d5:d6:99:0a:c3:5e:01:27:67:6e:d5:78:52:fe:36:f7:a1:
b4:e6:f4:b9:c8:4c:a1:9b:14:90:ac:cd:cf:29:8a:05:1e:39:
6a:bd:23:2f:b4:7d:c1:95:f8:ac:dc:95:fb:28:68:46:f3:8d:
bd:1d:9b:71:d2:3c:bd:7b:0f:72:51:4b:c4:8e:b0:42:b6:05:
85:72:6d:a2:11:e8:aa:a2:00:bd:ee:7c:61:d3:73:f2:00:01:
9b:a2:ff:d6:ba:5f:03:33:e4:6d:c8:a0:4d:55:b0:2f:39:80:
12:05:54:f7:c0:f9:df:5a:0f:42:97:a1:91:0b:e5:81:c6:64:
52:37:6b:8d:df:2b:35:96:0f:69:c3:e8:de:20:03:f9:ee:5e:
e4:66:10:f4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVy7IcHZ85jAsgputk4qG0VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTY3ZTc3MmNjNzI5ODMwNWExMWZmYTY1ZGQxODVmNmE1
ODkxMGIwHhcNMjMwMTAyMTQzOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDZkNTliMTkwMDcyZjAyN2IwNzllODEyM2NjM2FmOWE1YzM1MDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7GZQB2j8PPaKjVJI34JsFCpeypH
NXFTzLc3agNHHptHgBQbD8d98BCYC3yBRmfDxLS0pYgs3jWd9eh4uJvnSxiKu65g
rlRLj4ewpErzwk3AoNqfgxDpgL/QD2h1i7iOI3P9CyvxHhDW7HFbb7VKgiFlL44D
oJAp8XUDZDl7j6cywALCsyQhjRltHSyvrdkTqS7WsH9o8fk9Q0pHsQCkU0lxUNnl
gPYFxe6336lWJ+Te7TC5UAOB1QhCSULW6m8u98K2HKZys1RsPBL3tZOu3N2vCW4V
AljvDKEaBJ2Aj/eyqyy1NC7/LgIn3m9JQ4dAKxDYL4/uqj88Byinaq3Z0wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFBtWbGQBy8CeweegSPMOvmlw1AZMB8GA1UdIwQY
MBaAFCuWfncsxymDBaEf+mXdGF9qWJELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEt
NThjOTZkNjZmMGExLzEvVUcxWnNaQUhMd0o3QjU2Qkk4dzYtYVhEVUJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEtNThjOTZkNjZmMGEx
LzEvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhKPxjAN
BgkqhkiG9w0BAQsFAAOCAQEAsMiH4fdftQm8vkxcoOv/P2K66K68VAvfCp7JmfUV
TAgUQITFmdxVkDWBxt2gxul3nsymrYIAVHo+lnyVRmOkbprwrV5sMqKo384BKMYX
OA0mnq8xBnTESqQhxX6vsK3+fvnBSj5BTaPizunx2tXWmQrDXgEnZ27VeFL+Nveh
tOb0uchMoZsUkKzNzymKBR45ar0jL7R9wZX4rNyV+yhoRvONvR2bcdI8vXsPclFL
xI6wQrYFhXJtohHoqqIAve58YdNz8gABm6L/1rpfAzPkbcigTVWwLzmAEgVU98D5
31oPQpehkQvlgcZkUjdrjd8rNZYPacPo3iAD+e5e5GYQ9A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:13 2024 by rpki-client on console-fra.rpki-client.org