Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/aa443e-2d40-4dfc-ac4d-4509d228fc6f/1/U-uJH9bzRlbVhzcrcc_ttD5ieGc.roa
File: U-uJH9bzRlbVhzcrcc_ttD5ieGc.roa (raw, json)
Hash identifier: oNPkwyMBFafKj/GgNu5r8jw7gWhG0JoQNVzBnHnwNYs=
Subject key identifier: 53:EB:89:1F:D6:F3:46:56:D5:87:37:2B:71:CF:ED:B4:3E:62:78:67
Certificate issuer: /CN=786ee09fe5437ccd0bcbecfaa970de31ec9d86ed
Certificate serial: 018CC8DEFF1869555023FEC0DB48B6265EC2
Authority key identifier: 78:6E:E0:9F:E5:43:7C:CD:0B:CB:EC:FA:A9:70:DE:31:EC:9D:86:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eG7gn-VDfM0Ly-z6qXDeMeydhu0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/aa443e-2d40-4dfc-ac4d-4509d228fc6f/1/U-uJH9bzRlbVhzcrcc_ttD5ieGc.roa
Signing time: Tue 02 Jan 2024 06:31:46 +0000
ROA not before: Tue 02 Jan 2024 06:31:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29608
IP address blocks: 2001:678:938::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:ff:18:69:55:50:23:fe:c0:db:48:b6:26:5e:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=786ee09fe5437ccd0bcbecfaa970de31ec9d86ed
Validity
Not Before: Jan 2 06:31:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53eb891fd6f34656d587372b71cfedb43e627867
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:46:1f:8f:ad:90:df:53:2f:c5:7c:92:4e:65:
a5:4b:50:ae:ed:fb:6e:2a:32:f7:55:86:98:04:5f:
35:64:ea:c2:b1:e5:ed:58:ae:2d:7d:a4:c8:b0:41:
d6:a0:db:85:88:15:c5:6e:c1:c0:d8:4b:d3:ae:16:
8b:39:5d:60:2e:f5:9a:48:2b:e5:44:e9:c2:a5:b8:
cf:a0:ed:49:42:2c:93:1b:f9:3e:8f:ce:21:9e:7e:
cd:b4:91:b2:8a:6d:f1:2f:74:83:50:d1:06:2b:82:
2d:d1:b5:52:aa:95:c9:5f:a0:38:ff:e6:28:67:05:
7e:5d:dc:26:a4:5f:be:c5:26:44:95:96:5f:64:ad:
d1:fb:9b:95:a0:02:4c:20:0f:97:1d:f3:41:df:54:
38:b1:27:12:ed:44:2f:16:a1:36:63:37:fd:ed:cc:
8b:5e:7c:52:05:05:70:dc:cd:1e:b9:15:6b:d4:c3:
8a:1b:42:ef:76:58:a4:62:5e:25:d3:61:05:be:a7:
ff:cd:d4:42:3d:66:93:9e:80:e6:a1:5d:2b:4f:92:
56:ca:62:d5:21:cb:db:44:d2:b8:c0:6a:5a:2e:1f:
8f:ee:37:d3:17:e2:b2:d2:09:5d:3e:ec:68:28:d4:
a2:13:7a:fe:4d:2e:d8:4c:67:7e:69:c1:83:18:2f:
03:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:EB:89:1F:D6:F3:46:56:D5:87:37:2B:71:CF:ED:B4:3E:62:78:67
X509v3 Authority Key Identifier:
keyid:78:6E:E0:9F:E5:43:7C:CD:0B:CB:EC:FA:A9:70:DE:31:EC:9D:86:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eG7gn-VDfM0Ly-z6qXDeMeydhu0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/aa443e-2d40-4dfc-ac4d-4509d228fc6f/1/U-uJH9bzRlbVhzcrcc_ttD5ieGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/aa443e-2d40-4dfc-ac4d-4509d228fc6f/1/eG7gn-VDfM0Ly-z6qXDeMeydhu0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:938::/48
Signature Algorithm: sha256WithRSAEncryption
9d:32:cd:88:42:30:c0:9f:6d:7c:7d:c4:dd:33:e2:04:bf:69:
35:24:8c:a2:fa:c7:00:f2:52:2d:bb:2e:cf:15:7d:e3:3e:29:
bb:4e:77:ec:b9:3d:98:3d:0a:1c:90:c7:eb:fb:a5:8c:d8:5b:
fe:64:4a:24:3e:49:d7:80:ae:8c:b5:23:a9:d9:07:98:b0:c5:
65:4d:9e:ad:2e:50:9e:0a:a6:b6:da:52:17:69:aa:85:20:b9:
53:3f:7f:f1:59:2f:40:1d:79:af:fc:55:96:d6:c7:8e:9f:ec:
e2:d0:c6:81:27:cd:b6:00:1f:07:b9:bc:98:cd:b2:8d:d3:0c:
7e:15:81:97:aa:cf:f5:b7:eb:32:10:9b:1a:13:54:56:e8:79:
a9:51:2a:3a:b3:c8:1c:4b:e2:1f:0c:60:7d:ba:14:0f:64:49:
b0:07:4b:73:f4:fd:d4:0e:af:2e:38:50:2c:6a:3a:23:2e:20:
10:53:7f:a8:e3:2c:ab:2d:32:4d:47:d5:f8:e9:7d:c2:7f:b6:
5f:15:49:02:f5:a9:e5:7d:e0:dc:77:7d:05:05:f9:bf:7c:de:
80:1e:5f:a9:32:43:e7:9e:57:3a:f7:04:f8:2b:e4:4a:70:56:
c1:88:bc:e9:98:48:a1:52:0b:fa:9a:8f:cc:9b:87:e9:8c:be:
91:ce:5b:fc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzI3v8YaVVQI/7A20i2Jl7CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4NmVlMDlmZTU0MzdjY2QwYmNiZWNmYWE5NzBkZTMxZWM5
ZDg2ZWQwHhcNMjQwMTAyMDYzMTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2ViODkxZmQ2ZjM0NjU2ZDU4NzM3MmI3MWNmZWRiNDNlNjI3ODY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuEYfj62Q31MvxXySTmWlS1Cu7ftu
KjL3VYaYBF81ZOrCseXtWK4tfaTIsEHWoNuFiBXFbsHA2EvTrhaLOV1gLvWaSCvl
ROnCpbjPoO1JQiyTG/k+j84hnn7NtJGyim3xL3SDUNEGK4It0bVSqpXJX6A4/+Yo
ZwV+XdwmpF++xSZElZZfZK3R+5uVoAJMIA+XHfNB31Q4sScS7UQvFqE2Yzf97cyL
XnxSBQVw3M0euRVr1MOKG0LvdlikYl4l02EFvqf/zdRCPWaTnoDmoV0rT5JWymLV
IcvbRNK4wGpaLh+P7jfTF+Ky0gldPuxoKNSiE3r+TS7YTGd+acGDGC8D5QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFPriR/W80ZW1Yc3K3HP7bQ+YnhnMB8GA1UdIwQY
MBaAFHhu4J/lQ3zNC8vs+qlw3jHsnYbtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUc3Z24tVkRmTTBMeS16NnFYRGVNZXlkaHUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9hYTQ0M2UtMmQ0MC00ZGZjLWFjNGQt
NDUwOWQyMjhmYzZmLzEvVS11Skg5YnpSbGJWaHpjcmNjX3R0RDVpZUdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9hYTQ0M2UtMmQ0MC00ZGZjLWFjNGQtNDUwOWQyMjhmYzZm
LzEvZUc3Z24tVkRmTTBMeS16NnFYRGVNZXlkaHUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAk4
MA0GCSqGSIb3DQEBCwUAA4IBAQCdMs2IQjDAn218fcTdM+IEv2k1JIyi+scA8lIt
uy7PFX3jPim7TnfsuT2YPQockMfr+6WM2Fv+ZEokPknXgK6MtSOp2QeYsMVlTZ6t
LlCeCqa22lIXaaqFILlTP3/xWS9AHXmv/FWW1seOn+zi0MaBJ822AB8HubyYzbKN
0wx+FYGXqs/1t+syEJsaE1RW6HmpUSo6s8gcS+IfDGB9uhQPZEmwB0tz9P3UDq8u
OFAsajojLiAQU3+o4yyrLTJNR9X46X3Cf7ZfFUkC9anlfeDcd30FBfm/fN6AHl+p
MkPnnlc69wT4K+RKcFbBiLzpmEihUgv6mo/Mm4fpjL6Rzlv8
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:38:19 2025 by rpki-client