Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0UKJZPwCusxa4fAVncma09M8caE.roa
File: 0UKJZPwCusxa4fAVncma09M8caE.roa (raw, json)
Hash identifier: g7IhpOtRDnI++nPd5Rxxk+oxtGHwlj34xOm6EXepSD8=
Subject key identifier: D1:42:89:64:FC:02:BA:CC:5A:E1:F0:15:9D:C9:9A:D3:D3:3C:71:A1
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD411932798432F76921D6EB24FED2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0UKJZPwCusxa4fAVncma09M8caE.roa
Signing time: Tue 02 Jan 2024 10:34:32 +0000
ROA not before: Tue 02 Jan 2024 10:34:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212173
IP address blocks: 2a0e:b107:1d40::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 01 Jun 2024 12:13:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:41:19:32:79:84:32:f7:69:21:d6:eb:24:fe:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1428964fc02bacc5ae1f0159dc99ad3d33c71a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:55:60:cb:40:54:dd:a6:73:6f:88:2d:ca:ec:
9e:6d:70:50:4b:ce:b0:0f:b7:4e:96:55:38:d9:29:
ee:35:c6:a1:a2:23:dd:02:c7:a2:80:34:93:d9:bc:
ab:e3:89:38:2b:d2:98:c6:f2:87:c2:b3:63:91:eb:
a0:1b:eb:21:2c:58:89:6c:fe:7a:10:4a:f0:50:e9:
d2:e3:b3:cd:f9:85:2b:56:e2:a6:3d:5d:ee:71:c2:
e2:c6:d7:4a:ef:02:bc:94:21:18:4c:36:b0:d1:a6:
97:8e:34:fd:f2:eb:2f:bd:0b:d8:f2:44:83:7f:9c:
06:17:80:2d:a6:f8:a0:62:4b:3e:26:4e:ce:6d:3d:
8b:c3:7d:4f:7c:a6:40:ee:07:5e:02:0b:cc:ca:32:
b6:96:bc:a1:22:1f:34:59:9f:7f:3d:90:c7:fb:69:
38:49:5a:3c:ae:5c:bb:aa:46:4a:a4:e5:df:43:00:
3d:66:d2:a3:eb:40:8a:b5:7f:49:4d:f6:5e:64:fb:
99:f3:2c:9d:e1:46:77:e3:f3:84:29:37:3b:34:92:
af:77:f3:d2:f1:fb:c6:87:88:e5:b0:b8:69:a0:1a:
8a:32:fb:33:c1:9a:a0:86:77:02:9d:20:b8:2f:e2:
71:c2:ab:d5:71:02:27:91:8f:b2:e0:cb:04:91:02:
98:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:42:89:64:FC:02:BA:CC:5A:E1:F0:15:9D:C9:9A:D3:D3:3C:71:A1
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0UKJZPwCusxa4fAVncma09M8caE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1d40::/48
Signature Algorithm: sha256WithRSAEncryption
75:aa:41:40:1c:cc:08:3f:28:12:8e:88:f5:ba:26:92:8e:48:
8d:42:1e:3b:75:74:dd:bc:36:0e:98:63:72:f2:ae:16:68:93:
89:02:99:b4:c2:04:00:86:c7:f4:2d:5f:7e:05:97:3b:69:ce:
ea:a9:8c:a8:c7:83:20:76:d5:8a:97:cd:3c:f1:77:cd:13:86:
bd:38:50:77:74:89:4b:1e:9f:5e:6b:ad:a3:9f:91:10:0c:60:
af:3a:d7:08:a1:58:39:79:b9:52:bc:60:dd:19:dd:72:ca:bd:
f2:df:dc:6f:05:fe:22:74:9a:27:ea:cb:d2:b7:d1:97:c4:67:
7c:03:6b:ea:c8:1c:8b:c8:d2:ba:7d:a0:a0:6d:1f:ec:67:20:
ea:d5:0e:4d:3b:14:ab:eb:f6:18:28:11:68:03:bb:85:91:fe:
21:a9:e9:35:ab:20:e5:8a:55:ed:eb:17:48:3c:49:60:9a:7e:
95:8b:15:c5:37:38:4f:4f:6a:e6:70:23:62:03:62:1e:fb:dd:
84:07:5d:f4:e4:6c:2b:f0:4e:ad:78:d5:60:0e:8a:6a:90:19:
5a:ec:d1:dd:4f:97:83:e4:11:7e:47:97:64:1d:38:20:5b:ce:
74:bf:e2:0a:de:bd:f7:71:99:2d:ff:3c:d6:82:13:73:5a:69:
f8:e8:61:f9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvUEZMnmEMvdpIdbrJP7SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTQyODk2NGZjMDJiYWNjNWFlMWYwMTU5ZGM5OWFkM2QzM2M3MWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVVgy0BU3aZzb4gtyuyebXBQS86w
D7dOllU42SnuNcahoiPdAseigDST2byr44k4K9KYxvKHwrNjkeugG+shLFiJbP56
EErwUOnS47PN+YUrVuKmPV3uccLixtdK7wK8lCEYTDaw0aaXjjT98usvvQvY8kSD
f5wGF4AtpvigYks+Jk7ObT2Lw31PfKZA7gdeAgvMyjK2lryhIh80WZ9/PZDH+2k4
SVo8rly7qkZKpOXfQwA9ZtKj60CKtX9JTfZeZPuZ8yyd4UZ34/OEKTc7NJKvd/PS
8fvGh4jlsLhpoBqKMvszwZqghncCnSC4L+JxwqvVcQInkY+y4MsEkQKYhwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNFCiWT8ArrMWuHwFZ3JmtPTPHGhMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMFVLSlpQd0N1c3hhNGZBVm5jbWEwOU04Y2FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBx1A
MA0GCSqGSIb3DQEBCwUAA4IBAQB1qkFAHMwIPygSjoj1uiaSjkiNQh47dXTdvDYO
mGNy8q4WaJOJApm0wgQAhsf0LV9+BZc7ac7qqYyox4MgdtWKl8088XfNE4a9OFB3
dIlLHp9ea62jn5EQDGCvOtcIoVg5eblSvGDdGd1yyr3y39xvBf4idJon6svSt9GX
xGd8A2vqyByLyNK6faCgbR/sZyDq1Q5NOxSr6/YYKBFoA7uFkf4hqek1qyDlilXt
6xdIPElgmn6VixXFNzhPT2rmcCNiA2Ie+92EB1305Gwr8E6teNVgDopqkBla7NHd
T5eD5BF+R5dkHTggW850v+IK3r33cZkt/zzWghNzWmn46GH5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:21 2024 by rpki-client on console-fra.rpki-client.org