Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/UI9VIJHUGZ-sjEGB25wwcHIG5i4.roa
File: UI9VIJHUGZ-sjEGB25wwcHIG5i4.roa (raw, json)
Hash identifier: BzW6TwXVXE5H30VQRlGjSCmoOQiY1I3jVrBBDwm8Qzk=
Subject key identifier: 50:8F:55:20:91:D4:19:9F:AC:8C:41:81:DB:9C:30:70:72:06:E6:2E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018D88B715A1B43176C0B60E2881C2AF66C0
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/UI9VIJHUGZ-sjEGB25wwcHIG5i4.roa
Signing time: Thu 08 Feb 2024 12:35:16 +0000
ROA not before: Thu 08 Feb 2024 12:35:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198316
IP address blocks: 2a0e:b107:1a60::/44 maxlen: 48
Validation: Failed, certificate revoked on Sun 11 Feb 2024 05:19:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:88:b7:15:a1:b4:31:76:c0:b6:0e:28:81:c2:af:66:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 8 12:35:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=508f552091d4199fac8c4181db9c30707206e62e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:35:fb:43:bd:aa:28:7a:e9:65:aa:c8:2d:20:
be:86:b9:53:94:58:85:aa:24:ce:20:3a:8b:e6:71:
28:38:f4:9e:82:20:8b:af:17:42:ec:34:ea:d3:75:
35:91:30:46:ac:98:ad:b2:9c:25:d6:ba:c4:c7:e1:
7b:63:af:94:35:5b:83:6c:a0:56:cb:1f:26:56:3f:
22:58:67:b0:08:9d:f9:3e:39:87:e3:1e:21:02:53:
41:31:6b:58:76:4b:26:13:45:39:7d:62:62:bb:54:
63:31:25:e5:5e:4b:6d:1e:82:6b:84:30:de:a6:fe:
26:11:5a:03:c9:11:97:f3:14:5d:ad:50:87:28:f8:
9f:38:98:53:5b:ef:96:73:a6:68:cd:5d:e4:a2:3d:
36:e8:6d:9f:35:a6:3d:83:74:1c:0a:de:d1:e2:20:
8d:38:c9:43:4d:64:aa:42:cd:e2:78:af:a0:a5:42:
ba:c5:37:05:71:49:c0:53:b1:88:c5:52:f4:12:27:
f0:80:7f:60:b1:3a:76:49:76:f5:c0:98:ae:97:cd:
9d:9f:2f:1f:5c:37:f0:a1:22:d6:33:05:11:ca:08:
33:71:e6:7e:22:25:8d:e9:35:1b:ab:c2:2b:4a:cf:
d1:dc:4b:4b:da:c2:9f:80:c5:db:ae:6d:c8:d6:d6:
c7:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:8F:55:20:91:D4:19:9F:AC:8C:41:81:DB:9C:30:70:72:06:E6:2E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/UI9VIJHUGZ-sjEGB25wwcHIG5i4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1a60::/44
Signature Algorithm: sha256WithRSAEncryption
bd:cd:76:5d:3a:9f:d4:7e:5c:23:18:05:8a:d7:53:a9:62:b5:
f8:e6:f2:d5:e9:52:b5:7f:b3:00:56:ad:78:c1:2b:e5:ce:85:
20:d5:5f:a9:f6:72:3e:b2:a5:76:f8:2b:e2:59:3e:3f:72:d1:
95:f4:35:01:9f:22:5f:8e:36:29:af:6b:64:54:7d:b3:52:ac:
bf:c7:8e:11:22:96:e4:de:68:7d:87:0f:62:6f:92:5b:9a:a3:
c6:ae:08:1d:e6:90:e0:13:d8:36:f3:26:13:8d:3f:ae:a8:01:
07:cb:64:cd:3c:16:1a:52:6f:d1:78:8e:b1:f2:ca:df:02:92:
5f:ed:de:e7:0c:be:ae:74:8d:87:2c:fa:e6:36:5b:74:6a:24:
72:3d:4f:a1:59:5b:87:cc:71:2b:6f:a6:3c:97:fc:97:26:03:
18:6d:1c:6a:f5:c3:93:06:9d:e3:b9:cf:35:7a:95:21:1e:85:
89:54:88:b3:aa:b5:47:b1:8c:b9:7c:7b:a4:12:85:03:af:7f:
7b:28:c4:0b:e8:48:d2:2e:67:94:7d:2e:76:37:8e:7e:c4:e9:
7f:5c:fd:b2:0b:8b:f7:dd:f1:1e:28:6e:d6:9e:ce:9f:e6:f2:
29:44:29:3e:2c:a9:b0:fe:8b:bb:9e:37:f4:19:3c:21:80:4e:
f7:d9:9c:db
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2ItxWhtDF2wLYOKIHCr2bAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMjA4MTIzNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDhmNTUyMDkxZDQxOTlmYWM4YzQxODFkYjljMzA3MDcyMDZlNjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTX7Q72qKHrpZarILSC+hrlTlFiF
qiTOIDqL5nEoOPSegiCLrxdC7DTq03U1kTBGrJitspwl1rrEx+F7Y6+UNVuDbKBW
yx8mVj8iWGewCJ35PjmH4x4hAlNBMWtYdksmE0U5fWJiu1RjMSXlXkttHoJrhDDe
pv4mEVoDyRGX8xRdrVCHKPifOJhTW++Wc6ZozV3koj026G2fNaY9g3QcCt7R4iCN
OMlDTWSqQs3ieK+gpUK6xTcFcUnAU7GIxVL0EifwgH9gsTp2SXb1wJiul82dny8f
XDfwoSLWMwURyggzceZ+IiWN6TUbq8IrSs/R3EtL2sKfgMXbrm3I1tbHpwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFCPVSCR1BmfrIxBgducMHByBuYuMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVUk5VklKSFVHWi1zakVHQjI1d3djSElHNWk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBxpg
MA0GCSqGSIb3DQEBCwUAA4IBAQC9zXZdOp/UflwjGAWK11OpYrX45vLV6VK1f7MA
Vq14wSvlzoUg1V+p9nI+sqV2+CviWT4/ctGV9DUBnyJfjjYpr2tkVH2zUqy/x44R
Ipbk3mh9hw9ib5JbmqPGrggd5pDgE9g28yYTjT+uqAEHy2TNPBYaUm/ReI6x8srf
ApJf7d7nDL6udI2HLPrmNlt0aiRyPU+hWVuHzHErb6Y8l/yXJgMYbRxq9cOTBp3j
uc81epUhHoWJVIizqrVHsYy5fHukEoUDr397KMQL6EjSLmeUfS52N45+xOl/XP2y
C4v33fEeKG7Wns6f5vIpRCk+LKmw/ou7njf0GTwhgE732Zzb
-----END CERTIFICATE-----
Generated at Sun Feb 11 09:07:40 2024 by rpki-client on console-fra.rpki-client.org