Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/uJJpvLP0FNYxNeEkC5P5D-U4RKw.roa
File: uJJpvLP0FNYxNeEkC5P5D-U4RKw.roa (raw, json)
Hash identifier: 6ZUFEDfWNbchDXuGg5f424ehVKNXJKaeJCJepeZoJ/k=
Subject key identifier: B8:92:69:BC:B3:F4:14:D6:31:35:E1:24:0B:93:F9:0F:E5:38:44:AC
Certificate issuer: /CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Certificate serial: 01856D4AEA83DAEB2A27938CBF6F62E9B6BD
Authority key identifier: C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/uJJpvLP0FNYxNeEkC5P5D-U4RKw.roa
Signing time: Sun 01 Jan 2023 12:25:04 +0000
ROA not before: Sun 01 Jan 2023 12:25:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210378
IP address blocks: 2a07:2902:9c00::/38 maxlen: 38
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:ea:83:da:eb:2a:27:93:8c:bf:6f:62:e9:b6:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Validity
Not Before: Jan 1 12:25:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b89269bcb3f414d63135e1240b93f90fe53844ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:2f:05:d7:16:de:86:41:1e:e3:8d:15:63:1e:
b6:49:80:58:2c:e1:cc:0d:2e:39:e1:f2:1d:1c:04:
f1:a5:6b:58:e8:4b:e1:64:8d:cd:12:97:67:bb:ce:
25:04:fd:6f:71:06:23:35:84:49:ae:fd:62:9e:00:
9b:27:fe:be:5e:ea:f0:b4:da:73:b2:2c:9b:98:aa:
62:43:23:2c:9f:3f:eb:63:4d:fb:b7:07:01:71:de:
6c:3a:61:fa:ca:39:dd:65:b4:e2:6b:7f:4e:8a:79:
fb:93:ba:eb:56:63:25:a9:c3:61:29:aa:d2:36:36:
f8:f4:88:54:5b:aa:a7:ce:74:20:82:03:30:28:e6:
cb:89:1d:4f:29:0e:ce:58:44:f0:25:3c:b0:73:c5:
ee:98:39:8c:4a:73:23:0e:ca:32:40:5e:84:06:f8:
4a:0b:cf:91:b6:d3:b2:34:fc:54:2d:81:0d:36:3a:
a0:5a:6b:7c:8b:66:f3:50:4b:4a:d7:0f:fe:af:02:
91:6d:67:55:3a:5d:3f:dc:c3:fb:a8:03:8d:25:b2:
50:a2:4c:80:ce:a7:29:92:a3:74:d0:ff:98:99:0e:
19:00:4b:4d:f4:06:35:85:88:17:cd:51:a6:06:77:
60:54:19:e9:2d:61:46:3e:7e:f6:fa:9a:b7:91:5d:
ea:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:92:69:BC:B3:F4:14:D6:31:35:E1:24:0B:93:F9:0F:E5:38:44:AC
X509v3 Authority Key Identifier:
keyid:C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/uJJpvLP0FNYxNeEkC5P5D-U4RKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:2902:9c00::/38
Signature Algorithm: sha256WithRSAEncryption
3c:8e:61:9a:08:d9:a9:a3:47:12:81:4b:0e:d9:56:7d:f6:49:
fc:0f:9f:72:97:16:5c:71:f1:20:b7:e8:93:85:49:1e:0f:b5:
fa:f9:1b:a6:97:b6:d5:99:28:9d:e3:e1:96:e1:75:0c:4c:aa:
ba:01:d0:a1:d7:89:47:a3:c7:bd:5e:c3:06:ea:23:3f:60:89:
5c:53:fd:d6:41:5e:da:55:d1:64:07:ef:44:71:e2:dd:8f:e5:
3d:95:ba:7f:7c:4a:ed:8e:d8:f8:e1:cb:7a:13:cf:eb:d9:dd:
16:dc:66:01:72:94:6d:bd:fb:6b:cc:4b:f8:b3:3c:e6:56:65:
58:e3:fb:29:e0:34:a2:a2:65:2b:ff:f5:f3:43:39:97:77:7e:
e4:a8:2e:54:e8:0f:74:d2:ae:e2:69:fd:f5:aa:18:94:cf:e9:
08:72:9e:15:ce:0d:80:94:a4:11:4b:1a:ff:8b:7c:2c:bb:4f:
70:f4:f6:cd:5c:84:26:14:8e:ce:80:0f:c5:fc:90:5f:0b:29:
f1:15:4a:f3:a3:61:24:52:7a:b6:63:44:a6:aa:59:b5:12:79:
84:ae:98:f7:11:e9:b9:bb:b0:6e:2d:43:43:6b:88:43:13:a8:
c5:e3:d6:74:08:c5:3c:4b:64:61:0a:8c:b8:9a:c4:9c:40:5b:
32:57:82:12
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtSuqD2usqJ5OMv29i6ba9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NWM2ODNjYjFlYjljMGY0OWI5NjdlM2JkOWI4Yjg0Y2Yw
OTliYjgwHhcNMjMwMTAxMTIyNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODkyNjliY2IzZjQxNGQ2MzEzNWUxMjQwYjkzZjkwZmU1Mzg0NGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApC8F1xbehkEe440VYx62SYBYLOHM
DS454fIdHATxpWtY6EvhZI3NEpdnu84lBP1vcQYjNYRJrv1ingCbJ/6+XurwtNpz
siybmKpiQyMsnz/rY037twcBcd5sOmH6yjndZbTia39Oinn7k7rrVmMlqcNhKarS
Njb49IhUW6qnznQgggMwKObLiR1PKQ7OWETwJTywc8XumDmMSnMjDsoyQF6EBvhK
C8+RttOyNPxULYENNjqgWmt8i2bzUEtK1w/+rwKRbWdVOl0/3MP7qAONJbJQokyA
zqcpkqN00P+YmQ4ZAEtN9AY1hYgXzVGmBndgVBnpLWFGPn72+pq3kV3q4wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFLiSabyz9BTWMTXhJAuT+Q/lOESsMB8GA1UdIwQY
MBaAFMRcaDyx65wPSbln472bi4TPCZu4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEZ4b1BMSHJuQTlKdVdmanZadUxoTThKbTdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MzlhMTAtNjBjNC00YzI4LTkxYmYt
ODhkMmRmMTBkMTViLzEvdUpKcHZMUDBGTll4TmVFa0M1UDVELVU0Ukt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MzlhMTAtNjBjNC00YzI4LTkxYmYtODhkMmRmMTBkMTVi
LzEveEZ4b1BMSHJuQTlKdVdmanZadUxoTThKbTdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgcpApww
DQYJKoZIhvcNAQELBQADggEBADyOYZoI2amjRxKBSw7ZVn32SfwPn3KXFlxx8SC3
6JOFSR4Ptfr5G6aXttWZKJ3j4ZbhdQxMqroB0KHXiUejx71ewwbqIz9giVxT/dZB
XtpV0WQH70Rx4t2P5T2Vun98Su2O2Pjhy3oTz+vZ3RbcZgFylG29+2vMS/izPOZW
ZVjj+yngNKKiZSv/9fNDOZd3fuSoLlToD3TSruJp/fWqGJTP6QhynhXODYCUpBFL
Gv+LfCy7T3D09s1chCYUjs6AD8X8kF8LKfEVSvOjYSRSerZjRKaqWbUSeYSumPcR
6bm7sG4tQ0NriEMTqMXj1nQIxTxLZGEKjLiaxJxAWzJXghI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:16 2024 by rpki-client on console-fra.rpki-client.org