Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/uyzHJPdrWEYb82urb7uYTO-O7G4.roa
File: uyzHJPdrWEYb82urb7uYTO-O7G4.roa (raw, json)
Hash identifier: TmT6oH5uVZv/1spvGJOlHv+RLwxyRYE3xb4NUqpqQuM=
Subject key identifier: BB:2C:C7:24:F7:6B:58:46:1B:F3:6B:AB:6F:BB:98:4C:EF:8E:EC:6E
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 018C10B847193981CD67B467DF1201D6C5CB
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/uyzHJPdrWEYb82urb7uYTO-O7G4.roa
Signing time: Mon 27 Nov 2023 12:19:21 +0000
ROA not before: Mon 27 Nov 2023 12:19:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42360
IP address blocks: 94.16.6.0/24 maxlen: 32
94.16.13.0/24 maxlen: 24
2a00:11c0:77::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:10:b8:47:19:39:81:cd:67:b4:67:df:12:01:d6:c5:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Nov 27 12:19:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb2cc724f76b58461bf36bab6fbb984cef8eec6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f6:ac:6f:fb:a1:1a:09:a2:94:31:e5:4b:0a:
bd:f5:62:ef:b5:53:9b:1d:85:64:70:7d:9b:3e:2c:
a9:cf:33:62:77:09:e0:9a:01:ef:0a:6a:2f:52:8d:
75:d0:24:10:a9:76:69:25:32:97:49:5b:86:d9:33:
83:27:07:d8:57:bf:6d:a0:40:bd:bd:70:9b:9a:86:
68:98:5f:93:41:85:24:8d:34:5a:12:dd:fc:a8:17:
17:2f:93:fb:fd:8f:14:a7:c8:bb:92:b3:17:6f:18:
47:f8:45:eb:22:e8:9d:8e:1f:7c:e4:1e:3d:5b:4c:
d8:1e:32:3d:20:ca:56:fc:64:88:22:1c:05:6d:06:
c5:e2:d3:e8:bd:e5:99:41:65:8e:f2:5d:88:18:a7:
0b:71:12:58:7c:b5:2e:57:fd:bc:5b:ed:d9:d5:f4:
5f:f9:2d:25:c7:93:35:7e:5b:5a:9f:b6:a0:63:a5:
db:35:a9:ca:4b:30:8d:f1:53:b3:62:29:9a:17:4b:
60:6c:cc:aa:15:89:1f:92:4c:20:fa:36:a9:5c:c9:
a1:f7:70:2a:65:4c:76:55:19:08:81:75:34:df:62:
69:bb:ed:45:c5:4a:07:59:27:77:ce:be:ad:e4:89:
fb:04:cb:4a:d2:cf:0e:e8:e2:6d:39:a1:f9:43:5b:
fe:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:2C:C7:24:F7:6B:58:46:1B:F3:6B:AB:6F:BB:98:4C:EF:8E:EC:6E
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/uyzHJPdrWEYb82urb7uYTO-O7G4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.16.6.0/24
94.16.13.0/24
IPv6:
2a00:11c0:77::/48
Signature Algorithm: sha256WithRSAEncryption
c2:82:6c:6d:17:76:e2:a1:18:c5:c9:cf:d8:b0:df:d5:06:a0:
ff:19:20:d0:f7:b2:dd:2e:e5:f4:f9:85:c9:6c:38:d7:0c:2c:
f7:84:75:7e:de:1a:21:5a:b7:f3:55:70:1c:96:dc:2c:c4:a1:
08:3a:04:db:17:ca:dc:d7:fe:e6:5d:25:59:60:f4:3a:a6:03:
64:07:f3:3c:eb:6c:0d:4c:14:01:c1:3d:66:19:28:6f:ab:5f:
ac:0e:ba:19:d8:7d:c6:36:57:08:86:e9:29:1e:e0:04:b9:91:
45:4b:2a:cb:f5:8e:52:99:a5:2c:e3:1c:0d:32:a0:e8:e1:60:
55:c0:31:c5:32:65:c1:a5:fa:e4:30:eb:c7:fd:1b:a2:df:7a:
86:67:18:0e:c5:a0:9b:81:c0:79:12:8b:70:da:8e:4f:6d:3f:
7d:79:4e:2c:a9:59:cd:4e:f3:9c:d6:c9:8e:8f:15:cf:90:49:
c0:fa:57:ca:2b:7c:bc:94:61:23:d5:0f:f0:b6:ac:20:a9:78:
d4:f4:2f:8e:74:36:73:28:a8:4e:e0:55:62:20:66:6e:c8:64:
6b:59:36:ec:fe:98:75:88:69:a8:66:e3:d0:da:f5:1e:d0:00:
18:07:89:44:16:d3:12:90:aa:79:db:ff:bf:30:0b:0c:65:2b:
9b:5a:8c:a5
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYwQuEcZOYHNZ7Rn3xIB1sXLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjMxMTI3MTIxOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjJjYzcyNGY3NmI1ODQ2MWJmMzZiYWI2ZmJiOTg0Y2VmOGVlYzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvasb/uhGgmilDHlSwq99WLvtVOb
HYVkcH2bPiypzzNidwngmgHvCmovUo110CQQqXZpJTKXSVuG2TODJwfYV79toEC9
vXCbmoZomF+TQYUkjTRaEt38qBcXL5P7/Y8Up8i7krMXbxhH+EXrIuidjh985B49
W0zYHjI9IMpW/GSIIhwFbQbF4tPoveWZQWWO8l2IGKcLcRJYfLUuV/28W+3Z1fRf
+S0lx5M1fltan7agY6XbNanKSzCN8VOzYimaF0tgbMyqFYkfkkwg+japXMmh93Aq
ZUx2VRkIgXU032Jpu+1FxUoHWSd3zr6t5In7BMtK0s8O6OJtOaH5Q1v+XQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFLssxyT3a1hGG/Nrq2+7mEzvjuxuMB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvdXl6SEpQZHJXRVliODJ1cmI3dVlUTy1PN0c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAXhAGAwQA
XhANMA8EAgACMAkDBwAqABHAAHcwDQYJKoZIhvcNAQELBQADggEBAMKCbG0XduKh
GMXJz9iw39UGoP8ZIND3st0u5fT5hclsONcMLPeEdX7eGiFat/NVcByW3CzEoQg6
BNsXytzX/uZdJVlg9DqmA2QH8zzrbA1MFAHBPWYZKG+rX6wOuhnYfcY2VwiG6Ske
4AS5kUVLKsv1jlKZpSzjHA0yoOjhYFXAMcUyZcGl+uQw68f9G6LfeoZnGA7FoJuB
wHkSi3Dajk9tP315TiypWc1O85zWyY6PFc+QScD6V8orfLyUYSPVD/C2rCCpeNT0
L450NnMoqE7gVWIgZm7IZGtZNuz+mHWIaahm49Da9R7QABgHiUQW0xKQqnnb/78w
CwxlK5tajKU=
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:33 2024 by rpki-client on console-ams.rpki-client.org