Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/4af7c1-50cb-479d-a377-007b447d4b39/1/uwPmYuxpZGrCkZLA-E_q7Wd8hdo.roa
File: uwPmYuxpZGrCkZLA-E_q7Wd8hdo.roa (raw, json)
Hash identifier: klumXsTbX7TzbrkQJYz0yawpDrEvYg72QqCsEdWUc60=
Subject key identifier: BB:03:E6:62:EC:69:64:6A:C2:91:92:C0:F8:4F:EA:ED:67:7C:85:DA
Certificate issuer: /CN=c18de4f2af8c7050e6e70e08a152573edd42e678
Certificate serial: 018CC7954A168FFC5D3DF10C3F80CE7AFB8B
Authority key identifier: C1:8D:E4:F2:AF:8C:70:50:E6:E7:0E:08:A1:52:57:3E:DD:42:E6:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wY3k8q-McFDm5w4IoVJXPt1C5ng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/4af7c1-50cb-479d-a377-007b447d4b39/1/uwPmYuxpZGrCkZLA-E_q7Wd8hdo.roa
Signing time: Tue 02 Jan 2024 00:31:38 +0000
ROA not before: Tue 02 Jan 2024 00:31:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205740
IP address blocks: 2001:67c:c18::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:4a:16:8f:fc:5d:3d:f1:0c:3f:80:ce:7a:fb:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c18de4f2af8c7050e6e70e08a152573edd42e678
Validity
Not Before: Jan 2 00:31:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb03e662ec69646ac29192c0f84feaed677c85da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ad:f9:6f:02:81:e1:57:a9:67:f0:40:f8:0f:
ef:41:d5:3a:e4:80:b4:ed:56:48:01:62:dc:97:a1:
3e:6c:09:94:75:52:2e:7d:71:b4:76:39:9d:29:1e:
1a:57:92:56:b8:c9:dd:91:27:5f:fb:5a:ed:74:b9:
0c:1f:20:47:cd:84:d3:e2:a3:9f:2d:66:ca:62:b2:
df:4a:cb:cc:1d:da:93:ed:1b:67:4f:b2:1d:fb:19:
10:b7:37:81:63:75:9b:c4:ce:9c:6d:53:dc:f2:56:
76:49:34:80:bf:1d:09:c5:67:56:be:9f:7d:81:56:
a2:ed:4c:9a:4c:df:61:9b:e2:e0:57:a1:e1:01:fa:
ec:9c:69:8f:9c:d6:e0:74:45:4f:b1:66:82:e0:db:
3b:ca:1b:8b:bd:a6:80:7b:a6:0f:0a:4f:ca:c6:c0:
ba:94:01:b4:3e:19:f4:1d:ea:85:c5:ea:4f:c0:f2:
7d:35:7c:9e:16:47:1a:a7:0e:bd:6a:00:81:93:a7:
8a:b4:7d:58:49:a5:00:f0:14:6e:c7:62:5c:07:30:
53:aa:80:1e:16:6c:df:b9:89:2f:1f:92:88:3c:b1:
e6:98:3a:ab:fe:fb:dc:0f:c7:c7:2d:28:50:16:f3:
db:02:d8:81:cf:7d:9e:c3:3e:a7:34:b4:4b:f8:4c:
86:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:03:E6:62:EC:69:64:6A:C2:91:92:C0:F8:4F:EA:ED:67:7C:85:DA
X509v3 Authority Key Identifier:
keyid:C1:8D:E4:F2:AF:8C:70:50:E6:E7:0E:08:A1:52:57:3E:DD:42:E6:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wY3k8q-McFDm5w4IoVJXPt1C5ng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/4af7c1-50cb-479d-a377-007b447d4b39/1/uwPmYuxpZGrCkZLA-E_q7Wd8hdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/4af7c1-50cb-479d-a377-007b447d4b39/1/wY3k8q-McFDm5w4IoVJXPt1C5ng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:c18::/48
Signature Algorithm: sha256WithRSAEncryption
10:57:56:4c:6c:8a:07:a2:39:8f:68:4f:f6:26:ec:5b:0a:8e:
6b:7a:ed:de:7e:8b:50:a9:9b:f1:75:6b:c3:b9:4a:18:fe:dc:
7e:f1:4e:7d:8c:02:0d:b3:b4:63:47:9d:59:19:7b:78:f3:1a:
23:0d:56:53:41:df:8c:e7:15:83:0e:ab:03:49:e2:dc:2c:e7:
b0:86:ae:d2:ea:f2:dd:6c:8e:f8:97:6d:11:c9:cc:2d:48:93:
38:05:1f:50:94:67:c2:47:ad:c0:c5:62:d6:6c:83:17:66:08:
06:0c:4c:a8:61:1b:ee:25:68:5c:7c:08:da:32:d7:19:ba:8b:
dd:f9:6c:36:e9:a5:48:27:7d:0d:ec:52:8e:b1:75:34:d5:c8:
f1:c7:59:65:86:42:4e:0d:1f:32:b5:3f:00:bc:08:94:79:bd:
c7:78:92:2f:a4:16:8f:52:ca:ad:64:79:75:04:02:c5:ac:86:
12:79:fe:fc:2e:0b:90:d5:65:04:18:d3:50:d0:bc:52:55:cf:
02:f0:b0:44:aa:80:12:41:ef:b0:b3:18:ed:51:69:c0:44:dc:
5f:47:f3:96:65:ea:e1:17:8e:d7:9d:76:a5:5c:1b:5c:40:b9:
fb:40:d8:ef:09:84:de:d2:e2:73:ac:d2:b3:79:de:e1:d5:a9:
53:a2:5f:3a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzHlUoWj/xdPfEMP4DOevuLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxOGRlNGYyYWY4YzcwNTBlNmU3MGUwOGExNTI1NzNlZGQ0
MmU2NzgwHhcNMjQwMTAyMDAzMTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjAzZTY2MmVjNjk2NDZhYzI5MTkyYzBmODRmZWFlZDY3N2M4NWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoK35bwKB4VepZ/BA+A/vQdU65IC0
7VZIAWLcl6E+bAmUdVIufXG0djmdKR4aV5JWuMndkSdf+1rtdLkMHyBHzYTT4qOf
LWbKYrLfSsvMHdqT7RtnT7Id+xkQtzeBY3WbxM6cbVPc8lZ2STSAvx0JxWdWvp99
gVai7UyaTN9hm+LgV6HhAfrsnGmPnNbgdEVPsWaC4Ns7yhuLvaaAe6YPCk/KxsC6
lAG0Phn0HeqFxepPwPJ9NXyeFkcapw69agCBk6eKtH1YSaUA8BRux2JcBzBTqoAe
FmzfuYkvH5KIPLHmmDqr/vvcD8fHLShQFvPbAtiBz32ewz6nNLRL+EyGqQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLsD5mLsaWRqwpGSwPhP6u1nfIXaMB8GA1UdIwQY
MBaAFMGN5PKvjHBQ5ucOCKFSVz7dQuZ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1kzazhxLU1jRkRtNXc0SW9WSlhQdDFDNW5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni80YWY3YzEtNTBjYi00NzlkLWEzNzct
MDA3YjQ0N2Q0YjM5LzEvdXdQbVl1eHBaR3JDa1pMQS1FX3E3V2Q4aGRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni80YWY3YzEtNTBjYi00NzlkLWEzNzctMDA3YjQ0N2Q0YjM5
LzEvd1kzazhxLU1jRkRtNXc0SW9WSlhQdDFDNW5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAwY
MA0GCSqGSIb3DQEBCwUAA4IBAQAQV1ZMbIoHojmPaE/2JuxbCo5reu3efotQqZvx
dWvDuUoY/tx+8U59jAINs7RjR51ZGXt48xojDVZTQd+M5xWDDqsDSeLcLOewhq7S
6vLdbI74l20RycwtSJM4BR9QlGfCR63AxWLWbIMXZggGDEyoYRvuJWhcfAjaMtcZ
uovd+Ww26aVIJ30N7FKOsXU01cjxx1llhkJODR8ytT8AvAiUeb3HeJIvpBaPUsqt
ZHl1BALFrIYSef78LguQ1WUEGNNQ0LxSVc8C8LBEqoASQe+wsxjtUWnARNxfR/OW
ZerhF47XnXalXBtcQLn7QNjvCYTe0uJzrNKzed7h1alTol86
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:52:50 2025 by rpki-client