Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/ubX36AROQgJ1y-yroPTpx2aFRqU.roa
File: ubX36AROQgJ1y-yroPTpx2aFRqU.roa (raw, json)
Hash identifier: TzZ+Nq0vWF7DB3+uAglpVhlRykxDNFM4orNSpqxdOSc=
Subject key identifier: B9:B5:F7:E8:04:4E:42:02:75:CB:EC:AB:A0:F4:E9:C7:66:85:46:A5
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 018CC64B3B5B8A93449086513A5486B46568
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/ubX36AROQgJ1y-yroPTpx2aFRqU.roa
Signing time: Mon 01 Jan 2024 18:31:08 +0000
ROA not before: Mon 01 Jan 2024 18:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203133
IP address blocks: 2a12:3fc2:aa60::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:3b:5b:8a:93:44:90:86:51:3a:54:86:b4:65:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Jan 1 18:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9b5f7e8044e420275cbecaba0f4e9c7668546a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ba:ef:fa:af:0f:92:a7:46:d8:0c:98:f3:f0:
33:53:58:b0:1c:8f:20:b3:fb:8b:d7:55:0a:7e:14:
5a:1f:c8:b5:a5:bc:f0:20:d9:49:95:e5:25:8b:e3:
e2:70:07:ae:d3:8d:bd:32:23:59:eb:bb:16:49:65:
06:35:ca:82:e8:d8:4d:29:b2:5a:31:82:03:ba:ea:
ac:c4:47:e2:b7:bb:ff:21:85:15:01:95:22:92:af:
1e:d8:5b:25:00:8d:17:ae:8e:d0:82:e7:83:87:93:
18:cd:24:4a:cc:08:7f:10:ae:6c:4f:eb:ed:5d:8b:
4c:e3:ab:9b:a6:e7:65:7a:3e:12:d2:a3:d1:20:fc:
0e:83:5b:12:e5:3f:42:41:82:6f:70:18:89:a3:88:
c8:bf:b6:15:bf:e4:c7:dd:f4:ff:0b:63:00:1b:c5:
d3:80:bf:d9:56:af:30:b7:85:f9:62:3f:2d:5d:3f:
7f:1a:ff:60:e4:65:8d:e3:24:50:52:dd:95:f7:79:
b4:76:8a:be:c7:61:64:f1:72:10:a6:72:6e:1f:d4:
d8:08:18:d0:03:b3:ba:54:6e:cc:64:6a:a8:50:9d:
c6:1f:5c:aa:51:ca:7d:88:bf:3b:56:cd:24:67:59:
70:e6:f8:7a:e2:56:66:f8:a4:59:35:15:07:86:c0:
58:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:B5:F7:E8:04:4E:42:02:75:CB:EC:AB:A0:F4:E9:C7:66:85:46:A5
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/ubX36AROQgJ1y-yroPTpx2aFRqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc2:aa60::/48
Signature Algorithm: sha256WithRSAEncryption
5e:a9:f8:47:d6:3d:b5:81:53:2a:7c:49:6a:38:bc:52:6d:75:
22:c1:0f:a9:c2:f3:71:32:85:e1:a1:e1:b6:fb:33:81:cf:72:
18:dd:5e:25:b1:92:1f:d9:77:49:c4:da:93:6e:35:6d:4d:2e:
f3:c9:18:05:b5:c9:e5:4d:37:cf:b7:c8:10:06:8c:2e:82:c4:
52:b5:07:71:fa:59:c9:8a:2a:9f:d0:5b:0b:dc:77:82:50:28:
9e:75:63:0a:76:1a:50:f5:a0:55:c1:31:1f:59:52:b0:31:5f:
23:91:7e:89:3d:ef:d9:f3:ea:c9:98:34:c6:bd:86:b2:1a:6f:
5e:aa:5c:57:ea:99:12:b6:ea:7f:a4:9f:9f:77:d9:08:cf:bb:
40:64:0f:78:8c:0b:c1:58:4b:97:b0:fa:bc:0c:ea:e5:b3:ba:
00:f8:b3:71:5c:ec:84:dd:7c:8c:e8:18:3c:c0:43:2b:49:9d:
14:65:37:92:aa:d9:8b:55:23:35:8b:37:66:80:88:d5:40:64:
32:85:57:15:89:f8:1c:03:b8:29:b9:61:d8:10:d7:a9:d6:bf:
42:b4:1c:ca:40:ff:4b:a8:51:8e:20:a3:a3:22:5e:af:59:92:
05:f6:a2:da:85:b0:98:49:01:b4:e3:fe:f1:17:02:c2:08:35:
66:19:53:d9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGSztbipNEkIZROlSGtGVoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjQwMTAxMTgzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWI1ZjdlODA0NGU0MjAyNzVjYmVjYWJhMGY0ZTljNzY2ODU0NmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7rv+q8PkqdG2AyY8/AzU1iwHI8g
s/uL11UKfhRaH8i1pbzwINlJleUli+PicAeu0429MiNZ67sWSWUGNcqC6NhNKbJa
MYIDuuqsxEfit7v/IYUVAZUikq8e2FslAI0Xro7QgueDh5MYzSRKzAh/EK5sT+vt
XYtM46ubpudlej4S0qPRIPwOg1sS5T9CQYJvcBiJo4jIv7YVv+TH3fT/C2MAG8XT
gL/ZVq8wt4X5Yj8tXT9/Gv9g5GWN4yRQUt2V93m0doq+x2Fk8XIQpnJuH9TYCBjQ
A7O6VG7MZGqoUJ3GH1yqUcp9iL87Vs0kZ1lw5vh64lZm+KRZNRUHhsBYQQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLm19+gETkICdcvsq6D06cdmhUalMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvdWJYMzZBUk9RZ0oxeS15cm9QVHB4MmFGUnFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhI/wqpg
MA0GCSqGSIb3DQEBCwUAA4IBAQBeqfhH1j21gVMqfElqOLxSbXUiwQ+pwvNxMoXh
oeG2+zOBz3IY3V4lsZIf2XdJxNqTbjVtTS7zyRgFtcnlTTfPt8gQBowugsRStQdx
+lnJiiqf0FsL3HeCUCiedWMKdhpQ9aBVwTEfWVKwMV8jkX6JPe/Z8+rJmDTGvYay
Gm9eqlxX6pkStup/pJ+fd9kIz7tAZA94jAvBWEuXsPq8DOrls7oA+LNxXOyE3XyM
6Bg8wEMrSZ0UZTeSqtmLVSM1izdmgIjVQGQyhVcVifgcA7gpuWHYENep1r9CtBzK
QP9LqFGOIKOjIl6vWZIF9qLahbCYSQG04/7xFwLCCDVmGVPZ
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:58:27 2025 by rpki-client