Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/UfqBrGPmvgSKxAJOVioo66bl-po.roa
File: UfqBrGPmvgSKxAJOVioo66bl-po.roa (raw, json)
Hash identifier: 2xaC2eJB4J88k6TwvpwosDViwntMVvX43mjugBCHp4E=
Subject key identifier: 51:FA:81:AC:63:E6:BE:04:8A:C4:02:4E:56:2A:28:EB:A6:E5:FA:9A
Certificate issuer: /CN=8d89223c1f335c0cc569359fa2dda349a2236ccb
Certificate serial: 018572B426A6A2957ED0A64C38A50C1B3A89
Authority key identifier: 8D:89:22:3C:1F:33:5C:0C:C5:69:35:9F:A2:DD:A3:49:A2:23:6C:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYkiPB8zXAzFaTWfot2jSaIjbMs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/UfqBrGPmvgSKxAJOVioo66bl-po.roa
Signing time: Mon 02 Jan 2023 13:38:07 +0000
ROA not before: Mon 02 Jan 2023 13:38:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 2a0b:8b40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 11 Sep 2023 22:51:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:26:a6:a2:95:7e:d0:a6:4c:38:a5:0c:1b:3a:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d89223c1f335c0cc569359fa2dda349a2236ccb
Validity
Not Before: Jan 2 13:38:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51fa81ac63e6be048ac4024e562a28eba6e5fa9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:58:1e:a0:a3:b8:a6:39:11:99:b7:b7:87:cb:
63:d5:7c:8f:aa:5d:87:88:3e:78:99:82:70:16:b8:
6f:fa:14:69:67:08:b8:0f:d9:bc:f4:00:21:e7:b4:
89:01:dd:63:02:88:7b:5a:14:68:2c:8d:f5:79:40:
f5:0d:ea:d7:7d:38:0e:59:24:28:ba:25:30:15:24:
f9:bb:24:af:4c:e9:f0:1d:20:b6:3f:2e:c1:b5:30:
18:ec:7f:49:a1:30:33:62:60:be:93:c4:25:20:94:
df:28:13:fa:b2:9d:ba:c7:0b:d2:ce:3d:2b:ca:a1:
8e:13:8b:99:25:14:90:34:41:71:12:d0:94:80:ad:
b4:c0:fa:eb:04:ed:56:1e:49:f3:0d:c5:3a:50:a9:
b8:3d:5e:62:b9:5f:a1:93:d3:2a:c1:9d:82:46:48:
11:64:5e:01:dd:56:72:6e:ed:80:4a:f6:57:15:3a:
02:87:46:77:19:95:03:4b:39:a9:6a:70:a6:88:62:
52:96:35:f1:23:8a:f9:d6:fa:b7:03:fd:35:00:b4:
6e:26:a2:75:bd:65:31:c0:57:4c:4e:52:80:27:36:
53:50:9c:d5:24:95:20:68:11:bd:4a:0c:61:b8:82:
a0:58:5a:57:75:91:a3:95:d0:5e:69:ed:38:f1:ee:
59:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:FA:81:AC:63:E6:BE:04:8A:C4:02:4E:56:2A:28:EB:A6:E5:FA:9A
X509v3 Authority Key Identifier:
keyid:8D:89:22:3C:1F:33:5C:0C:C5:69:35:9F:A2:DD:A3:49:A2:23:6C:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYkiPB8zXAzFaTWfot2jSaIjbMs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/UfqBrGPmvgSKxAJOVioo66bl-po.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/jYkiPB8zXAzFaTWfot2jSaIjbMs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:8b40::/29
Signature Algorithm: sha256WithRSAEncryption
06:ed:cb:52:37:cc:00:b8:9f:73:78:cb:e5:17:e3:36:85:7a:
db:f2:28:6e:59:41:62:c2:88:99:04:7c:f7:70:af:52:03:1d:
ef:b0:dd:40:a6:1f:42:22:20:ae:1c:3c:2b:18:af:75:ea:25:
e2:f7:86:70:06:37:b2:21:fa:a9:d9:73:e6:60:aa:ed:73:c7:
28:f0:26:c9:31:46:47:06:32:dc:5a:7a:64:6a:d6:a9:0e:21:
6d:a3:50:4d:5d:a7:93:57:7f:2e:27:98:f4:d9:5d:52:61:5e:
ce:8f:c5:67:d0:54:c5:97:8a:6e:fb:b5:85:f8:9e:99:84:66:
e7:8a:ac:02:4a:ff:3f:86:02:d4:8d:cc:6d:a0:85:4e:48:8c:
77:5e:e1:53:c0:0a:d4:47:a0:f6:01:9f:19:ac:8e:56:03:9e:
13:a5:f1:20:a0:57:6c:3a:a2:b6:9b:63:a5:35:3d:13:ef:10:
b1:fa:70:f7:af:1f:ca:a7:2f:40:1c:81:9e:39:ce:bb:30:c1:
28:20:5b:f4:67:89:1b:62:f5:9a:bc:9a:4f:4e:47:c1:b2:f1:
5b:6b:44:45:44:99:a8:70:7e:14:51:63:5b:52:76:5c:7f:07:
02:c7:25:5d:bf:e6:e8:5e:a1:f8:a3:ff:f0:50:9b:f3:51:6c:
e1:62:40:30
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVytCamopV+0KZMOKUMGzqJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODkyMjNjMWYzMzVjMGNjNTY5MzU5ZmEyZGRhMzQ5YTIy
MzZjY2IwHhcNMjMwMTAyMTMzODA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWZhODFhYzYzZTZiZTA0OGFjNDAyNGU1NjJhMjhlYmE2ZTVmYTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllgeoKO4pjkRmbe3h8tj1XyPql2H
iD54mYJwFrhv+hRpZwi4D9m89AAh57SJAd1jAoh7WhRoLI31eUD1DerXfTgOWSQo
uiUwFST5uySvTOnwHSC2Py7BtTAY7H9JoTAzYmC+k8QlIJTfKBP6sp26xwvSzj0r
yqGOE4uZJRSQNEFxEtCUgK20wPrrBO1WHknzDcU6UKm4PV5iuV+hk9MqwZ2CRkgR
ZF4B3VZybu2ASvZXFToCh0Z3GZUDSzmpanCmiGJSljXxI4r51vq3A/01ALRuJqJ1
vWUxwFdMTlKAJzZTUJzVJJUgaBG9SgxhuIKgWFpXdZGjldBeae048e5ZDwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFH6gaxj5r4EisQCTlYqKOum5fqaMB8GA1UdIwQY
MBaAFI2JIjwfM1wMxWk1n6Ldo0miI2zLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallraVBCOHpYQXpGYVRXZm90MmpTYUlqYk1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81MmExMGQtZDg1MS00MGFlLWE4YjAt
YTEwMjhlZGE2MzgzLzEvVWZxQnJHUG12Z1NLeEFKT1Zpb282NmJsLXBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81MmExMGQtZDg1MS00MGFlLWE4YjAtYTEwMjhlZGE2Mzgz
LzEvallraVBCOHpYQXpGYVRXZm90MmpTYUlqYk1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKguLQDAN
BgkqhkiG9w0BAQsFAAOCAQEABu3LUjfMALifc3jL5RfjNoV62/IobllBYsKImQR8
93CvUgMd77DdQKYfQiIgrhw8Kxivdeol4veGcAY3siH6qdlz5mCq7XPHKPAmyTFG
RwYy3Fp6ZGrWqQ4hbaNQTV2nk1d/LieY9NldUmFezo/FZ9BUxZeKbvu1hfiemYRm
54qsAkr/P4YC1I3MbaCFTkiMd17hU8AK1Eeg9gGfGayOVgOeE6XxIKBXbDqitptj
pTU9E+8Qsfpw968fyqcvQByBnjnOuzDBKCBb9GeJG2L1mryaT05HwbLxW2tERUSZ
qHB+FFFjW1J2XH8HAsclXb/m6F6h+KP/8FCb81Fs4WJAMA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:02 2024 by rpki-client on console-ams.rpki-client.org