Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/ef6c8e-3f07-4b3f-a87e-bbe912eec73e/1/U6VN2S_KhTafMN_2P5EhJLU7CuU.roa
File: U6VN2S_KhTafMN_2P5EhJLU7CuU.roa (raw, json)
Hash identifier: JuEdnz2PERukWXnofpjhf9KFKp9wvbHblIwu27f8Ydc=
Subject key identifier: 53:A5:4D:D9:2F:CA:85:36:9F:30:DF:F6:3F:91:21:24:B5:3B:0A:E5
Certificate issuer: /CN=40254d4a767ad099606e442e092f91241a363670
Certificate serial: 0185710C16F9E7B3329FC753C6C0EADCE62C
Authority key identifier: 40:25:4D:4A:76:7A:D0:99:60:6E:44:2E:09:2F:91:24:1A:36:36:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QCVNSnZ60JlgbkQuCS-RJBo2NnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/ef6c8e-3f07-4b3f-a87e-bbe912eec73e/1/U6VN2S_KhTafMN_2P5EhJLU7CuU.roa
Signing time: Mon 02 Jan 2023 05:54:55 +0000
ROA not before: Mon 02 Jan 2023 05:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21227
IP address blocks: 2a0f:7b40::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 29 Sep 2023 10:57:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:16:f9:e7:b3:32:9f:c7:53:c6:c0:ea:dc:e6:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40254d4a767ad099606e442e092f91241a363670
Validity
Not Before: Jan 2 05:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53a54dd92fca85369f30dff63f912124b53b0ae5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:4a:a8:bc:96:f4:b5:6b:7c:a3:20:17:96:ee:
cc:8f:be:16:29:d6:69:ae:0e:07:83:5f:0c:23:1a:
a7:77:27:d0:99:54:aa:e1:de:b8:a3:2a:71:51:ec:
96:c5:06:4c:92:a8:80:80:fe:e7:69:8b:0d:0a:a2:
bc:f1:d8:2c:bd:fc:ea:84:d3:bd:24:2b:f8:2f:c6:
4b:90:80:8f:f5:d0:02:d3:78:e8:fc:d9:a1:78:79:
4a:33:8b:bd:79:6a:48:60:98:e1:e4:09:6f:11:78:
ce:26:14:e8:2a:ac:73:a4:86:e7:ae:83:67:eb:2d:
be:33:98:e8:d1:5a:91:c9:23:01:6f:b2:f1:d5:97:
96:7e:de:d2:aa:4e:ac:c5:db:41:88:94:26:0f:af:
d6:17:9a:59:43:26:54:57:98:52:30:f1:6e:59:20:
fa:44:89:65:e7:ca:31:32:64:ce:96:87:80:ad:08:
ea:80:94:28:e2:4c:71:4f:c5:31:01:d6:96:18:81:
f9:50:b7:b3:40:c3:6a:eb:df:17:f0:b1:df:75:90:
75:c5:28:02:58:41:67:7e:22:c2:0c:7b:ac:1e:60:
e7:03:ba:84:30:85:e5:7c:fb:07:c9:37:df:db:39:
fa:06:3d:b7:96:ab:4d:ac:6e:a7:7d:7c:82:3d:3d:
0e:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:A5:4D:D9:2F:CA:85:36:9F:30:DF:F6:3F:91:21:24:B5:3B:0A:E5
X509v3 Authority Key Identifier:
keyid:40:25:4D:4A:76:7A:D0:99:60:6E:44:2E:09:2F:91:24:1A:36:36:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QCVNSnZ60JlgbkQuCS-RJBo2NnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/ef6c8e-3f07-4b3f-a87e-bbe912eec73e/1/U6VN2S_KhTafMN_2P5EhJLU7CuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/ef6c8e-3f07-4b3f-a87e-bbe912eec73e/1/QCVNSnZ60JlgbkQuCS-RJBo2NnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7b40::/29
Signature Algorithm: sha256WithRSAEncryption
9b:03:f0:02:02:4b:b2:3a:64:1b:d4:0b:fb:4e:9d:18:dc:cf:
6a:f5:64:f3:be:75:47:85:28:3f:30:ab:f0:78:c2:cc:16:a5:
69:d1:8b:c7:19:c3:de:cc:5a:d3:3d:74:78:1a:c4:f0:84:4f:
51:77:26:f8:6d:9e:c5:86:1e:8b:2c:9c:c9:b4:47:d9:ef:34:
25:78:1b:ce:78:34:a0:33:af:0d:7b:9d:48:24:c2:b4:26:8e:
3c:7f:c2:42:46:ca:52:6c:7c:95:b3:9c:ca:14:e6:d9:3a:42:
93:60:83:15:a1:df:c9:e8:7a:b7:d7:ae:9f:7d:33:f7:c4:b5:
e3:df:35:12:b0:10:b6:90:03:f3:e5:a3:4d:26:37:1f:80:9c:
bd:90:e2:46:7b:ea:98:17:cb:ff:b4:ad:02:3e:3c:a2:f4:85:
92:db:13:02:d7:3e:99:a4:9e:df:8b:e0:2a:32:df:a9:2b:3c:
62:3e:b1:8a:d5:48:83:32:9a:d1:dd:ba:5b:13:81:c8:69:4c:
60:41:60:d8:bc:31:f6:18:a5:81:08:33:a1:f2:c0:8a:f2:eb:
a4:93:26:1a:a1:aa:b9:6e:8e:24:90:54:55:13:47:f2:7e:3a:
73:de:4e:21:c4:0d:50:6e:a7:04:38:f9:ae:a7:07:ed:9a:a1:
7b:71:0b:9e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVxDBb557Myn8dTxsDq3OYsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMjU0ZDRhNzY3YWQwOTk2MDZlNDQyZTA5MmY5MTI0MWEz
NjM2NzAwHhcNMjMwMTAyMDU1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2E1NGRkOTJmY2E4NTM2OWYzMGRmZjYzZjkxMjEyNGI1M2IwYWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0qovJb0tWt8oyAXlu7Mj74WKdZp
rg4Hg18MIxqndyfQmVSq4d64oypxUeyWxQZMkqiAgP7naYsNCqK88dgsvfzqhNO9
JCv4L8ZLkICP9dAC03jo/NmheHlKM4u9eWpIYJjh5AlvEXjOJhToKqxzpIbnroNn
6y2+M5jo0VqRySMBb7Lx1ZeWft7Sqk6sxdtBiJQmD6/WF5pZQyZUV5hSMPFuWSD6
RIll58oxMmTOloeArQjqgJQo4kxxT8UxAdaWGIH5ULezQMNq698X8LHfdZB1xSgC
WEFnfiLCDHusHmDnA7qEMIXlfPsHyTff2zn6Bj23lqtNrG6nfXyCPT0OIwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFOlTdkvyoU2nzDf9j+RISS1OwrlMB8GA1UdIwQY
MBaAFEAlTUp2etCZYG5ELgkvkSQaNjZwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUNWTlNuWjYwSmxnYmtRdUNTLVJKQm8yTm5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9lZjZjOGUtM2YwNy00YjNmLWE4N2Ut
YmJlOTEyZWVjNzNlLzEvVTZWTjJTX0toVGFmTU5fMlA1RWhKTFU3Q3VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9lZjZjOGUtM2YwNy00YjNmLWE4N2UtYmJlOTEyZWVjNzNl
LzEvUUNWTlNuWjYwSmxnYmtRdUNTLVJKQm8yTm5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg97QDAN
BgkqhkiG9w0BAQsFAAOCAQEAmwPwAgJLsjpkG9QL+06dGNzPavVk8751R4UoPzCr
8HjCzBaladGLxxnD3sxa0z10eBrE8IRPUXcm+G2exYYeiyycybRH2e80JXgbzng0
oDOvDXudSCTCtCaOPH/CQkbKUmx8lbOcyhTm2TpCk2CDFaHfyeh6t9eun30z98S1
4981ErAQtpAD8+WjTSY3H4CcvZDiRnvqmBfL/7StAj48ovSFktsTAtc+maSe34vg
KjLfqSs8Yj6xitVIgzKa0d26WxOByGlMYEFg2Lwx9hilgQgzofLAivLrpJMmGqGq
uW6OJJBUVRNH8n46c95OIcQNUG6nBDj5rqcH7Zqhe3ELng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:14 2024 by rpki-client on console-fra.rpki-client.org