Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/uyDH3YEoG0mDtC_k25gFkhP9jh8.roa
File: uyDH3YEoG0mDtC_k25gFkhP9jh8.roa (raw, json)
Hash identifier: QP0/z95o9gUxNV+v+0hoNK0muk0G6Q7mDCzkrFaXc44=
Subject key identifier: BB:20:C7:DD:81:28:1B:49:83:B4:2F:E4:DB:98:05:92:13:FD:8E:1F
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 018CEE7D566CFCC84C729C7708C0437B3587
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/uyDH3YEoG0mDtC_k25gFkhP9jh8.roa
Signing time: Tue 09 Jan 2024 13:50:40 +0000
ROA not before: Tue 09 Jan 2024 13:50:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33915
IP address blocks: 2a07:3502:10c0::/48 maxlen: 48
2a07:3502:1060::/48 maxlen: 48
2a07:3500:12f8::/48 maxlen: 48
2a07:3500:15c0::/48 maxlen: 48
2a07:3500:1b90::/48 maxlen: 48
2a07:3500:1240::/46 maxlen: 46
2a07:3501:1340::/48 maxlen: 48
2a07:3502:11a0::/46 maxlen: 46
2a07:3502:10a1::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 19 Jan 2024 12:21:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ee:7d:56:6c:fc:c8:4c:72:9c:77:08:c0:43:7b:35:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Jan 9 13:50:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb20c7dd81281b4983b42fe4db98059213fd8e1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ac:35:26:7a:91:d0:94:55:9a:da:e0:7d:ad:
b4:54:51:92:04:af:07:fc:2e:28:3d:58:a9:89:54:
bb:bf:a9:9d:38:83:0f:14:4c:db:ea:8b:31:70:ae:
fb:a6:26:43:25:fb:54:bb:7f:fa:cb:ed:cc:76:65:
91:78:3b:38:99:6e:78:58:74:3b:6e:45:68:5e:08:
e3:cb:95:32:01:99:25:8b:d3:9d:73:65:34:f2:7a:
cd:8b:1e:95:b5:6d:b2:96:3f:fb:b8:88:09:f1:ed:
ed:62:34:26:3f:28:5b:5b:46:2c:1d:e7:73:bf:57:
ff:36:91:77:9c:bf:32:0a:f8:38:88:c4:76:31:d7:
aa:5a:e5:f1:2a:23:5d:74:9d:8f:ad:38:b1:b3:3c:
c1:5e:4c:f8:73:12:2c:03:f5:69:a5:06:88:fe:26:
cc:0d:14:c9:c8:16:7d:42:04:77:3d:93:78:ed:ab:
b0:ef:b4:ce:0d:c3:5b:9a:70:15:b1:54:9b:4b:91:
e1:c4:bf:b5:8c:26:d2:5d:34:30:65:49:b2:3d:d4:
1d:77:19:75:41:f6:62:84:57:18:67:1d:41:f7:4b:
51:f2:c0:0d:78:a5:38:33:a1:7f:ad:25:04:99:48:
b3:71:fd:18:4d:06:44:96:04:7c:0a:59:28:53:aa:
fd:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:20:C7:DD:81:28:1B:49:83:B4:2F:E4:DB:98:05:92:13:FD:8E:1F
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/uyDH3YEoG0mDtC_k25gFkhP9jh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:3500:1240::/46
2a07:3500:12f8::/48
2a07:3500:15c0::/48
2a07:3500:1b90::/48
2a07:3501:1340::/48
2a07:3502:1060::/48
2a07:3502:10a1::/48
2a07:3502:10c0::/48
2a07:3502:11a0::/46
Signature Algorithm: sha256WithRSAEncryption
71:c3:59:61:e8:2b:2f:d6:bf:42:05:75:99:5c:9b:45:29:ef:
9c:34:e4:83:79:a8:75:ef:6a:ea:7b:73:11:66:8a:fe:59:f4:
e3:10:49:3f:b9:e9:f9:e1:3c:97:6b:f6:d2:1a:d0:3e:60:ba:
61:78:81:95:09:af:d0:43:33:34:32:96:da:13:5f:d5:c3:7e:
c1:6e:e5:25:17:ba:9c:69:25:b1:e7:12:ff:7f:30:2c:f1:9c:
3d:13:0a:1a:9c:4f:b1:b0:18:c5:a8:71:c2:63:56:61:52:1d:
f6:08:1c:26:af:8b:56:c5:d2:01:01:76:22:32:12:43:30:56:
2b:0f:4e:8f:99:f2:74:d0:35:76:85:0b:9f:97:25:43:17:89:
1a:51:d9:52:41:30:28:e0:90:2c:15:7e:69:55:53:6b:73:97:
5b:f0:06:dc:cd:94:7f:a7:1b:30:97:18:be:37:ed:dc:0c:19:
2b:98:f5:c2:2a:e4:85:3e:5d:ba:16:4e:4f:bf:1b:62:55:e7:
af:b8:96:c6:4c:ef:46:e4:86:9b:95:a6:a0:ea:bb:a6:6f:6a:
90:7a:a8:4b:e9:b9:a3:05:23:4a:93:77:79:57:ca:0d:4a:f0:
a0:6e:37:ce:14:1c:7e:50:ef:14:fd:b1:8d:81:8b:7f:1b:ab:
90:14:21:c8
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYzufVZs/MhMcpx3CMBDezWHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjQwMTA5MTM1MDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjIwYzdkZDgxMjgxYjQ5ODNiNDJmZTRkYjk4MDU5MjEzZmQ4ZTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqw1JnqR0JRVmtrgfa20VFGSBK8H
/C4oPVipiVS7v6mdOIMPFEzb6osxcK77piZDJftUu3/6y+3MdmWReDs4mW54WHQ7
bkVoXgjjy5UyAZkli9Odc2U08nrNix6VtW2ylj/7uIgJ8e3tYjQmPyhbW0YsHedz
v1f/NpF3nL8yCvg4iMR2MdeqWuXxKiNddJ2PrTixszzBXkz4cxIsA/VppQaI/ibM
DRTJyBZ9QgR3PZN47auw77TODcNbmnAVsVSbS5HhxL+1jCbSXTQwZUmyPdQddxl1
QfZihFcYZx1B90tR8sANeKU4M6F/rSUEmUizcf0YTQZElgR8ClkoU6r92wIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFLsgx92BKBtJg7Qv5NuYBZIT/Y4fMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvdXlESDNZRW9HMG1EdENfazI1Z0ZraFA5amg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBXBAIAAjBRAwcCKgc1ABJA
AwcAKgc1ABL4AwcAKgc1ABXAAwcAKgc1ABuQAwcAKgc1ARNAAwcAKgc1AhBgAwcA
Kgc1AhChAwcAKgc1AhDAAwcCKgc1AhGgMA0GCSqGSIb3DQEBCwUAA4IBAQBxw1lh
6Csv1r9CBXWZXJtFKe+cNOSDeah172rqe3MRZor+WfTjEEk/uen54TyXa/bSGtA+
YLpheIGVCa/QQzM0MpbaE1/Vw37BbuUlF7qcaSWx5xL/fzAs8Zw9EwoanE+xsBjF
qHHCY1ZhUh32CBwmr4tWxdIBAXYiMhJDMFYrD06PmfJ00DV2hQuflyVDF4kaUdlS
QTAo4JAsFX5pVVNrc5db8AbczZR/pxswlxi+N+3cDBkrmPXCKuSFPl26Fk5Pvxti
VeevuJbGTO9G5Iablaag6rumb2qQeqhL6bmjBSNKk3d5V8oNSvCgbjfOFBx+UO8U
/bGNgYt/G6uQFCHI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:54 2024 by rpki-client on console-fra.rpki-client.org