Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/uNuG5wk7uRtXStKE4Dxpb9jJytk.roa
File: uNuG5wk7uRtXStKE4Dxpb9jJytk.roa (raw, json)
Hash identifier: 5iWjw+otJv6kjRbsxdiRrhWPbkbdF9Y1bbCbxWnn66w=
Subject key identifier: B8:DB:86:E7:09:3B:B9:1B:57:4A:D2:84:E0:3C:69:6F:D8:C9:CA:D9
Certificate issuer: /CN=c531b63d11a6cc2d1ce69e1311c87ac1a6a70733
Certificate serial: 018CC80186673A64825C029490CD30830E4D
Authority key identifier: C5:31:B6:3D:11:A6:CC:2D:1C:E6:9E:13:11:C8:7A:C1:A6:A7:07:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/uNuG5wk7uRtXStKE4Dxpb9jJytk.roa
Signing time: Tue 02 Jan 2024 02:29:52 +0000
ROA not before: Tue 02 Jan 2024 02:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210825
IP address blocks: 2001:67c:80c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 10 Jan 2024 09:49:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:86:67:3a:64:82:5c:02:94:90:cd:30:83:0e:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c531b63d11a6cc2d1ce69e1311c87ac1a6a70733
Validity
Not Before: Jan 2 02:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8db86e7093bb91b574ad284e03c696fd8c9cad9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:18:47:55:cc:6e:6c:5b:8f:d3:3d:00:97:7e:
ce:d6:41:bd:a0:0a:7e:c6:a5:16:fb:ea:17:5a:0f:
4c:c4:df:c9:e4:ec:6c:f3:fd:11:37:14:fd:88:16:
6b:7b:44:cd:a9:40:55:81:0d:67:04:5f:fb:f7:9d:
fa:15:6f:1d:32:81:ae:e1:8d:1a:bf:2b:d3:c3:be:
1b:1e:8d:3e:ec:d6:69:8e:b4:c2:99:41:32:c5:ed:
92:af:56:c5:05:0c:b3:81:0c:3c:87:f0:9a:02:79:
52:bf:88:3c:70:33:2b:f7:67:c3:51:c2:9b:64:e2:
8d:88:37:40:57:35:3c:c0:14:91:ea:1b:39:76:d9:
ea:c6:c7:d2:94:65:80:d1:9d:5b:d1:54:7d:98:d7:
c7:68:f1:4a:79:ad:81:1b:93:cb:4d:62:23:2d:61:
01:e8:cb:27:bc:57:19:e2:49:45:3e:28:a7:64:e6:
78:13:bd:a6:ba:3b:41:d3:04:30:16:12:70:3a:ea:
ab:e0:de:c8:08:ff:03:f3:4c:58:11:c4:e6:d2:ac:
5d:69:16:35:d3:57:b5:5f:4e:fb:5d:af:72:73:4f:
8a:25:6c:fc:5c:a3:62:7c:d6:d4:a5:7a:9a:11:db:
b5:8f:30:3b:6d:33:64:7c:fd:ce:38:be:d1:7a:88:
0d:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:DB:86:E7:09:3B:B9:1B:57:4A:D2:84:E0:3C:69:6F:D8:C9:CA:D9
X509v3 Authority Key Identifier:
keyid:C5:31:B6:3D:11:A6:CC:2D:1C:E6:9E:13:11:C8:7A:C1:A6:A7:07:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/uNuG5wk7uRtXStKE4Dxpb9jJytk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:80c::/48
Signature Algorithm: sha256WithRSAEncryption
73:b3:f2:8f:2d:c5:4a:0f:4c:98:97:92:83:53:c9:98:ef:37:
ac:74:d0:a0:41:66:d1:af:89:3f:4f:da:71:3f:69:ab:b6:9f:
b9:2f:e4:60:10:c3:a8:40:7f:b9:90:de:39:ba:86:f9:f9:15:
0b:1c:95:b5:43:48:de:62:ab:66:bf:4f:9b:06:ac:81:4c:ec:
58:4b:a8:10:37:34:57:39:0d:d1:1a:05:f4:87:aa:fa:5b:a1:
b2:08:e1:08:8a:45:02:fa:b1:2e:e8:da:c9:6b:d3:1a:73:59:
46:52:dd:70:66:44:c5:01:08:d9:7b:47:1f:6a:63:5f:1f:88:
cc:7a:6a:ca:d3:8a:4f:97:4e:59:b8:46:f0:19:63:71:0c:05:
17:36:62:03:4a:e6:ab:0c:56:b0:46:00:fc:e8:b9:c5:5b:14:
d1:6b:94:10:2a:ec:b6:f8:d1:a6:67:d2:11:85:e1:a3:be:46:
7e:39:fc:86:c9:d4:07:89:fc:7e:ec:a5:84:23:c4:aa:32:b2:
ef:5b:9d:fa:a0:94:6c:57:da:ef:bb:15:a7:19:11:84:dc:66:
67:39:62:4c:94:5c:c2:97:98:17:a1:57:16:01:f1:3e:9a:9c:
bf:4f:b5:da:7a:da:3c:40:ec:89:e1:26:b5:c5:2b:f5:3f:8f:
57:4c:69:a5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIAYZnOmSCXAKUkM0wgw5NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1MzFiNjNkMTFhNmNjMmQxY2U2OWUxMzExYzg3YWMxYTZh
NzA3MzMwHhcNMjQwMTAyMDIyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGRiODZlNzA5M2JiOTFiNTc0YWQyODRlMDNjNjk2ZmQ4YzljYWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBhHVcxubFuP0z0Al37O1kG9oAp+
xqUW++oXWg9MxN/J5Oxs8/0RNxT9iBZre0TNqUBVgQ1nBF/79536FW8dMoGu4Y0a
vyvTw74bHo0+7NZpjrTCmUEyxe2Sr1bFBQyzgQw8h/CaAnlSv4g8cDMr92fDUcKb
ZOKNiDdAVzU8wBSR6hs5dtnqxsfSlGWA0Z1b0VR9mNfHaPFKea2BG5PLTWIjLWEB
6MsnvFcZ4klFPiinZOZ4E72mujtB0wQwFhJwOuqr4N7ICP8D80xYEcTm0qxdaRY1
01e1X077Xa9yc0+KJWz8XKNifNbUpXqaEdu1jzA7bTNkfP3OOL7ReogN1wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLjbhucJO7kbV0rShOA8aW/YycrZMB8GA1UdIwQY
MBaAFMUxtj0RpswtHOaeExHIesGmpwczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84Njg5OGUtZTZlNi00Yjg4LTg4MTEt
ZGI4Y2FiY2VlMjFlLzEvdU51RzV3azd1UnRYU3RLRTREeHBiOWpKeXRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC84Njg5OGUtZTZlNi00Yjg4LTg4MTEtZGI4Y2FiY2VlMjFl
LzEveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAgM
MA0GCSqGSIb3DQEBCwUAA4IBAQBzs/KPLcVKD0yYl5KDU8mY7zesdNCgQWbRr4k/
T9pxP2mrtp+5L+RgEMOoQH+5kN45uob5+RULHJW1Q0jeYqtmv0+bBqyBTOxYS6gQ
NzRXOQ3RGgX0h6r6W6GyCOEIikUC+rEu6NrJa9Mac1lGUt1wZkTFAQjZe0cfamNf
H4jMemrK04pPl05ZuEbwGWNxDAUXNmIDSuarDFawRgD86LnFWxTRa5QQKuy2+NGm
Z9IRheGjvkZ+OfyGydQHifx+7KWEI8SqMrLvW536oJRsV9rvuxWnGRGE3GZnOWJM
lFzCl5gXoVcWAfE+mpy/T7Xaeto8QOyJ4Sa1xSv1P49XTGml
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:49 2024 by rpki-client on console-ams.rpki-client.org