Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/431105-67a2-49cb-b7e0-83ffc80073b2/1/UqsNAFhhohAvNpRIEDuin6Tnj7w.roa
File: UqsNAFhhohAvNpRIEDuin6Tnj7w.roa (raw, json)
Hash identifier: Hpf7H2DgsWw8QULkmLBZAYQZfmqkAkb/qmldpMqRid8=
Subject key identifier: 52:AB:0D:00:58:61:A2:10:2F:36:94:48:10:3B:A2:9F:A4:E7:8F:BC
Certificate issuer: /CN=ecbbf2ba5b32e42e8b6c03b836d764f975b5898f
Certificate serial: 018570C2CC54BB5100D9AA2601010784205C
Authority key identifier: EC:BB:F2:BA:5B:32:E4:2E:8B:6C:03:B8:36:D7:64:F9:75:B5:89:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7Lvyulsy5C6LbAO4Ntdk-XW1iY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/431105-67a2-49cb-b7e0-83ffc80073b2/1/UqsNAFhhohAvNpRIEDuin6Tnj7w.roa
Signing time: Mon 02 Jan 2023 04:34:52 +0000
ROA not before: Mon 02 Jan 2023 04:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212874
IP address blocks: 2a0c:fb00::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:cc:54:bb:51:00:d9:aa:26:01:01:07:84:20:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecbbf2ba5b32e42e8b6c03b836d764f975b5898f
Validity
Not Before: Jan 2 04:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52ab0d005861a2102f369448103ba29fa4e78fbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e7:76:40:f5:df:a7:96:8a:16:28:b0:33:cc:
24:94:a2:05:ab:37:d9:ab:58:72:2d:58:78:57:84:
81:40:99:66:cd:fe:df:2d:f8:0a:ca:30:44:cc:de:
ec:f8:32:e9:eb:83:57:21:99:e9:8c:1b:61:19:df:
44:b7:34:c3:f0:d4:af:9a:55:f7:b9:62:a0:3a:80:
c3:bb:b6:41:ad:b0:8c:2e:2a:cc:f1:56:db:b6:f6:
1a:4c:a6:d3:4c:52:6c:af:10:16:4f:dc:30:82:7a:
46:1e:ad:6b:77:e6:10:dd:5c:30:23:44:cd:ac:99:
ab:5a:f5:5e:e5:98:b0:7e:22:b1:16:fe:bc:94:a4:
96:d9:4d:3b:b0:46:aa:6c:ec:c2:97:be:74:ea:33:
f1:e6:b0:3e:06:13:24:c8:dd:ef:29:94:9d:03:d3:
de:84:7f:5b:8d:b5:f1:20:58:f5:db:63:42:a2:e6:
99:ad:dd:84:91:f2:23:d5:e3:ba:21:39:a1:bc:51:
cb:9c:3e:d5:19:1b:a2:c1:83:42:1e:7c:b6:d4:9e:
77:f9:ae:44:b8:c0:ca:8c:40:83:2f:5a:9f:a6:72:
9a:a6:fc:0e:63:ed:8e:9b:51:5d:66:ca:b2:81:b5:
eb:8d:a0:1f:80:6c:7b:4a:76:57:59:80:66:7b:b6:
a9:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:AB:0D:00:58:61:A2:10:2F:36:94:48:10:3B:A2:9F:A4:E7:8F:BC
X509v3 Authority Key Identifier:
keyid:EC:BB:F2:BA:5B:32:E4:2E:8B:6C:03:B8:36:D7:64:F9:75:B5:89:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7Lvyulsy5C6LbAO4Ntdk-XW1iY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/431105-67a2-49cb-b7e0-83ffc80073b2/1/UqsNAFhhohAvNpRIEDuin6Tnj7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/431105-67a2-49cb-b7e0-83ffc80073b2/1/7Lvyulsy5C6LbAO4Ntdk-XW1iY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:fb00::/29
Signature Algorithm: sha256WithRSAEncryption
55:d3:e2:72:ca:38:e5:43:67:ff:c3:9c:a1:af:f9:32:e9:0f:
5c:be:60:db:c4:64:fd:c5:63:90:cd:3d:8c:d1:13:e3:10:b2:
eb:fe:2b:cd:46:8e:d2:f4:c2:24:f0:62:69:a1:85:83:29:04:
8b:81:f8:60:d6:e7:d4:03:8f:e1:97:b0:f9:9e:f1:3a:a4:55:
00:8f:ca:cb:a3:95:14:91:7d:67:9c:74:79:c6:5a:79:8c:c1:
ce:cb:ee:7a:04:55:3e:fc:e9:27:4e:6a:37:22:ff:2e:f3:46:
de:da:d8:1a:02:b1:a8:3a:f3:4e:46:78:0b:a5:0a:b0:bb:66:
55:04:ba:a6:18:d6:3b:47:d3:80:33:31:63:16:92:5d:d1:db:
cc:19:02:aa:70:2e:3d:33:a5:33:70:f0:83:be:b7:e3:ce:c6:
2e:da:cb:0a:a7:fa:22:60:9d:3e:86:a1:8a:83:18:94:52:b4:
09:d8:a8:1a:7a:99:66:48:4e:52:92:c7:60:21:50:d5:4e:50:
9f:51:44:4d:40:1a:fc:9b:e7:3f:e9:02:f6:4f:0d:44:a8:de:
45:28:5d:ce:45:3b:28:f7:cc:e9:18:3b:cd:cc:98:34:a3:5a:
af:c4:10:7c:2a:eb:80:bd:a5:a0:0a:e7:5f:8d:f7:cf:eb:d8:
ae:48:b6:b5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVwwsxUu1EA2aomAQEHhCBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjYmJmMmJhNWIzMmU0MmU4YjZjMDNiODM2ZDc2NGY5NzVi
NTg5OGYwHhcNMjMwMTAyMDQzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmFiMGQwMDU4NjFhMjEwMmYzNjk0NDgxMDNiYTI5ZmE0ZTc4ZmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuud2QPXfp5aKFiiwM8wklKIFqzfZ
q1hyLVh4V4SBQJlmzf7fLfgKyjBEzN7s+DLp64NXIZnpjBthGd9EtzTD8NSvmlX3
uWKgOoDDu7ZBrbCMLirM8VbbtvYaTKbTTFJsrxAWT9wwgnpGHq1rd+YQ3VwwI0TN
rJmrWvVe5ZiwfiKxFv68lKSW2U07sEaqbOzCl7506jPx5rA+BhMkyN3vKZSdA9Pe
hH9bjbXxIFj122NCouaZrd2EkfIj1eO6ITmhvFHLnD7VGRuiwYNCHny21J53+a5E
uMDKjECDL1qfpnKapvwOY+2Om1FdZsqygbXrjaAfgGx7SnZXWYBme7ap+QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFKrDQBYYaIQLzaUSBA7op+k54+8MB8GA1UdIwQY
MBaAFOy78rpbMuQui2wDuDbXZPl1tYmPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0x2eXVsc3k1QzZMYkFPNE50ZGstWFcxaVk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC80MzExMDUtNjdhMi00OWNiLWI3ZTAt
ODNmZmM4MDA3M2IyLzEvVXFzTkFGaGhvaEF2TnBSSUVEdWluNlRuajd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC80MzExMDUtNjdhMi00OWNiLWI3ZTAtODNmZmM4MDA3M2Iy
LzEvN0x2eXVsc3k1QzZMYkFPNE50ZGstWFcxaVk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgz7ADAN
BgkqhkiG9w0BAQsFAAOCAQEAVdPicso45UNn/8Ocoa/5MukPXL5g28Rk/cVjkM09
jNET4xCy6/4rzUaO0vTCJPBiaaGFgykEi4H4YNbn1AOP4Zew+Z7xOqRVAI/Ky6OV
FJF9Z5x0ecZaeYzBzsvuegRVPvzpJ05qNyL/LvNG3trYGgKxqDrzTkZ4C6UKsLtm
VQS6phjWO0fTgDMxYxaSXdHbzBkCqnAuPTOlM3Dwg763487GLtrLCqf6ImCdPoah
ioMYlFK0CdioGnqZZkhOUpLHYCFQ1U5Qn1FETUAa/JvnP+kC9k8NRKjeRShdzkU7
KPfM6Rg7zcyYNKNar8QQfCrrgL2loArnX433z+vYrki2tQ==
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:38:25 2024 by rpki-client on console-fra.rpki-client.org