Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/fc7657-063e-4af7-89e6-f9fea34b6b01/1/U6zjBKHvhvXVraPpmrTV4eS7zKc.roa
File: U6zjBKHvhvXVraPpmrTV4eS7zKc.roa (raw, json)
Hash identifier: MUx7nGb/cGJLkuOWbTaUTLd6/iMiJBHTXZBcucEm+Kk=
Subject key identifier: 53:AC:E3:04:A1:EF:86:F5:D5:AD:A3:E9:9A:B4:D5:E1:E4:BB:CC:A7
Certificate issuer: /CN=398847f70a35e710844e9bb8a262beddb40b7cc9
Certificate serial: 0191079A65C038856F2573F6A0B138AB9C0F
Authority key identifier: 39:88:47:F7:0A:35:E7:10:84:4E:9B:B8:A2:62:BE:DD:B4:0B:7C:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OYhH9wo15xCETpu4omK-3bQLfMk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/fc7657-063e-4af7-89e6-f9fea34b6b01/1/U6zjBKHvhvXVraPpmrTV4eS7zKc.roa
Signing time: Wed 31 Jul 2024 07:04:04 +0000
ROA not before: Wed 31 Jul 2024 07:04:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214450
IP address blocks: 2001:678:658::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:07:9a:65:c0:38:85:6f:25:73:f6:a0:b1:38:ab:9c:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=398847f70a35e710844e9bb8a262beddb40b7cc9
Validity
Not Before: Jul 31 07:04:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53ace304a1ef86f5d5ada3e99ab4d5e1e4bbcca7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:3e:a8:ab:aa:91:d6:2b:67:05:da:df:b7:60:
fc:53:d8:3a:57:f2:d3:35:af:b6:9f:f2:d0:77:a5:
12:75:63:a5:65:6e:fc:9e:f9:53:e3:14:0f:e6:bb:
95:5b:fd:1d:45:1f:95:bd:5f:5b:95:e9:39:04:21:
08:b2:7b:9b:e3:7b:56:3b:ad:28:80:c2:89:64:3d:
ff:ce:b0:c3:d1:85:bc:04:a0:28:45:1c:c6:e9:70:
96:a7:13:69:a7:50:41:9b:4c:18:f6:b5:56:47:d3:
1e:b9:68:41:e0:4f:5f:61:21:7a:a0:e1:05:44:29:
af:1d:3c:4b:c4:e0:a8:67:c2:ce:45:ca:89:ca:28:
31:2d:e8:a0:e2:c5:0e:f9:06:50:ee:15:e8:f0:f1:
c5:68:62:a3:9a:a9:ef:ef:f7:15:82:6d:66:f6:b9:
1f:ce:42:12:fb:e3:47:17:68:b6:8c:77:7d:c1:9d:
1b:98:e8:70:ea:c1:40:36:d4:e7:41:ec:d1:9e:a1:
1d:1f:08:27:97:02:90:1e:b8:f9:75:4f:60:9b:4c:
f8:15:8c:d2:33:fa:b6:47:e5:54:16:25:05:d0:01:
d6:9b:90:be:7b:24:0d:14:9d:04:29:ac:77:bf:28:
dd:f5:14:ef:1a:3e:c1:6c:23:71:9d:2c:15:29:69:
64:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:AC:E3:04:A1:EF:86:F5:D5:AD:A3:E9:9A:B4:D5:E1:E4:BB:CC:A7
X509v3 Authority Key Identifier:
keyid:39:88:47:F7:0A:35:E7:10:84:4E:9B:B8:A2:62:BE:DD:B4:0B:7C:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OYhH9wo15xCETpu4omK-3bQLfMk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/fc7657-063e-4af7-89e6-f9fea34b6b01/1/U6zjBKHvhvXVraPpmrTV4eS7zKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/fc7657-063e-4af7-89e6-f9fea34b6b01/1/OYhH9wo15xCETpu4omK-3bQLfMk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:658::/48
Signature Algorithm: sha256WithRSAEncryption
bb:7f:31:74:29:b1:9e:90:d9:4e:c3:94:94:77:34:5b:b0:bd:
4a:9e:e0:d1:b2:57:43:6a:e5:95:2e:2e:1b:c4:46:d0:e4:d0:
9a:99:41:ee:eb:cb:ab:5d:be:b4:0d:66:84:a8:48:9d:04:f8:
53:ec:a0:6d:7a:35:78:d4:ea:dd:d5:83:cc:49:88:3d:c2:34:
64:b5:1b:79:7a:5c:1b:1d:72:a5:7e:d2:9f:5c:25:fa:81:bc:
d3:c2:4b:b1:68:1c:f3:cb:b3:b2:3c:7f:17:16:de:e2:a1:1f:
5c:88:74:ef:3f:f7:3a:c3:fb:28:3b:a6:ba:30:f9:02:da:7e:
9a:f9:60:2e:24:2f:8b:15:af:9b:87:95:c9:e8:64:6c:31:d8:
64:be:60:1d:f3:a4:b1:65:ff:79:c5:de:4f:12:fd:9b:94:55:
76:00:7f:0a:1a:83:de:bd:7b:a6:cd:27:f0:49:cd:7c:e2:51:
4d:31:eb:54:1e:db:f8:53:97:e9:21:47:c1:82:92:42:e5:d0:
8c:8b:10:a2:80:0f:13:7a:1c:18:0f:65:54:f5:99:51:f2:18:
20:00:53:65:7c:86:15:d6:62:66:f5:b1:0a:4f:f1:d7:11:db:
da:71:a5:7e:2b:b1:e7:2d:71:eb:d1:6f:69:7a:b6:ca:74:b6:
2c:14:47:4b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZEHmmXAOIVvJXP2oLE4q5wPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ODg0N2Y3MGEzNWU3MTA4NDRlOWJiOGEyNjJiZWRkYjQw
YjdjYzkwHhcNMjQwNzMxMDcwNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2FjZTMwNGExZWY4NmY1ZDVhZGEzZTk5YWI0ZDVlMWU0YmJjY2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApz6oq6qR1itnBdrft2D8U9g6V/LT
Na+2n/LQd6USdWOlZW78nvlT4xQP5ruVW/0dRR+VvV9blek5BCEIsnub43tWO60o
gMKJZD3/zrDD0YW8BKAoRRzG6XCWpxNpp1BBm0wY9rVWR9MeuWhB4E9fYSF6oOEF
RCmvHTxLxOCoZ8LORcqJyigxLeig4sUO+QZQ7hXo8PHFaGKjmqnv7/cVgm1m9rkf
zkIS++NHF2i2jHd9wZ0bmOhw6sFANtTnQezRnqEdHwgnlwKQHrj5dU9gm0z4FYzS
M/q2R+VUFiUF0AHWm5C+eyQNFJ0EKax3vyjd9RTvGj7BbCNxnSwVKWlkmwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFOs4wSh74b11a2j6Zq01eHku8ynMB8GA1UdIwQY
MBaAFDmIR/cKNecQhE6buKJivt20C3zJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1loSDl3bzE1eENFVHB1NG9tSy0zYlFMZk1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9mYzc2NTctMDYzZS00YWY3LTg5ZTYt
ZjlmZWEzNGI2YjAxLzEvVTZ6akJLSHZodlhWcmFQcG1yVFY0ZVM3ektjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9mYzc2NTctMDYzZS00YWY3LTg5ZTYtZjlmZWEzNGI2YjAx
LzEvT1loSDl3bzE1eENFVHB1NG9tSy0zYlFMZk1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAZY
MA0GCSqGSIb3DQEBCwUAA4IBAQC7fzF0KbGekNlOw5SUdzRbsL1KnuDRsldDauWV
Li4bxEbQ5NCamUHu68urXb60DWaEqEidBPhT7KBtejV41Ord1YPMSYg9wjRktRt5
elwbHXKlftKfXCX6gbzTwkuxaBzzy7OyPH8XFt7ioR9ciHTvP/c6w/soO6a6MPkC
2n6a+WAuJC+LFa+bh5XJ6GRsMdhkvmAd86SxZf95xd5PEv2blFV2AH8KGoPevXum
zSfwSc184lFNMetUHtv4U5fpIUfBgpJC5dCMixCigA8TehwYD2VU9ZlR8hggAFNl
fIYV1mJm9bEKT/HXEdvacaV+K7HnLXHr0W9perbKdLYsFEdL
-----END CERTIFICATE-----
Generated at Fri Jan 31 20:15:20 2025 by rpki-client