Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/UfXy1BQe6tv4KE6J6oDL1Q_3bOE.roa
File: UfXy1BQe6tv4KE6J6oDL1Q_3bOE.roa (raw, json)
Hash identifier: /AUEOoYXRlIkoWH3RREnJ+OJTnGBZT0dBVfZIHxAAWI=
Subject key identifier: 51:F5:F2:D4:14:1E:EA:DB:F8:28:4E:89:EA:80:CB:D5:0F:F7:6C:E1
Certificate issuer: /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial: 0193ACDCA968E998BB206E2574B2AA3540DE
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/UfXy1BQe6tv4KE6J6oDL1Q_3bOE.roa
Signing time: Mon 09 Dec 2024 19:19:22 +0000
ROA not before: Mon 09 Dec 2024 19:19:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213220
IP address blocks: 2a11:5a46::/32 maxlen: 32
2a12:1541::/32 maxlen: 32
2a12:7301::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ac:dc:a9:68:e9:98:bb:20:6e:25:74:b2:aa:35:40:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Validity
Not Before: Dec 9 19:19:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=51f5f2d4141eeadbf8284e89ea80cbd50ff76ce1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:36:d5:55:ef:72:dd:d9:be:ce:c9:16:56:39:
e3:cb:35:26:d9:e7:39:87:a1:3d:fc:65:28:ac:43:
3f:1b:e3:7d:df:b2:8a:7a:e7:4f:b5:27:af:b6:9c:
3e:d1:15:94:6d:9e:dc:71:f5:ea:c5:98:a8:b0:d1:
49:b6:ea:67:97:68:ed:1d:e5:ff:28:88:ed:cc:ba:
f9:0c:d3:01:fb:cb:17:96:e5:d8:99:39:e2:2f:e0:
3b:b1:35:94:a9:9c:15:98:01:82:44:03:fb:53:13:
22:6b:b8:72:fa:17:24:92:8e:b2:bf:8c:54:5e:84:
f8:2e:d0:95:0f:93:2b:dd:1b:ac:ac:62:31:df:a8:
82:d8:f3:7d:d7:ec:0e:24:9b:61:20:8e:2b:be:48:
3c:b4:51:d8:70:5b:6d:a1:9e:2a:f9:bf:10:af:89:
d9:23:3f:e9:8d:ec:48:89:d8:99:70:05:b5:77:10:
9f:61:f4:63:fb:b3:fd:c5:b2:e7:94:b0:62:ad:c2:
f9:a4:77:01:71:b1:43:01:2d:33:05:b4:65:1e:04:
db:8d:85:66:00:73:44:86:d5:3d:fd:0b:49:9a:24:
75:3c:99:26:34:ad:58:59:b7:56:2f:de:cb:71:93:
4b:f1:f6:af:68:a3:48:8e:71:8c:d7:4d:2b:b9:d3:
02:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:F5:F2:D4:14:1E:EA:DB:F8:28:4E:89:EA:80:CB:D5:0F:F7:6C:E1
X509v3 Authority Key Identifier:
keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/UfXy1BQe6tv4KE6J6oDL1Q_3bOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5a46::/32
2a12:1541::/32
2a12:7301::/32
Signature Algorithm: sha256WithRSAEncryption
c8:45:82:f0:da:4a:ac:19:31:16:37:65:15:aa:05:0f:5a:06:
76:00:86:3d:8a:01:f9:74:11:db:2c:74:64:e4:96:ee:77:d1:
85:88:18:7a:dc:46:b3:38:e3:35:1d:1f:54:d8:22:30:79:a9:
5e:ca:06:f1:e3:eb:51:4a:45:03:9c:c8:9a:e9:61:fc:12:c5:
76:b5:e0:49:51:8a:30:01:7c:a3:9a:c8:55:06:0f:89:5d:6e:
4b:49:34:52:79:fb:31:d2:07:8a:65:26:93:a6:66:2d:bb:5e:
51:fe:77:89:82:d2:3d:75:45:ea:89:f8:98:47:83:a8:a9:2f:
b1:83:02:d8:b3:3e:03:e7:50:bc:6f:bb:78:ca:39:96:83:6c:
34:76:26:89:17:23:b7:bf:4f:c5:b5:d2:91:59:d8:5b:c0:98:
71:77:c6:74:98:3d:19:89:bc:08:d5:4f:7a:d2:1a:84:b0:7a:
80:94:42:b6:b7:36:46:14:d3:a5:43:01:2b:72:54:07:40:11:
9d:ce:20:2d:ec:29:f7:1f:95:8a:41:ea:e0:c2:69:63:43:35:
c3:23:98:04:cc:75:25:19:64:99:d1:67:12:4c:22:f8:33:89:
60:91:1e:ca:e8:3f:1f:33:ac:92:19:ae:2e:3d:e0:dc:ee:3f:
b0:c8:09:14
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZOs3Klo6Zi7IG4ldLKqNUDeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjQxMjA5MTkxOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWY1ZjJkNDE0MWVlYWRiZjgyODRlODllYTgwY2JkNTBmZjc2Y2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDbVVe9y3dm+zskWVjnjyzUm2ec5
h6E9/GUorEM/G+N937KKeudPtSevtpw+0RWUbZ7ccfXqxZiosNFJtupnl2jtHeX/
KIjtzLr5DNMB+8sXluXYmTniL+A7sTWUqZwVmAGCRAP7UxMia7hy+hckko6yv4xU
XoT4LtCVD5Mr3RusrGIx36iC2PN91+wOJJthII4rvkg8tFHYcFttoZ4q+b8Qr4nZ
Iz/pjexIidiZcAW1dxCfYfRj+7P9xbLnlLBircL5pHcBcbFDAS0zBbRlHgTbjYVm
AHNEhtU9/QtJmiR1PJkmNK1YWbdWL97LcZNL8favaKNIjnGM100rudMCrwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFH18tQUHurb+ChOieqAy9UP92zhMB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvVWZYeTFCUWU2dHY0S0U2SjZvREwxUV8zYk9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKhFaRgMF
ACoSFUEDBQAqEnMBMA0GCSqGSIb3DQEBCwUAA4IBAQDIRYLw2kqsGTEWN2UVqgUP
WgZ2AIY9igH5dBHbLHRk5Jbud9GFiBh63EazOOM1HR9U2CIwealeygbx4+tRSkUD
nMia6WH8EsV2teBJUYowAXyjmshVBg+JXW5LSTRSefsx0geKZSaTpmYtu15R/neJ
gtI9dUXqifiYR4OoqS+xgwLYsz4D51C8b7t4yjmWg2w0diaJFyO3v0/FtdKRWdhb
wJhxd8Z0mD0ZibwI1U960hqEsHqAlEK2tzZGFNOlQwErclQHQBGdziAt7Cn3H5WK
QergwmljQzXDI5gEzHUlGWSZ0WcSTCL4M4lgkR7K6D8fM6ySGa4uPeDc7j+wyAkU
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:40:26 2025 by rpki-client