Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/Uxf8avkMKnCxu0PR5vV57ZevEIQ.roa
File: Uxf8avkMKnCxu0PR5vV57ZevEIQ.roa (raw, json)
Hash identifier: Wekdwj5uuEEl+7KN/jpklpuz/j/i+2qMbV1ss8xNFlI=
Subject key identifier: 53:17:FC:6A:F9:0C:2A:70:B1:BB:43:D1:E6:F5:79:ED:97:AF:10:84
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 0194282559EF8BB60FCB111C75C735F71E1A
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/Uxf8avkMKnCxu0PR5vV57ZevEIQ.roa
Signing time: Thu 02 Jan 2025 17:52:04 +0000
ROA not before: Thu 02 Jan 2025 17:52:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25135
IP address blocks: 2a01:840::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 20 Jan 2025 13:57:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:59:ef:8b:b6:0f:cb:11:1c:75:c7:35:f7:1e:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Jan 2 17:52:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5317fc6af90c2a70b1bb43d1e6f579ed97af1084
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:bb:a5:1c:95:55:9b:b0:ec:af:21:32:9a:0e:
59:80:a4:c9:be:f1:e6:c3:25:2d:fd:20:09:6f:59:
cd:bf:d9:3c:83:16:b0:2a:23:9b:ff:ea:c5:dc:4a:
ef:4d:8b:f7:fa:3c:f8:6f:4f:01:04:30:c5:a2:b2:
66:17:9e:65:64:2a:5a:cc:b4:3a:25:2d:82:3b:2d:
a0:e8:a7:c0:47:55:b5:2e:f8:2d:8a:7a:05:19:95:
75:51:fd:e9:64:69:73:21:f4:ca:d3:1c:2c:02:6e:
bb:7e:aa:85:6d:85:47:b2:66:64:97:b7:18:bd:d6:
a1:c5:f0:fa:59:d4:78:90:49:42:b6:fe:d3:c7:fd:
8b:37:8c:8e:10:85:bf:7b:42:98:71:94:8a:d0:75:
3f:12:54:be:54:d7:d6:fb:12:ad:8d:23:fb:61:4d:
68:71:d8:19:4c:0d:22:74:d6:38:a2:5a:d8:4d:f1:
28:ed:55:7d:6c:7e:d0:c2:20:08:ab:39:a8:6a:67:
d0:68:98:54:29:74:7e:d3:08:cd:34:8e:95:2f:f5:
5d:d5:e0:80:6a:d1:77:9a:a9:80:e3:04:87:94:00:
3b:ba:13:3c:82:5f:95:54:04:7c:dd:e9:65:6f:58:
69:49:28:18:59:c8:60:f3:8f:ca:e1:92:e9:79:3c:
3c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:17:FC:6A:F9:0C:2A:70:B1:BB:43:D1:E6:F5:79:ED:97:AF:10:84
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/Uxf8avkMKnCxu0PR5vV57ZevEIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:840::/32
Signature Algorithm: sha256WithRSAEncryption
92:97:27:94:43:e4:4a:c6:bd:ea:b0:75:f4:91:0a:5c:84:b7:
76:1a:f3:15:d2:34:26:de:f6:6c:ff:17:5e:87:7b:bc:ff:12:
f0:b2:c7:52:97:d6:85:10:f3:96:ae:58:b8:a1:b2:2f:33:d8:
6e:a7:c9:80:a7:9c:59:e3:18:73:39:34:4f:60:35:84:17:85:
e9:de:f7:22:9a:d9:e0:b4:9b:06:36:1f:1f:5c:f4:c8:87:e7:
16:91:66:3a:cf:62:7c:d2:fe:f5:73:58:01:4e:23:c1:40:96:
09:32:44:3f:b6:c0:cb:e0:75:af:bc:2a:93:d5:c7:81:fc:5c:
03:00:9a:c8:2d:d1:ce:4b:78:bc:29:a3:e6:f7:3c:53:5e:7b:
af:66:c4:86:c9:83:d7:4f:74:25:4d:04:d8:84:c7:82:68:75:
03:67:f7:43:d0:f1:cc:59:9e:59:91:7a:00:85:fe:1c:9e:97:
00:2a:ab:a5:64:b0:5d:c7:a0:d9:ed:7a:45:46:3b:f0:3c:23:
7f:38:e9:24:5d:18:35:8a:74:79:e2:8e:9d:97:9a:14:2a:bb:
a2:82:04:c1:e8:2f:5b:55:dd:e6:96:50:ba:07:9e:47:29:62:
00:8a:54:b8:9f:62:75:48:a9:c9:8b:e3:00:3b:5e:7f:e0:86:
b5:84:43:0b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQoJVnvi7YPyxEcdcc19x4aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjUwMTAyMTc1MjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzE3ZmM2YWY5MGMyYTcwYjFiYjQzZDFlNmY1NzllZDk3YWYxMDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrulHJVVm7DsryEymg5ZgKTJvvHm
wyUt/SAJb1nNv9k8gxawKiOb/+rF3ErvTYv3+jz4b08BBDDForJmF55lZCpazLQ6
JS2COy2g6KfAR1W1LvgtinoFGZV1Uf3pZGlzIfTK0xwsAm67fqqFbYVHsmZkl7cY
vdahxfD6WdR4kElCtv7Tx/2LN4yOEIW/e0KYcZSK0HU/ElS+VNfW+xKtjSP7YU1o
cdgZTA0idNY4olrYTfEo7VV9bH7QwiAIqzmoamfQaJhUKXR+0wjNNI6VL/Vd1eCA
atF3mqmA4wSHlAA7uhM8gl+VVAR83ellb1hpSSgYWchg84/K4ZLpeTw8+QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFMX/Gr5DCpwsbtD0eb1ee2XrxCEMB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvVXhmOGF2a01LbkN4dTBQUjV2VjU3WmV2RUlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgEIQDAN
BgkqhkiG9w0BAQsFAAOCAQEAkpcnlEPkSsa96rB19JEKXIS3dhrzFdI0Jt72bP8X
Xod7vP8S8LLHUpfWhRDzlq5YuKGyLzPYbqfJgKecWeMYczk0T2A1hBeF6d73IprZ
4LSbBjYfH1z0yIfnFpFmOs9ifNL+9XNYAU4jwUCWCTJEP7bAy+B1r7wqk9XHgfxc
AwCayC3Rzkt4vCmj5vc8U157r2bEhsmD1090JU0E2ITHgmh1A2f3Q9DxzFmeWZF6
AIX+HJ6XACqrpWSwXceg2e16RUY78DwjfzjpJF0YNYp0eeKOnZeaFCq7ooIEwegv
W1Xd5pZQugeeRyliAIpUuJ9idUipyYvjADtef+CGtYRDCw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:15:15 2025 by rpki-client