Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/UPpe23HsatNXDEo9EutDBrkYq6s.roa
File: UPpe23HsatNXDEo9EutDBrkYq6s.roa (raw, json)
Hash identifier: TkshmcZL26G86tjm7OxYdFVBQqOZ2KxdJE5n6QoC45g=
Subject key identifier: 50:FA:5E:DB:71:EC:6A:D3:57:0C:4A:3D:12:EB:43:06:B9:18:AB:AB
Certificate issuer: /CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Certificate serial: 019427B668DD480D951ACC4B3EDDC8F09CCD
Authority key identifier: CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/UPpe23HsatNXDEo9EutDBrkYq6s.roa
Signing time: Thu 02 Jan 2025 15:50:53 +0000
ROA not before: Thu 02 Jan 2025 15:50:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a0e:7f40::/32 maxlen: 32
2a0e:7f41::/32 maxlen: 32
2a0e:7f43::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 23 Jan 2025 07:18:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:68:dd:48:0d:95:1a:cc:4b:3e:dd:c8:f0:9c:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Validity
Not Before: Jan 2 15:50:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=50fa5edb71ec6ad3570c4a3d12eb4306b918abab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b1:4f:81:2f:dd:f3:ea:3f:96:f4:ce:0f:0d:
b0:b8:b4:52:6b:65:e3:d4:e9:8a:c0:ad:35:d2:11:
3a:c4:05:e3:04:75:69:33:87:c2:06:42:1b:98:63:
c8:6b:de:2f:e6:b4:d2:62:0a:89:70:3e:6d:5d:5d:
ba:e6:04:0e:67:8b:82:3d:47:1a:17:7b:b2:e1:73:
ae:ac:81:8d:1a:78:d3:12:fa:97:5e:d2:f7:8a:75:
19:9e:79:ea:a4:c8:03:95:3f:51:6e:8f:ce:55:46:
9d:3d:38:ec:7c:ba:f4:0e:c5:df:ce:34:e5:ac:bc:
ea:e6:fe:43:19:6f:52:f5:d3:59:60:f2:60:c0:cc:
a9:e3:83:4d:24:89:6e:a7:37:fe:92:d6:15:d6:62:
ea:de:8b:1b:32:ce:89:cb:92:dd:e8:10:79:a4:d5:
73:d2:aa:c3:40:01:8a:0d:34:28:79:b5:9e:20:4f:
9e:e5:df:55:25:35:e9:4c:62:45:d6:5a:0e:de:85:
3f:6d:e9:4f:d6:2a:61:85:ef:40:c4:b1:da:a8:13:
25:8a:78:30:de:47:95:f5:63:15:a8:f0:f6:b9:0a:
5e:29:fa:39:74:6b:4d:06:67:1c:84:a8:73:4a:00:
da:c7:6e:f2:46:d9:9d:5f:06:2b:fd:b2:9d:ac:28:
1a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:FA:5E:DB:71:EC:6A:D3:57:0C:4A:3D:12:EB:43:06:B9:18:AB:AB
X509v3 Authority Key Identifier:
keyid:CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/UPpe23HsatNXDEo9EutDBrkYq6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:7f40::/31
2a0e:7f43::/32
Signature Algorithm: sha256WithRSAEncryption
af:89:65:ab:d2:a9:72:10:c4:5d:c0:d8:09:53:03:99:85:25:
77:a5:44:a1:5e:1c:39:6e:a1:27:36:f9:ce:b6:53:c5:92:8f:
9c:26:ff:3f:ed:49:8b:7c:b7:3f:67:85:43:5f:d2:cc:e5:29:
07:bf:5a:b5:f5:d1:e8:5a:ae:05:07:81:a8:ca:6a:df:48:ea:
3c:37:b7:83:aa:75:10:d8:65:c2:59:ef:60:23:b0:c0:2a:e1:
15:7e:34:35:b2:00:ee:62:f5:24:58:9f:96:d7:d9:4d:63:49:
e9:6f:c5:70:51:34:30:3b:14:25:49:b4:09:a3:5a:89:6d:83:
d4:98:ef:64:ce:c7:19:90:25:83:1e:62:4f:f4:7a:60:9e:78:
46:97:70:65:a0:3a:fa:72:41:0d:a5:58:99:f5:b5:26:b3:b3:
4c:87:31:a5:85:1e:fa:89:fa:84:a6:83:13:77:4f:65:23:45:
da:d1:3c:a7:4d:69:3c:c6:03:86:2d:75:1b:52:cf:65:e5:ce:
d2:fa:a0:33:b8:4e:f9:2a:df:7a:67:2d:04:be:43:0e:ab:a6:
64:d1:ca:ff:1b:35:da:c9:2a:95:33:4d:4b:87:fc:25:d9:74:
10:1e:2a:e3:17:e8:4a:cb:5b:0d:e3:fb:c6:f0:db:eb:3e:9a:
da:ed:ae:d8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQntmjdSA2VGsxLPt3I8JzNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOWNjZDgzMGI3ZTAzMzA4YmY1Y2YyNWU2N2E3ZmMyYmRl
MDk1N2MwHhcNMjUwMTAyMTU1MDUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGZhNWVkYjcxZWM2YWQzNTcwYzRhM2QxMmViNDMwNmI5MThhYmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbFPgS/d8+o/lvTODw2wuLRSa2Xj
1OmKwK010hE6xAXjBHVpM4fCBkIbmGPIa94v5rTSYgqJcD5tXV265gQOZ4uCPUca
F3uy4XOurIGNGnjTEvqXXtL3inUZnnnqpMgDlT9Rbo/OVUadPTjsfLr0DsXfzjTl
rLzq5v5DGW9S9dNZYPJgwMyp44NNJIlupzf+ktYV1mLq3osbMs6Jy5Ld6BB5pNVz
0qrDQAGKDTQoebWeIE+e5d9VJTXpTGJF1loO3oU/belP1iphhe9AxLHaqBMlingw
3keV9WMVqPD2uQpeKfo5dGtNBmcchKhzSgDax27yRtmdXwYr/bKdrCgawwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFD6Xttx7GrTVwxKPRLrQwa5GKurMB8GA1UdIwQY
MBaAFMqczYMLfgMwi/XPJeZ6f8K94JV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQt
ZDFjZGUyNDY1Zjg5LzEvVVBwZTIzSHNhdE5YREVvOUV1dERCcmtZcTZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQtZDFjZGUyNDY1Zjg5
LzEveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUBKg5/QAMF
ACoOf0MwDQYJKoZIhvcNAQELBQADggEBAK+JZavSqXIQxF3A2AlTA5mFJXelRKFe
HDluoSc2+c62U8WSj5wm/z/tSYt8tz9nhUNf0szlKQe/WrX10ehargUHgajKat9I
6jw3t4OqdRDYZcJZ72AjsMAq4RV+NDWyAO5i9SRYn5bX2U1jSelvxXBRNDA7FCVJ
tAmjWoltg9SY72TOxxmQJYMeYk/0emCeeEaXcGWgOvpyQQ2lWJn1tSazs0yHMaWF
HvqJ+oSmgxN3T2UjRdrRPKdNaTzGA4YtdRtSz2XlztL6oDO4Tvkq33pnLQS+Qw6r
pmTRyv8bNdrJKpUzTUuH/CXZdBAeKuMX6ErLWw3j+8bw2+s+mtrtrtg=
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:05:01 2025 by rpki-client