Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/UK3mMhQT_obnfArQlxuEIafY9RM.roa
File: UK3mMhQT_obnfArQlxuEIafY9RM.roa (raw, json)
Hash identifier: 3dhks5TJBAjjRZqaHV+9tv7i0/dc4svO9kBn4gY7E34=
Subject key identifier: 50:AD:E6:32:14:13:FE:86:E7:7C:0A:D0:97:1B:84:21:A7:D8:F5:13
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 01972A1C6B8662142C94B18E68F3FB5C6373
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/UK3mMhQT_obnfArQlxuEIafY9RM.roa
Signing time: Sun 01 Jun 2025 06:09:54 +0000
ROA not before: Sun 01 Jun 2025 06:09:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 92.62.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jun 2025 08:50:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2a:1c:6b:86:62:14:2c:94:b1:8e:68:f3:fb:5c:63:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Jun 1 06:09:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=50ade6321413fe86e77c0ad0971b8421a7d8f513
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:80:26:ad:dd:a9:0a:43:7f:72:fd:69:97:35:
0a:30:95:4f:6e:82:59:10:1f:7c:30:35:f2:19:24:
88:e7:12:f1:67:7b:89:23:13:c4:63:c1:23:60:ab:
7b:e0:74:e5:5e:32:70:86:0b:f4:16:b7:4c:20:45:
63:65:9f:28:e1:98:33:0b:2a:08:f1:3d:c2:c9:00:
a4:66:3c:c4:2b:f6:a8:ac:bd:9c:50:3c:6c:a2:9d:
0b:a0:c6:0d:59:c5:ba:5d:33:07:f8:ff:30:6b:d5:
42:02:3a:b9:31:1e:91:31:79:64:3f:6e:dc:0a:94:
12:fb:db:7b:dc:7e:84:b6:0c:b9:ed:8f:a7:f1:e7:
9a:bf:7a:a3:8d:b6:99:f2:20:f9:6d:34:65:95:00:
d7:f9:74:69:a1:80:2a:d0:d6:d9:cf:6c:2d:fb:2b:
96:d9:42:cb:8d:0a:c7:2c:ca:5e:6e:b3:d1:75:3d:
7c:d1:c8:03:b5:f7:d1:b7:41:cd:a2:c4:02:48:e3:
72:eb:2a:92:69:bf:b9:00:e6:f0:08:4d:82:18:5b:
b2:e8:50:8c:32:db:90:59:f7:15:93:47:40:f5:61:
21:1d:c2:72:ac:61:a3:83:5d:7a:dd:38:06:c0:65:
c9:93:e3:f4:da:61:73:1d:df:14:ed:55:b6:08:28:
16:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:AD:E6:32:14:13:FE:86:E7:7C:0A:D0:97:1B:84:21:A7:D8:F5:13
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/UK3mMhQT_obnfArQlxuEIafY9RM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.62.247.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:d5:4a:cd:9b:d8:03:49:f0:1f:f2:ae:75:5a:ef:1d:92:2f:
ec:af:90:95:f6:da:20:c6:8b:4b:94:eb:6e:ce:ad:86:0c:3d:
1a:c8:51:5d:57:54:80:5a:06:a2:d6:d5:13:1c:56:1b:60:c0:
ad:0d:ef:16:3c:3e:5e:61:4b:51:fa:ec:b0:82:9a:0e:d7:90:
cb:09:95:ea:9b:f3:6a:09:89:ca:c5:dd:bf:f1:bf:1e:0f:e0:
f1:e6:36:61:60:b5:ce:e4:6b:da:4c:82:fb:88:93:48:23:c8:
96:8d:cd:98:06:71:8d:2f:36:a4:f3:fd:9b:e5:2a:dc:f6:fb:
7d:77:18:4c:a0:6c:4f:18:4b:a4:78:8e:27:49:7d:f0:a0:ea:
71:0f:95:49:f4:e2:7e:53:95:f9:ab:76:b9:a7:d1:fb:7d:0a:
b1:2a:5e:ef:b6:44:e1:c3:8a:dd:8c:d3:6b:14:49:08:99:75:
f5:b8:1e:ac:bf:73:e2:25:7d:16:0a:e6:0d:73:0c:cc:3c:d6:
98:2d:4d:3b:95:20:d7:09:5e:a4:ec:53:7e:c9:44:27:59:11:
c7:8b:d1:ee:9c:69:41:af:29:c1:b3:84:1b:6c:1f:58:89:ab:
a6:6b:9b:9c:86:8d:9f:d2:0d:79:ef:b8:bb:5b:71:c5:e7:a4:
16:0a:fa:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZcqHGuGYhQslLGOaPP7XGNzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUwNjAxMDYwOTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGFkZTYzMjE0MTNmZTg2ZTc3YzBhZDA5NzFiODQyMWE3ZDhmNTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3oAmrd2pCkN/cv1plzUKMJVPboJZ
EB98MDXyGSSI5xLxZ3uJIxPEY8EjYKt74HTlXjJwhgv0FrdMIEVjZZ8o4ZgzCyoI
8T3CyQCkZjzEK/aorL2cUDxsop0LoMYNWcW6XTMH+P8wa9VCAjq5MR6RMXlkP27c
CpQS+9t73H6Etgy57Y+n8eeav3qjjbaZ8iD5bTRllQDX+XRpoYAq0NbZz2wt+yuW
2ULLjQrHLMpebrPRdT180cgDtffRt0HNosQCSONy6yqSab+5AObwCE2CGFuy6FCM
MtuQWfcVk0dA9WEhHcJyrGGjg1163TgGwGXJk+P02mFzHd8U7VW2CCgWsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFCt5jIUE/6G53wK0JcbhCGn2PUTMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvVUszbU1oUVRfb2JuZkFyUWx4dUVJYWZZOVJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXD73MA0G
CSqGSIb3DQEBCwUAA4IBAQBO1UrNm9gDSfAf8q51Wu8dki/sr5CV9togxotLlOtu
zq2GDD0ayFFdV1SAWgai1tUTHFYbYMCtDe8WPD5eYUtR+uywgpoO15DLCZXqm/Nq
CYnKxd2/8b8eD+Dx5jZhYLXO5GvaTIL7iJNII8iWjc2YBnGNLzak8/2b5Src9vt9
dxhMoGxPGEukeI4nSX3woOpxD5VJ9OJ+U5X5q3a5p9H7fQqxKl7vtkThw4rdjNNr
FEkImXX1uB6sv3PiJX0WCuYNcwzMPNaYLU07lSDXCV6k7FN+yUQnWRHHi9HunGlB
rynBs4QbbB9Yiauma5ucho2f0g1577i7W3HF56QWCvrj
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:34:35 2025 by rpki-client