Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/UIxHV3bVe-CuZwqiWVNwWxFhtMs.roa
File: UIxHV3bVe-CuZwqiWVNwWxFhtMs.roa (raw, json)
Hash identifier: 3H9XokqgSj4Hh6CT/3rGCddbnqqZ8pze+cFDnKOfYRs=
Subject key identifier: 50:8C:47:57:76:D5:7B:E0:AE:67:0A:A2:59:53:70:5B:11:61:B4:CB
Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Certificate serial: 0193E485E3A23E3CA1EA0C03181A65FEE222
Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/UIxHV3bVe-CuZwqiWVNwWxFhtMs.roa
Signing time: Fri 20 Dec 2024 14:43:20 +0000
ROA not before: Fri 20 Dec 2024 14:43:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213893
IP address blocks: 2a0d:d940:10::/48 maxlen: 48
2a0d:d940:11::/48 maxlen: 48
2a0d:d940:13::/48 maxlen: 48
2a0d:d940:14::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:47:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e4:85:e3:a2:3e:3c:a1:ea:0c:03:18:1a:65:fe:e2:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Validity
Not Before: Dec 20 14:43:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=508c475776d57be0ae670aa25953705b1161b4cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:fc:06:ba:7b:28:9e:e8:8e:bf:ad:43:1c:bc:
c2:26:a9:b1:68:f4:c0:2c:13:ad:e4:4a:b4:c8:5e:
90:16:dd:df:77:ef:73:bc:24:85:df:96:23:71:91:
b0:42:78:db:fc:ed:91:6a:4d:64:e6:bc:eb:56:04:
76:5d:7e:4e:ce:84:40:e6:38:8f:b5:fe:c3:d1:6f:
e0:d0:e1:d2:a3:ae:da:7e:19:cb:fa:bb:2b:a1:cb:
bb:de:c7:aa:05:10:53:f1:31:6d:c9:ea:37:41:54:
86:f2:7c:48:fe:84:99:e2:da:ac:5a:79:86:b3:8c:
84:37:26:52:ad:eb:09:f8:25:d6:42:38:96:e4:f4:
4b:98:0e:ab:2d:10:b3:cb:ce:25:b9:af:7a:93:e2:
64:4a:27:a0:30:72:3b:14:94:78:22:94:fd:7f:a5:
b3:48:ad:09:30:df:da:99:89:ed:47:c3:dc:6d:57:
35:66:0e:d5:b5:20:85:8d:94:63:e2:4c:9e:4e:7f:
fe:26:20:b8:23:6b:fa:bc:cc:2d:86:9f:d8:2a:d7:
be:1b:ff:89:30:52:42:62:29:fe:be:f1:54:5b:49:
89:18:1f:f9:0b:42:87:3a:de:21:ce:58:66:ab:15:
e8:27:1d:75:18:e0:fe:b7:9d:0a:76:f2:77:52:88:
18:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:8C:47:57:76:D5:7B:E0:AE:67:0A:A2:59:53:70:5B:11:61:B4:CB
X509v3 Authority Key Identifier:
keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/UIxHV3bVe-CuZwqiWVNwWxFhtMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d940:10::/47
2a0d:d940:13::-2a0d:d940:14:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
21:22:89:c0:04:87:3f:6e:01:16:6f:db:c3:73:a6:78:9c:e6:
d1:93:58:18:5e:d4:9a:f3:a7:92:78:c2:77:df:e3:a5:06:b7:
cc:d7:12:de:b2:86:8a:a3:a0:16:e8:32:56:42:81:b7:da:13:
41:f4:4d:07:de:b5:c8:50:40:62:d3:36:e7:ee:78:26:73:54:
0a:96:44:50:77:0d:c0:43:d1:75:f4:c6:f8:6b:d6:63:03:e5:
b9:a2:94:25:e5:95:e0:33:17:13:10:8d:63:80:84:da:f0:9e:
95:ce:a3:5a:6f:00:bd:d3:a0:56:b6:66:ec:b2:56:1f:f4:6d:
e8:29:87:73:bb:7b:4c:4d:6d:0e:02:b8:9b:fd:12:ca:b9:67:
4f:d7:f5:5d:6e:a3:6c:c7:4c:da:b3:63:17:db:f0:7b:39:df:
a0:57:e9:db:5e:04:64:90:18:5e:aa:91:da:82:bf:2c:c9:d3:
d2:03:20:2a:05:9c:94:fb:e3:26:b4:35:06:13:35:5c:f0:41:
db:9d:5a:98:0e:cf:c6:31:b4:2f:45:9d:cc:b0:1f:82:0a:0a:
6e:c1:ee:c7:b4:4c:3d:f3:df:75:8d:b2:ca:22:ee:71:4f:85:
bf:62:27:7d:83:23:65:1b:e2:c4:14:09:7f:2d:62:9c:9a:62:
23:0b:0e:18
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZPkheOiPjyh6gwDGBpl/uIiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj
YmJjNzQwHhcNMjQxMjIwMTQ0MzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDhjNDc1Nzc2ZDU3YmUwYWU2NzBhYTI1OTUzNzA1YjExNjFiNGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvwGunsonuiOv61DHLzCJqmxaPTA
LBOt5Eq0yF6QFt3fd+9zvCSF35YjcZGwQnjb/O2Rak1k5rzrVgR2XX5OzoRA5jiP
tf7D0W/g0OHSo67afhnL+rsrocu73seqBRBT8TFtyeo3QVSG8nxI/oSZ4tqsWnmG
s4yENyZSresJ+CXWQjiW5PRLmA6rLRCzy84lua96k+JkSiegMHI7FJR4IpT9f6Wz
SK0JMN/amYntR8PcbVc1Zg7VtSCFjZRj4kyeTn/+JiC4I2v6vMwthp/YKte+G/+J
MFJCYin+vvFUW0mJGB/5C0KHOt4hzlhmqxXoJx11GOD+t50KdvJ3UogY8wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFCMR1d21XvgrmcKollTcFsRYbTLMB8GA1UdIwQY
MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt
MTRkMjM4NTI3ODM1LzEvVUl4SFYzYlZlLUN1WndxaVdWTndXeEZodE1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1
LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcBKg3ZQAAQ
MBIDBwAqDdlAABMDBwAqDdlAABQwDQYJKoZIhvcNAQELBQADggEBACEiicAEhz9u
ARZv28Nzpnic5tGTWBhe1Jrzp5J4wnff46UGt8zXEt6yhoqjoBboMlZCgbfaE0H0
TQfetchQQGLTNufueCZzVAqWRFB3DcBD0XX0xvhr1mMD5bmilCXlleAzFxMQjWOA
hNrwnpXOo1pvAL3ToFa2ZuyyVh/0begph3O7e0xNbQ4CuJv9Esq5Z0/X9V1uo2zH
TNqzYxfb8Hs536BX6dteBGSQGF6qkdqCvyzJ09IDICoFnJT74ya0NQYTNVzwQdud
WpgOz8YxtC9FncywH4IKCm7B7se0TD3z33WNssoi7nFPhb9iJ32DI2Ub4sQUCX8t
YpyaYiMLDhg=
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:55:33 2025 by rpki-client