Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/UL1zoVeQm-oAYKe6Bn0e7ZZj_pQ.roa
File: UL1zoVeQm-oAYKe6Bn0e7ZZj_pQ.roa (raw, json)
Hash identifier: 7QekORJo0a/n93yFihd8A58geazdU2vN+Dpoiy2KZLA=
Subject key identifier: 50:BD:73:A1:57:90:9B:EA:00:60:A7:BA:06:7D:1E:ED:96:63:FE:94
Certificate issuer: /CN=45bbd2193642530a017f4f1cbe562e2170b3dfbd
Certificate serial: 019305B2C1EF54A77DF4FACF0CA1B24089E8
Authority key identifier: 45:BB:D2:19:36:42:53:0A:01:7F:4F:1C:BE:56:2E:21:70:B3:DF:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RbvSGTZCUwoBf08cvlYuIXCz370.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/UL1zoVeQm-oAYKe6Bn0e7ZZj_pQ.roa
Signing time: Thu 07 Nov 2024 08:17:01 +0000
ROA not before: Thu 07 Nov 2024 08:17:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39351
IP address blocks: 2a07:bdc0::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:05:b2:c1:ef:54:a7:7d:f4:fa:cf:0c:a1:b2:40:89:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45bbd2193642530a017f4f1cbe562e2170b3dfbd
Validity
Not Before: Nov 7 08:17:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50bd73a157909bea0060a7ba067d1eed9663fe94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:72:cd:ef:71:8e:bb:f1:0d:19:42:0d:ab:86:
6f:e7:74:62:a0:ec:27:dc:9e:cd:de:b2:ca:64:49:
8e:4e:c0:6f:c8:91:59:98:df:57:b6:3a:30:d7:fc:
76:11:b7:cc:53:9f:16:85:cf:c0:7e:31:a9:1a:5e:
4d:97:9e:db:22:9c:58:15:cf:0b:02:0f:9f:17:ce:
b9:f8:9b:4a:07:34:54:57:eb:65:92:49:b9:9b:76:
dd:42:e9:13:59:91:a1:17:c4:00:e8:45:45:a1:7e:
5c:40:4f:7b:64:ce:6f:a3:64:90:6e:4f:c4:64:8e:
a8:31:b7:39:d2:61:79:56:0c:df:c1:97:19:89:7b:
b0:89:4f:f8:7b:5f:76:78:1e:7b:b8:db:de:f6:e4:
bb:4c:9e:67:14:72:4e:5a:29:c8:82:43:ca:05:0f:
87:29:f6:47:24:ec:a9:05:5c:d8:34:71:7d:0d:36:
53:16:5c:ff:df:eb:ae:92:6e:2a:50:6f:3c:0d:98:
b0:ac:06:d4:da:a1:9e:85:f1:ac:58:92:f8:46:b0:
ad:00:02:10:8c:dd:2d:80:e6:e4:7e:98:4e:25:54:
02:a5:9e:3f:24:a0:b6:ed:1a:0a:8b:51:4c:8c:e4:
eb:9a:09:25:03:53:15:c2:eb:03:f5:08:7a:97:bf:
be:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:BD:73:A1:57:90:9B:EA:00:60:A7:BA:06:7D:1E:ED:96:63:FE:94
X509v3 Authority Key Identifier:
keyid:45:BB:D2:19:36:42:53:0A:01:7F:4F:1C:BE:56:2E:21:70:B3:DF:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RbvSGTZCUwoBf08cvlYuIXCz370.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/UL1zoVeQm-oAYKe6Bn0e7ZZj_pQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/RbvSGTZCUwoBf08cvlYuIXCz370.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:bdc0::/32
Signature Algorithm: sha256WithRSAEncryption
71:26:e8:2d:ab:79:a6:4b:d8:c8:7b:5d:e9:5d:17:52:4d:97:
09:86:b0:dc:88:fa:bb:1f:30:fd:92:3d:e4:53:22:38:90:f6:
e1:d0:dd:c2:8b:a3:56:8e:c0:d0:ae:e6:1a:80:e0:fb:fc:7f:
47:c8:d7:1a:c3:1d:78:88:04:22:24:86:d8:49:fe:2c:87:0c:
81:21:70:43:03:41:f4:09:22:d7:15:db:a5:8f:82:ef:98:4a:
07:c8:e1:60:cd:b4:88:9e:73:fb:37:79:84:64:cd:2b:31:a0:
17:e8:b5:a7:86:a0:df:0e:6f:84:b4:17:be:d0:c5:46:37:23:
a1:cd:7c:69:22:cc:c1:ce:ad:78:58:e4:38:2e:c3:89:cc:70:
e1:f2:f6:1f:c9:c7:77:71:84:b7:0a:b6:0c:0e:4d:75:cd:49:
3e:91:59:a6:45:75:5c:fa:54:f8:fb:40:88:18:c0:9b:d3:73:
9d:2f:0c:d9:d2:fd:fa:46:f5:d2:98:a4:e4:af:2a:c1:74:9c:
ca:33:a2:1c:0c:b9:84:7c:ea:e6:0e:18:80:c4:75:ef:7b:d9:
c5:00:fe:93:d3:6d:cd:48:cb:04:93:70:ea:68:8c:7a:d9:68:
bc:cd:17:19:8f:57:a5:1c:cb:dc:43:ab:3a:2d:e9:e4:81:fa:
5b:f9:a7:32
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZMFssHvVKd99PrPDKGyQInoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1YmJkMjE5MzY0MjUzMGEwMTdmNGYxY2JlNTYyZTIxNzBi
M2RmYmQwHhcNMjQxMTA3MDgxNzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGJkNzNhMTU3OTA5YmVhMDA2MGE3YmEwNjdkMWVlZDk2NjNmZTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HLN73GOu/ENGUINq4Zv53RioOwn
3J7N3rLKZEmOTsBvyJFZmN9Xtjow1/x2EbfMU58Whc/AfjGpGl5Nl57bIpxYFc8L
Ag+fF865+JtKBzRUV+tlkkm5m3bdQukTWZGhF8QA6EVFoX5cQE97ZM5vo2SQbk/E
ZI6oMbc50mF5VgzfwZcZiXuwiU/4e192eB57uNve9uS7TJ5nFHJOWinIgkPKBQ+H
KfZHJOypBVzYNHF9DTZTFlz/3+uukm4qUG88DZiwrAbU2qGehfGsWJL4RrCtAAIQ
jN0tgObkfphOJVQCpZ4/JKC27RoKi1FMjOTrmgklA1MVwusD9Qh6l7++/wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFC9c6FXkJvqAGCnugZ9Hu2WY/6UMB8GA1UdIwQY
MBaAFEW70hk2QlMKAX9PHL5WLiFws9+9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmJ2U0dUWkNVd29CZjA4Y3ZsWXVJWEN6MzcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jZmZmZjgtMzUzMC00ZTViLWE1ZTIt
Yzc3OTA1ZmJiYTdiLzEvVUwxem9WZVFtLW9BWUtlNkJuMGU3WlpqX3BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jZmZmZjgtMzUzMC00ZTViLWE1ZTItYzc3OTA1ZmJiYTdi
LzEvUmJ2U0dUWkNVd29CZjA4Y3ZsWXVJWEN6MzcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKge9wDAN
BgkqhkiG9w0BAQsFAAOCAQEAcSboLat5pkvYyHtd6V0XUk2XCYaw3Ij6ux8w/ZI9
5FMiOJD24dDdwoujVo7A0K7mGoDg+/x/R8jXGsMdeIgEIiSG2En+LIcMgSFwQwNB
9Aki1xXbpY+C75hKB8jhYM20iJ5z+zd5hGTNKzGgF+i1p4ag3w5vhLQXvtDFRjcj
oc18aSLMwc6teFjkOC7Dicxw4fL2H8nHd3GEtwq2DA5Ndc1JPpFZpkV1XPpU+PtA
iBjAm9NznS8M2dL9+kb10pik5K8qwXScyjOiHAy5hHzq5g4YgMR173vZxQD+k9Nt
zUjLBJNw6miMetlovM0XGY9XpRzL3EOrOi3p5IH6W/mnMg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 21:37:39 2025 by rpki-client