Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/uQjNc2FsT0Ujh_L_GLNDm0yqbL8.roa
File: uQjNc2FsT0Ujh_L_GLNDm0yqbL8.roa (raw, json)
Hash identifier: xxKdQkgaXaVKcBZRx8GM6K2Kxj8PLEn/NHB4ajlRgMc=
Subject key identifier: B9:08:CD:73:61:6C:4F:45:23:87:F2:FF:18:B3:43:9B:4C:AA:6C:BF
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01942369FC733299FBF1ED6D647B509510D2
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/uQjNc2FsT0Ujh_L_GLNDm0yqbL8.roa
Signing time: Wed 01 Jan 2025 19:48:55 +0000
ROA not before: Wed 01 Jan 2025 19:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212477
IP address blocks: 2a0b:ac00::/29 maxlen: 29
2a13:c240::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 30 Jan 2025 17:24:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:fc:73:32:99:fb:f1:ed:6d:64:7b:50:95:10:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Jan 1 19:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b908cd73616c4f452387f2ff18b3439b4caa6cbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:20:53:b3:38:96:5f:a4:e1:df:64:e1:c0:1d:
1c:86:ee:9c:c1:de:af:da:0a:44:43:cf:a0:36:d8:
2e:48:70:10:ce:84:6a:5a:ce:ac:5c:42:89:ae:2f:
a6:01:ed:24:df:61:d4:e4:10:1c:8f:84:8d:16:8a:
8f:be:a4:30:9b:21:78:4c:8b:88:a4:f0:18:b9:59:
42:91:5f:22:62:06:45:1f:1f:b9:bb:89:7d:b6:e8:
a6:6e:b7:be:40:f1:c3:eb:03:4d:4b:c9:2d:bc:5a:
08:b2:4c:14:e8:79:c8:61:4c:c4:07:2d:42:a6:74:
bb:92:34:e8:a8:80:ab:43:15:5a:d0:52:b8:65:49:
9b:f4:f9:39:f7:ab:72:36:df:14:a1:20:95:0b:a5:
10:b6:cb:2e:a5:e0:02:ae:52:00:38:28:85:3a:6f:
5d:8f:27:c8:32:2e:31:31:f1:cc:b4:42:50:75:5a:
26:21:1f:23:f9:6f:c2:e8:aa:56:2b:61:45:d5:4b:
bd:2f:2f:1e:f5:25:01:84:8a:31:50:55:9a:e7:a1:
1a:42:5c:81:eb:e0:ff:b0:c9:68:dc:d8:ef:e8:7e:
21:f9:64:0d:ea:94:f1:92:db:0f:c0:45:2b:d1:9c:
91:1a:c0:84:08:cf:31:2c:a5:3e:cb:60:17:a1:91:
82:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:08:CD:73:61:6C:4F:45:23:87:F2:FF:18:B3:43:9B:4C:AA:6C:BF
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/uQjNc2FsT0Ujh_L_GLNDm0yqbL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:ac00::/29
2a13:c240::/29
Signature Algorithm: sha256WithRSAEncryption
37:cc:0a:3b:7f:9a:cd:d7:0e:3d:32:aa:bc:40:b2:94:88:ad:
8f:8c:a0:f8:16:72:fe:04:77:7f:53:99:f4:8a:d7:94:1e:7e:
14:c0:9a:c5:42:23:3e:9e:08:0e:cd:f0:ce:6e:04:29:d8:88:
63:98:df:85:1f:cc:85:7b:7e:40:4a:e9:b2:71:2c:d0:b5:2f:
a4:a2:22:45:da:eb:8d:a2:85:16:a4:69:4d:23:e2:76:9d:c8:
30:1c:68:70:0d:29:72:8f:51:cd:4c:93:91:f3:87:44:71:8f:
c2:14:ca:07:c2:c2:c9:86:c9:0c:f6:8a:ce:70:8d:aa:a1:83:
45:e1:a1:07:aa:2f:f9:8f:32:de:f3:40:07:47:b5:84:67:cb:
7d:04:30:ae:41:e0:1c:54:46:2f:9a:53:5f:06:35:a8:0e:a2:
1f:c7:39:ea:dc:02:82:01:80:3b:51:5f:16:14:22:2b:fd:7e:
48:dc:16:e7:d3:c3:c7:8a:4b:24:be:07:b7:9a:a0:b1:75:71:
18:28:f2:35:f1:aa:f0:26:4e:65:fe:4f:96:e5:67:5b:36:e2:
d3:40:d7:10:39:95:95:46:46:8c:25:14:bf:e6:82:11:16:a9:
6e:76:b0:b1:af:14:3f:3e:61:fc:e5:a9:85:74:11:68:84:3c:
8c:6f:7c:6a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQjafxzMpn78e1tZHtQlRDSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwMTAxMTk0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTA4Y2Q3MzYxNmM0ZjQ1MjM4N2YyZmYxOGIzNDM5YjRjYWE2Y2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCBTsziWX6Th32ThwB0chu6cwd6v
2gpEQ8+gNtguSHAQzoRqWs6sXEKJri+mAe0k32HU5BAcj4SNFoqPvqQwmyF4TIuI
pPAYuVlCkV8iYgZFHx+5u4l9tuimbre+QPHD6wNNS8ktvFoIskwU6HnIYUzEBy1C
pnS7kjToqICrQxVa0FK4ZUmb9Pk596tyNt8UoSCVC6UQtssupeACrlIAOCiFOm9d
jyfIMi4xMfHMtEJQdVomIR8j+W/C6KpWK2FF1Uu9Ly8e9SUBhIoxUFWa56EaQlyB
6+D/sMlo3Njv6H4h+WQN6pTxktsPwEUr0ZyRGsCECM8xLKU+y2AXoZGCywIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLkIzXNhbE9FI4fy/xizQ5tMqmy/MB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvdVFqTmMyRnNUMFVqaF9MX0dMTkRtMHlxYkw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgusAAMF
AyoTwkAwDQYJKoZIhvcNAQELBQADggEBADfMCjt/ms3XDj0yqrxAspSIrY+MoPgW
cv4Ed39TmfSK15QefhTAmsVCIz6eCA7N8M5uBCnYiGOY34UfzIV7fkBK6bJxLNC1
L6SiIkXa642ihRakaU0j4nadyDAcaHANKXKPUc1Mk5Hzh0Rxj8IUygfCwsmGyQz2
is5wjaqhg0XhoQeqL/mPMt7zQAdHtYRny30EMK5B4BxURi+aU18GNagOoh/HOerc
AoIBgDtRXxYUIiv9fkjcFufTw8eKSyS+B7eaoLF1cRgo8jXxqvAmTmX+T5blZ1s2
4tNA1xA5lZVGRowlFL/mghEWqW52sLGvFD8+YfzlqYV0EWiEPIxvfGo=
-----END CERTIFICATE-----
Generated at Wed Feb 5 12:41:27 2025 by rpki-client