Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/wu8Tlwfww2FZmk2Log7alca-3z8.roa
File: wu8Tlwfww2FZmk2Log7alca-3z8.roa (raw, json)
Hash identifier: lWtblkKE8yE5m7S3JdSaCAI1XmdKeGOwVWnBKLjRubw=
Subject key identifier: C2:EF:13:97:07:F0:C3:61:59:9A:4D:8B:A2:0E:DA:95:C6:BE:DF:3F
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0193A2B971A2503CB1D3317814AA607C511C
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/wu8Tlwfww2FZmk2Log7alca-3z8.roa
Signing time: Sat 07 Dec 2024 20:04:42 +0000
ROA not before: Sat 07 Dec 2024 20:04:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2a10:3f80::/29 maxlen: 29
2a13:c240::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a2:b9:71:a2:50:3c:b1:d3:31:78:14:aa:60:7c:51:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Dec 7 20:04:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2ef139707f0c361599a4d8ba20eda95c6bedf3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:00:be:53:8a:be:52:1d:a9:7d:15:33:ac:3a:
77:3c:3c:d1:a5:1d:8e:12:b6:c8:a3:e9:d4:1d:04:
6e:91:a4:08:0d:4b:80:6c:86:61:10:22:39:05:31:
31:72:df:14:ba:2e:17:c9:78:da:df:20:3f:8f:dc:
a2:4b:15:ee:89:80:8c:4b:8c:a4:37:11:2d:13:d3:
8b:b2:8b:e2:a5:3b:aa:93:55:41:23:d4:ed:35:e7:
86:d0:d5:bc:ab:93:70:2d:0e:10:ed:02:b4:f5:11:
7c:6d:a2:31:ca:b4:7c:52:f0:b8:90:f8:2b:7c:54:
51:c9:4c:0d:2e:0a:14:b9:fa:48:14:57:93:95:3d:
de:14:62:60:9b:9c:a5:00:32:f3:cf:25:65:0b:6f:
95:3b:89:b7:72:f4:13:95:72:de:c1:78:47:5f:f3:
96:ba:12:78:aa:3b:a0:42:bd:f8:a7:f2:b1:0e:9b:
67:fa:d3:54:4e:e2:2a:73:db:3f:bc:16:72:25:63:
9d:39:43:71:85:61:96:35:9c:14:bd:79:52:cb:21:
c8:89:d4:38:43:6a:64:51:f5:1d:20:ef:22:e1:0a:
29:eb:14:59:1a:6e:19:b1:07:e9:f5:11:63:57:bf:
bb:4b:0a:fd:c4:5f:bc:b6:18:2f:ed:86:77:47:83:
1e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:EF:13:97:07:F0:C3:61:59:9A:4D:8B:A2:0E:DA:95:C6:BE:DF:3F
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/wu8Tlwfww2FZmk2Log7alca-3z8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:3f80::/29
2a13:c240::/29
Signature Algorithm: sha256WithRSAEncryption
7b:15:69:11:68:e3:69:c8:24:e9:95:6d:7b:00:2d:c2:ce:73:
ed:da:9f:a5:55:c2:ad:0a:60:1e:4c:bd:a9:1b:d5:46:53:c2:
d4:e9:de:da:e4:bb:4a:50:c0:48:e1:3c:ed:b7:a8:96:73:36:
77:ee:81:35:d5:83:eb:d5:e0:7c:14:9c:39:e0:7e:2f:a0:ab:
ca:8c:08:55:d9:06:89:60:45:13:85:41:3b:60:03:54:66:11:
39:cd:4c:3a:53:cb:1e:7d:19:df:cb:a3:2b:71:59:84:2f:9e:
0a:65:29:51:c5:9d:d2:2f:6b:9a:ee:9c:48:2a:b8:02:ec:9f:
da:f5:39:d9:67:77:0e:a0:5d:36:f4:b6:23:96:48:9b:e2:d7:
23:4d:74:ec:26:2d:38:68:c6:53:e0:6c:b6:2a:2d:a6:8f:1a:
b6:e4:08:c0:ed:e9:d0:cf:d1:43:70:c7:c2:df:2c:1d:5f:7c:
0f:66:d1:8a:9b:16:e1:d0:f9:a3:fe:1d:b6:4d:b5:7e:58:f6:
50:6f:e7:77:54:70:cd:ac:94:ad:62:a9:ec:9d:61:41:fb:78:
b1:e0:dc:0a:c6:0e:54:01:88:b6:7c:48:b8:ac:07:c8:30:0d:
ca:13:45:23:96:9c:84:54:3b:9c:14:11:fe:ba:22:2e:7e:09:
ab:dc:12:c5
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZOiuXGiUDyx0zF4FKpgfFEcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQxMjA3MjAwNDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmVmMTM5NzA3ZjBjMzYxNTk5YTRkOGJhMjBlZGE5NWM2YmVkZjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQC+U4q+Uh2pfRUzrDp3PDzRpR2O
ErbIo+nUHQRukaQIDUuAbIZhECI5BTExct8Uui4XyXja3yA/j9yiSxXuiYCMS4yk
NxEtE9OLsovipTuqk1VBI9TtNeeG0NW8q5NwLQ4Q7QK09RF8baIxyrR8UvC4kPgr
fFRRyUwNLgoUufpIFFeTlT3eFGJgm5ylADLzzyVlC2+VO4m3cvQTlXLewXhHX/OW
uhJ4qjugQr34p/KxDptn+tNUTuIqc9s/vBZyJWOdOUNxhWGWNZwUvXlSyyHIidQ4
Q2pkUfUdIO8i4Qop6xRZGm4ZsQfp9RFjV7+7Swr9xF+8thgv7YZ3R4MeGQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMLvE5cH8MNhWZpNi6IO2pXGvt8/MB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvd3U4VGx3Znd3MkZabWsyTG9nN2FsY2EtM3o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhA/gAMF
AyoTwkAwDQYJKoZIhvcNAQELBQADggEBAHsVaRFo42nIJOmVbXsALcLOc+3an6VV
wq0KYB5Mvakb1UZTwtTp3trku0pQwEjhPO23qJZzNnfugTXVg+vV4HwUnDngfi+g
q8qMCFXZBolgRROFQTtgA1RmETnNTDpTyx59Gd/LoytxWYQvngplKVHFndIva5ru
nEgquALsn9r1Odlndw6gXTb0tiOWSJvi1yNNdOwmLThoxlPgbLYqLaaPGrbkCMDt
6dDP0UNwx8LfLB1ffA9m0YqbFuHQ+aP+HbZNtX5Y9lBv53dUcM2slK1iqeydYUH7
eLHg3ArGDlQBiLZ8SLisB8gwDcoTRSOWnIRUO5wUEf66Ii5+CavcEsU=
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:32:45 2025 by rpki-client