Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/0367d0-fa85-4546-b84c-0278c5dc1491/1/U2kk7slcvePOyQbdA7VDzLqRjA4.roa
File: U2kk7slcvePOyQbdA7VDzLqRjA4.roa (raw, json)
Hash identifier: 2eMezx41lyWFgmAfLirXRuBM/feuPyGconW7YmK/b+0=
Subject key identifier: 53:69:24:EE:C9:5C:BD:E3:CE:C9:06:DD:03:B5:43:CC:BA:91:8C:0E
Certificate issuer: /CN=0b8d1bb72791c878550d1b9d8fef564ac3919368
Certificate serial: 0193E311F038E9FD7BECCD594C250B08CDF8
Authority key identifier: 0B:8D:1B:B7:27:91:C8:78:55:0D:1B:9D:8F:EF:56:4A:C3:91:93:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C40btyeRyHhVDRudj-9WSsORk2g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/0367d0-fa85-4546-b84c-0278c5dc1491/1/U2kk7slcvePOyQbdA7VDzLqRjA4.roa
Signing time: Fri 20 Dec 2024 07:57:03 +0000
ROA not before: Fri 20 Dec 2024 07:57:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211904
IP address blocks: 2a07:4286::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e3:11:f0:38:e9:fd:7b:ec:cd:59:4c:25:0b:08:cd:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b8d1bb72791c878550d1b9d8fef564ac3919368
Validity
Not Before: Dec 20 07:57:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=536924eec95cbde3cec906dd03b543ccba918c0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:fc:45:c1:bf:7b:85:c4:80:75:7f:dc:49:ac:
80:74:51:a8:3c:f6:71:20:a1:4c:86:c2:82:cd:48:
cb:52:1c:d0:19:7c:ce:ad:c9:1c:60:41:23:2b:a2:
a5:b0:eb:89:db:e2:72:cc:eb:87:a9:b0:2b:27:c4:
90:60:fd:e2:f5:50:ea:b7:20:f7:6d:6e:51:3c:40:
c7:23:28:b1:15:d6:f1:de:4e:f0:84:53:1b:91:a5:
71:1e:21:bd:a7:21:3c:f6:e8:09:dd:51:a1:af:1a:
50:a1:27:6b:9f:59:8e:cc:c7:73:f4:60:85:51:ac:
b5:2e:39:49:79:af:92:27:c5:96:6b:28:62:00:e8:
8f:5b:58:f4:1e:80:f1:81:9b:e8:fb:34:7d:28:1e:
f7:ba:00:e1:de:94:35:fd:6c:0a:b6:dd:6c:6a:14:
d2:c0:d0:d9:8a:4b:2e:85:19:8b:1e:87:04:2a:26:
0b:80:4d:fa:ae:4e:18:3a:71:79:09:bf:a0:4f:5a:
a2:53:8f:b2:64:5d:8d:15:c4:8c:b3:dc:98:23:9e:
fc:a5:32:73:ea:b6:79:71:d2:03:06:64:b4:91:2d:
76:a3:48:8e:41:13:7d:d1:73:86:74:fb:a7:44:6b:
0a:c0:6c:9b:04:dd:54:74:a6:c0:aa:be:3d:12:2d:
f4:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:69:24:EE:C9:5C:BD:E3:CE:C9:06:DD:03:B5:43:CC:BA:91:8C:0E
X509v3 Authority Key Identifier:
keyid:0B:8D:1B:B7:27:91:C8:78:55:0D:1B:9D:8F:EF:56:4A:C3:91:93:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C40btyeRyHhVDRudj-9WSsORk2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/0367d0-fa85-4546-b84c-0278c5dc1491/1/U2kk7slcvePOyQbdA7VDzLqRjA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/0367d0-fa85-4546-b84c-0278c5dc1491/1/C40btyeRyHhVDRudj-9WSsORk2g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:4286::/32
Signature Algorithm: sha256WithRSAEncryption
5e:a7:d6:2f:5b:39:4c:09:17:44:c8:4c:4c:73:fb:9b:d3:af:
e4:fc:7a:b4:a1:d9:09:58:f4:b9:d4:13:d9:30:4a:9d:d7:f0:
7c:89:a0:18:1a:0d:2b:c9:0d:2a:0c:cc:98:05:f9:82:06:43:
43:c0:2b:c0:71:bb:11:02:ac:95:3e:74:e2:3d:6e:09:7e:0f:
5f:bb:2a:58:d6:8b:02:c7:cc:a9:e0:b7:24:e8:87:13:1e:38:
a6:a6:3f:d4:f3:2b:81:39:b7:4f:3d:dc:5b:ad:61:0e:82:99:
f6:ab:09:21:ac:17:ff:14:22:14:79:53:67:7e:52:bd:c8:00:
0e:3d:3a:92:04:c1:1e:b8:d0:a1:7e:3b:a4:7f:5e:ad:70:6d:
f5:43:a4:89:cb:42:44:a0:95:e7:4b:85:34:57:7e:b1:43:b7:
1e:82:52:ca:6c:e4:1a:54:97:d8:7a:ca:fa:0b:74:7b:08:47:
8e:c6:ac:47:7e:9d:33:26:f0:c2:da:1b:01:24:cb:b1:10:c3:
c9:cd:da:6f:e4:0d:32:ed:db:3f:42:48:d6:ff:ef:47:bf:22:
d8:34:d8:39:4e:3f:74:51:10:a0:29:ee:92:e1:c7:d1:f1:cc:
6c:1d:75:17:ae:18:b8:01:43:01:98:fd:95:d6:01:46:8c:68:
14:af:a5:e3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZPjEfA46f177M1ZTCULCM34MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiOGQxYmI3Mjc5MWM4Nzg1NTBkMWI5ZDhmZWY1NjRhYzM5
MTkzNjgwHhcNMjQxMjIwMDc1NzAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzY5MjRlZWM5NWNiZGUzY2VjOTA2ZGQwM2I1NDNjY2JhOTE4YzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPxFwb97hcSAdX/cSayAdFGoPPZx
IKFMhsKCzUjLUhzQGXzOrckcYEEjK6KlsOuJ2+JyzOuHqbArJ8SQYP3i9VDqtyD3
bW5RPEDHIyixFdbx3k7whFMbkaVxHiG9pyE89ugJ3VGhrxpQoSdrn1mOzMdz9GCF
Uay1LjlJea+SJ8WWayhiAOiPW1j0HoDxgZvo+zR9KB73ugDh3pQ1/WwKtt1sahTS
wNDZiksuhRmLHocEKiYLgE36rk4YOnF5Cb+gT1qiU4+yZF2NFcSMs9yYI578pTJz
6rZ5cdIDBmS0kS12o0iOQRN90XOGdPunRGsKwGybBN1UdKbAqr49Ei30+QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFNpJO7JXL3jzskG3QO1Q8y6kYwOMB8GA1UdIwQY
MBaAFAuNG7cnkch4VQ0bnY/vVkrDkZNoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzQwYnR5ZVJ5SGhWRFJ1ZGotOVdTc09SazJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8wMzY3ZDAtZmE4NS00NTQ2LWI4NGMt
MDI3OGM1ZGMxNDkxLzEvVTJrazdzbGN2ZVBPeVFiZEE3VkR6THFSakE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8wMzY3ZDAtZmE4NS00NTQ2LWI4NGMtMDI3OGM1ZGMxNDkx
LzEvQzQwYnR5ZVJ5SGhWRFJ1ZGotOVdTc09SazJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgdChjAN
BgkqhkiG9w0BAQsFAAOCAQEAXqfWL1s5TAkXRMhMTHP7m9Ov5Px6tKHZCVj0udQT
2TBKndfwfImgGBoNK8kNKgzMmAX5ggZDQ8ArwHG7EQKslT504j1uCX4PX7sqWNaL
AsfMqeC3JOiHEx44pqY/1PMrgTm3Tz3cW61hDoKZ9qsJIawX/xQiFHlTZ35SvcgA
Dj06kgTBHrjQoX47pH9erXBt9UOkictCRKCV50uFNFd+sUO3HoJSymzkGlSX2HrK
+gt0ewhHjsasR36dMybwwtobASTLsRDDyc3ab+QNMu3bP0JI1v/vR78i2DTYOU4/
dFEQoCnukuHH0fHMbB11F64YuAFDAZj9ldYBRoxoFK+l4w==
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:15:22 2025 by rpki-client