Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/UOkdb8K8hjqI_Y3-kUF2sjHyYcs.roa
File: UOkdb8K8hjqI_Y3-kUF2sjHyYcs.roa (raw, json)
Hash identifier: iPt3qTGOZAONyh7Dr4riUNPk+2lUQMMT+xPqRbBddDM=
Subject key identifier: 50:E9:1D:6F:C2:BC:86:3A:88:FD:8D:FE:91:41:76:B2:31:F2:61:CB
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 0194EFAC65EC5EA6D76869190D6D01BACB87
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/UOkdb8K8hjqI_Y3-kUF2sjHyYcs.roa
Signing time: Mon 10 Feb 2025 11:44:00 +0000
ROA not before: Mon 10 Feb 2025 11:44:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a09:e306::/32 maxlen: 32
2a0a:b385::/32 maxlen: 32
2a0b:9001::/32 maxlen: 32
2a0b:9005::/32 maxlen: 32
2a0d:afc6::/32 maxlen: 32
2a0f:3105::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 11 Feb 2025 18:43:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ef:ac:65:ec:5e:a6:d7:68:69:19:0d:6d:01:ba:cb:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Feb 10 11:44:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=50e91d6fc2bc863a88fd8dfe914176b231f261cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:1c:d6:70:06:dc:f0:78:68:20:a4:f0:6f:1b:
2f:d5:67:86:ae:2b:ae:96:a6:a6:71:91:b9:e1:6a:
6d:77:58:5c:8e:c4:4d:97:18:5e:69:9d:5e:97:4c:
87:cd:c5:23:cd:7d:dc:5d:75:9e:b2:7b:a5:f3:95:
59:97:3e:16:4b:74:99:71:f2:5d:2f:23:50:84:92:
83:e9:75:36:f3:58:ff:ec:2d:5b:bb:8e:e3:c3:bb:
23:7a:c4:0e:28:7f:43:0c:a1:ad:08:eb:e7:ed:eb:
59:22:2f:dc:5b:54:f2:dc:8a:4c:9a:e8:aa:42:43:
3b:90:06:c2:12:3a:ae:c0:03:cf:f0:33:a1:40:fa:
41:97:8f:e2:fe:ba:8d:d7:6a:1b:5b:b9:15:e7:89:
1e:f9:75:b6:c5:9f:ba:d3:e7:24:45:64:25:dc:05:
0d:fe:ab:4b:30:52:34:f6:e0:41:93:f5:f2:ad:97:
30:8e:84:98:b9:86:1c:01:2c:49:69:2e:68:54:2e:
05:9b:54:e4:7b:98:a3:87:34:51:1b:b2:98:94:a4:
aa:2b:36:43:0b:5d:b8:74:f6:76:f5:69:c3:22:10:
be:de:83:db:8a:c4:2e:43:f1:45:d1:73:74:8d:dd:
c6:c0:d4:cd:fe:6e:2c:78:2a:af:0b:8d:a7:3b:b2:
b6:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:E9:1D:6F:C2:BC:86:3A:88:FD:8D:FE:91:41:76:B2:31:F2:61:CB
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/UOkdb8K8hjqI_Y3-kUF2sjHyYcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:e306::/32
2a0a:b385::/32
2a0b:9001::/32
2a0b:9005::/32
2a0d:afc6::/32
2a0f:3105::/32
Signature Algorithm: sha256WithRSAEncryption
45:e6:ed:99:f3:b8:90:bb:98:34:c8:fd:49:9e:b2:74:9e:19:
fb:d5:67:21:5a:de:21:c7:e3:4e:42:a3:57:3f:9e:66:68:5c:
cb:3d:0d:f5:21:25:7b:34:9d:d1:87:72:b6:f9:64:52:a3:2d:
ef:ff:68:59:12:7a:ca:1d:a3:e2:10:ea:f8:7d:b0:bb:c9:95:
59:b1:70:f4:d1:c8:49:a2:35:9c:17:bc:71:30:94:97:29:5c:
dd:b5:cd:d1:ce:9c:7b:9b:0c:98:05:fb:99:18:90:08:a6:ae:
12:69:db:90:70:18:bb:1c:31:7e:3f:df:be:e2:69:06:81:9d:
23:37:54:1f:eb:3b:74:1e:e7:83:2f:0c:ca:5d:79:de:16:7e:
ff:33:6d:55:5d:bf:2b:3f:8f:85:45:29:32:54:8f:a3:5e:76:
8a:cd:dc:01:10:34:97:77:10:41:97:97:78:db:d1:8a:a3:e7:
93:7b:92:94:b5:ac:c9:1d:76:e2:d6:d4:c1:e0:d2:7f:92:1d:
21:c6:68:7a:2b:93:46:46:ec:fa:fa:ce:cc:4b:3a:d7:9b:f1:
50:9b:4e:4e:97:fd:45:4e:36:e6:61:13:ca:e3:0f:32:19:bd:
e3:70:f5:2d:45:ce:ec:ab:c4:db:a6:00:af:d7:95:58:09:61:
32:c7:59:cc
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZTvrGXsXqbXaGkZDW0BusuHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjUwMjEwMTE0NDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGU5MWQ2ZmMyYmM4NjNhODhmZDhkZmU5MTQxNzZiMjMxZjI2MWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRzWcAbc8HhoIKTwbxsv1WeGriuu
lqamcZG54Wptd1hcjsRNlxheaZ1el0yHzcUjzX3cXXWesnul85VZlz4WS3SZcfJd
LyNQhJKD6XU281j/7C1bu47jw7sjesQOKH9DDKGtCOvn7etZIi/cW1Ty3IpMmuiq
QkM7kAbCEjquwAPP8DOhQPpBl4/i/rqN12obW7kV54ke+XW2xZ+60+ckRWQl3AUN
/qtLMFI09uBBk/XyrZcwjoSYuYYcASxJaS5oVC4Fm1Tke5ijhzRRG7KYlKSqKzZD
C124dPZ29WnDIhC+3oPbisQuQ/FF0XN0jd3GwNTN/m4seCqvC42nO7K2WQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFFDpHW/CvIY6iP2N/pFBdrIx8mHLMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvVU9rZGI4SzhoanFJX1kzLWtVRjJzakh5WWNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUAKgnjBgMF
ACoKs4UDBQAqC5ABAwUAKguQBQMFACoNr8YDBQAqDzEFMA0GCSqGSIb3DQEBCwUA
A4IBAQBF5u2Z87iQu5g0yP1JnrJ0nhn71WchWt4hx+NOQqNXP55maFzLPQ31ISV7
NJ3Rh3K2+WRSoy3v/2hZEnrKHaPiEOr4fbC7yZVZsXD00chJojWcF7xxMJSXKVzd
tc3Rzpx7mwyYBfuZGJAIpq4SaduQcBi7HDF+P9++4mkGgZ0jN1Qf6zt0HueDLwzK
XXneFn7/M21VXb8rP4+FRSkyVI+jXnaKzdwBEDSXdxBBl5d429GKo+eTe5KUtazJ
HXbi1tTB4NJ/kh0hxmh6K5NGRuz6+s7MSzrXm/FQm05Ol/1FTjbmYRPK4w8yGb3j
cPUtRc7sq8TbpgCv15VYCWEyx1nM
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:01:26 2025 by rpki-client