Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/upeOPhDLoc23LTCQjJjKtSssfT8.roa
File: upeOPhDLoc23LTCQjJjKtSssfT8.roa (raw, json)
Hash identifier: /HllCH83QUzPFyapqZNfsT5omTXGzHP4IfWrBUsYTn8=
Subject key identifier: BA:97:8E:3E:10:CB:A1:CD:B7:2D:30:90:8C:98:CA:B5:2B:2C:7D:3F
Certificate issuer: /CN=668d2f64c337465ed38da5f7cc4584df87d4a744
Certificate serial: 018CC3B7207884BD9C0E4B3138F9A1E4E3FB
Authority key identifier: 66:8D:2F:64:C3:37:46:5E:D3:8D:A5:F7:CC:45:84:DF:87:D4:A7:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/upeOPhDLoc23LTCQjJjKtSssfT8.roa
Signing time: Mon 01 Jan 2024 06:30:07 +0000
ROA not before: Mon 01 Jan 2024 06:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12857
IP address blocks: 2a00:b400::/29 maxlen: 36
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:20:78:84:bd:9c:0e:4b:31:38:f9:a1:e4:e3:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=668d2f64c337465ed38da5f7cc4584df87d4a744
Validity
Not Before: Jan 1 06:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba978e3e10cba1cdb72d30908c98cab52b2c7d3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:54:4d:de:4f:86:51:8b:41:95:a5:68:ed:02:
0e:00:0b:4b:25:fd:b5:27:0d:e5:d2:06:76:58:10:
35:26:0b:73:6f:b2:ec:4f:c7:3e:99:b3:3a:63:7c:
b7:43:aa:99:b0:cc:db:51:4e:a8:ea:6b:6c:fc:f2:
c8:29:3f:e1:a8:a7:e6:5c:08:5a:81:05:fb:b1:f5:
47:ea:74:a9:c4:67:45:51:fc:de:18:a0:f4:ed:41:
5e:25:af:6f:d7:10:52:3f:0a:99:3c:9c:37:d3:cb:
03:ba:cc:7e:18:28:bb:d9:16:07:ae:2d:a5:ee:e9:
56:97:14:46:82:68:46:b8:1e:b0:0a:aa:bf:c1:4c:
05:0c:ad:a4:bf:30:92:3a:76:8e:0e:41:3f:d8:94:
ab:75:bc:5a:84:3d:86:6c:af:0a:e7:f7:2a:a1:cf:
8e:87:53:94:77:a9:e2:a2:c4:24:d2:25:e3:51:e4:
46:0e:b9:2f:79:6e:30:8e:51:c2:35:05:91:63:f9:
31:fc:a7:fe:00:7b:f0:78:ed:8f:ce:ad:9b:07:65:
f8:4d:40:9d:86:f8:08:a4:29:43:9c:22:6f:ca:57:
13:1f:b4:03:68:8c:cb:26:d5:ba:88:ba:9c:de:b8:
ec:50:7e:59:c7:4a:02:dd:1e:f9:2f:7d:8a:7a:39:
1f:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:97:8E:3E:10:CB:A1:CD:B7:2D:30:90:8C:98:CA:B5:2B:2C:7D:3F
X509v3 Authority Key Identifier:
keyid:66:8D:2F:64:C3:37:46:5E:D3:8D:A5:F7:CC:45:84:DF:87:D4:A7:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/upeOPhDLoc23LTCQjJjKtSssfT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:b400::/29
Signature Algorithm: sha256WithRSAEncryption
93:fb:b0:90:b9:51:38:f4:29:33:08:a8:a4:b3:a3:95:51:e9:
42:3f:50:c4:3c:77:91:3d:a6:b5:1f:2d:f3:30:f2:1b:54:9a:
5b:64:ab:20:7f:3e:5b:7b:b8:0c:5b:9c:6b:a0:a1:ba:85:02:
76:70:fd:cc:e2:97:3d:65:84:2b:b1:58:f6:2e:c4:1e:85:4b:
d2:26:53:3b:8b:c9:6d:82:f0:87:be:ee:55:1f:d2:f2:2f:98:
2a:d5:48:09:e1:17:24:07:96:2d:db:9b:70:92:b7:cf:6a:6d:
16:83:23:55:fb:6f:8b:57:9e:1e:a3:59:df:2b:b2:77:00:da:
82:85:9c:a6:ff:5b:f4:e3:b7:b0:12:70:89:0c:90:7b:c2:5c:
51:bf:8e:de:e2:19:2d:86:8b:6e:90:b8:52:a6:26:88:a4:fb:
f2:96:54:98:bc:a1:59:cf:c2:66:01:24:31:bd:fb:8f:71:4c:
30:27:3b:1b:1a:22:00:f1:55:4b:ff:82:86:b1:1e:c8:13:d1:
fa:94:e3:4c:35:a2:d8:13:0c:87:82:5f:cb:f0:2d:d7:f0:19:
62:32:6d:2f:c1:62:23:42:bf:c7:3b:63:04:44:37:d6:1b:02:
a5:c9:75:dc:bd:fe:58:30:60:2b:c1:3c:46:6a:4f:e4:44:50:
79:04:87:4d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzDtyB4hL2cDksxOPmh5OP7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OGQyZjY0YzMzNzQ2NWVkMzhkYTVmN2NjNDU4NGRmODdk
NGE3NDQwHhcNMjQwMTAxMDYzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTk3OGUzZTEwY2JhMWNkYjcyZDMwOTA4Yzk4Y2FiNTJiMmM3ZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFRN3k+GUYtBlaVo7QIOAAtLJf21
Jw3l0gZ2WBA1Jgtzb7LsT8c+mbM6Y3y3Q6qZsMzbUU6o6mts/PLIKT/hqKfmXAha
gQX7sfVH6nSpxGdFUfzeGKD07UFeJa9v1xBSPwqZPJw308sDusx+GCi72RYHri2l
7ulWlxRGgmhGuB6wCqq/wUwFDK2kvzCSOnaODkE/2JSrdbxahD2GbK8K5/cqoc+O
h1OUd6niosQk0iXjUeRGDrkveW4wjlHCNQWRY/kx/Kf+AHvweO2Pzq2bB2X4TUCd
hvgIpClDnCJvylcTH7QDaIzLJtW6iLqc3rjsUH5Zx0oC3R75L32KejkfzQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLqXjj4Qy6HNty0wkIyYyrUrLH0/MB8GA1UdIwQY
MBaAFGaNL2TDN0Ze042l98xFhN+H1KdEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm8wdlpNTTNSbDdUamFYM3pFV0UzNGZVcDBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS84MjhiMGYtODBlOC00MjdiLTk3MWQt
MzhiYmNmYWVlNmNlLzEvdXBlT1BoRExvYzIzTFRDUWpKakt0U3NzZlQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS84MjhiMGYtODBlOC00MjdiLTk3MWQtMzhiYmNmYWVlNmNl
LzEvWm8wdlpNTTNSbDdUamFYM3pFV0UzNGZVcDBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgC0ADAN
BgkqhkiG9w0BAQsFAAOCAQEAk/uwkLlROPQpMwiopLOjlVHpQj9QxDx3kT2mtR8t
8zDyG1SaW2SrIH8+W3u4DFuca6ChuoUCdnD9zOKXPWWEK7FY9i7EHoVL0iZTO4vJ
bYLwh77uVR/S8i+YKtVICeEXJAeWLdubcJK3z2ptFoMjVftvi1eeHqNZ3yuydwDa
goWcpv9b9OO3sBJwiQyQe8JcUb+O3uIZLYaLbpC4UqYmiKT78pZUmLyhWc/CZgEk
Mb37j3FMMCc7GxoiAPFVS/+ChrEeyBPR+pTjTDWi2BMMh4Jfy/At1/AZYjJtL8Fi
I0K/xztjBEQ31hsCpcl13L3+WDBgK8E8RmpP5ERQeQSHTQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:40:42 2025 by rpki-client