Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/d910d1-94c6-4412-8506-9cb51e51ff77/1/u7tj3LPRzyxn3QGAVRHf_bUWPrI.roa
File: u7tj3LPRzyxn3QGAVRHf_bUWPrI.roa (raw, json)
Hash identifier: gCe0qSZoQrH1CNr5pkABgJT+fnFKTKOcXxWC/2/S5+E=
Subject key identifier: BB:BB:63:DC:B3:D1:CF:2C:67:DD:01:80:55:11:DF:FD:B5:16:3E:B2
Certificate issuer: /CN=40662733bc873d13e1f9f66e8dff75c820d5d2f7
Certificate serial: 0193D4BBDEEF5F433CE9B5650FEEFBC190FF
Authority key identifier: 40:66:27:33:BC:87:3D:13:E1:F9:F6:6E:8D:FF:75:C8:20:D5:D2:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QGYnM7yHPRPh-fZujf91yCDV0vc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/d910d1-94c6-4412-8506-9cb51e51ff77/1/u7tj3LPRzyxn3QGAVRHf_bUWPrI.roa
Signing time: Tue 17 Dec 2024 13:08:22 +0000
ROA not before: Tue 17 Dec 2024 13:08:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56488
IP address blocks: 217.28.136.0/24 maxlen: 24
2a12:2540::/29 maxlen: 33
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d4:bb:de:ef:5f:43:3c:e9:b5:65:0f:ee:fb:c1:90:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40662733bc873d13e1f9f66e8dff75c820d5d2f7
Validity
Not Before: Dec 17 13:08:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bbbb63dcb3d1cf2c67dd01805511dffdb5163eb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:27:4d:fa:53:b6:73:1e:af:f3:81:af:f8:a5:
58:5f:0a:e7:b6:7f:d5:1d:a2:9b:1b:44:cc:a8:6f:
a1:f5:02:39:28:5d:f2:07:7d:86:24:f2:aa:cd:97:
38:64:05:a7:b7:69:f6:8b:54:cc:ee:51:5b:b7:e6:
0a:61:95:59:4f:ac:a4:5e:a3:c2:6a:5a:f2:48:6e:
21:f2:a3:d5:8b:ab:d9:12:70:cd:63:58:93:02:d3:
e2:60:5e:e1:85:fa:f3:87:55:48:8d:d6:a4:87:74:
04:79:d6:f1:2e:7d:a7:c3:cd:9e:4b:67:75:f8:57:
79:da:73:e4:20:6e:7d:a2:3d:46:10:84:1a:20:54:
ef:c8:fa:e0:77:e3:ab:99:a1:cd:e1:33:54:cd:33:
2c:f0:da:a6:61:72:0b:17:34:6c:4c:05:21:e0:83:
f0:b2:a0:e0:ea:a1:60:39:63:a8:ca:4e:62:2c:69:
e6:cd:e8:65:cd:69:33:6b:f5:f0:9e:48:8f:40:6d:
cc:1e:49:f5:d2:18:5d:93:63:40:ff:89:86:98:3a:
e5:3a:43:51:77:e5:58:2d:bd:3a:e0:f8:4d:7d:7e:
10:c1:08:c2:1b:a6:d5:60:bf:71:32:12:8b:d3:47:
e0:71:98:58:d5:53:58:ec:e6:23:62:bd:12:8c:af:
94:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:BB:63:DC:B3:D1:CF:2C:67:DD:01:80:55:11:DF:FD:B5:16:3E:B2
X509v3 Authority Key Identifier:
keyid:40:66:27:33:BC:87:3D:13:E1:F9:F6:6E:8D:FF:75:C8:20:D5:D2:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QGYnM7yHPRPh-fZujf91yCDV0vc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/d910d1-94c6-4412-8506-9cb51e51ff77/1/u7tj3LPRzyxn3QGAVRHf_bUWPrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/d910d1-94c6-4412-8506-9cb51e51ff77/1/QGYnM7yHPRPh-fZujf91yCDV0vc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.28.136.0/24
IPv6:
2a12:2540::/29
Signature Algorithm: sha256WithRSAEncryption
46:2e:d1:d6:24:aa:02:17:97:3d:a6:eb:3c:3a:72:9d:f6:35:
a4:d4:62:ad:fe:59:5b:66:42:73:e3:79:ab:40:1d:09:d5:2a:
82:a9:6c:dc:b4:e7:60:04:91:3f:ad:b2:c4:58:b8:23:c8:cc:
c0:b8:99:59:e7:2c:df:35:a4:ec:7a:a0:a9:01:e3:85:d2:35:
25:f4:c5:87:80:2d:b5:32:5d:43:62:7d:79:0f:08:67:13:67:
e7:28:f7:58:8a:6c:5c:61:06:b2:93:6e:93:13:2b:b9:35:95:
88:a6:95:7b:d1:3a:93:8d:0e:53:cb:ad:a9:30:9a:2e:f0:c8:
ad:33:d1:bf:4a:b0:29:dd:77:b9:0a:30:56:02:42:cd:95:ac:
f7:c0:11:2e:3c:c6:04:ec:1a:2e:36:8e:21:de:a2:93:fd:39:
81:37:fa:d7:22:83:50:3c:80:99:2d:6f:c3:2d:ee:6e:f9:17:
6d:a8:1b:5c:22:de:de:1d:4e:ab:67:80:62:88:ff:90:cf:bf:
e4:84:c7:6f:36:de:28:1c:40:5f:f1:eb:0b:59:56:5e:24:97:
2f:c1:c6:c0:b0:98:7f:92:85:a5:31:4f:49:9e:13:e6:18:59:
8b:a7:1d:62:41:8f:8e:ad:c6:fa:c8:34:e2:0d:13:ac:c0:69:
55:dc:06:ae
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZPUu97vX0M86bVlD+77wZD/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNjYyNzMzYmM4NzNkMTNlMWY5ZjY2ZThkZmY3NWM4MjBk
NWQyZjcwHhcNMjQxMjE3MTMwODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmJiNjNkY2IzZDFjZjJjNjdkZDAxODA1NTExZGZmZGI1MTYzZWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSdN+lO2cx6v84Gv+KVYXwrntn/V
HaKbG0TMqG+h9QI5KF3yB32GJPKqzZc4ZAWnt2n2i1TM7lFbt+YKYZVZT6ykXqPC
alrySG4h8qPVi6vZEnDNY1iTAtPiYF7hhfrzh1VIjdakh3QEedbxLn2nw82eS2d1
+Fd52nPkIG59oj1GEIQaIFTvyPrgd+OrmaHN4TNUzTMs8NqmYXILFzRsTAUh4IPw
sqDg6qFgOWOoyk5iLGnmzehlzWkza/XwnkiPQG3MHkn10hhdk2NA/4mGmDrlOkNR
d+VYLb064PhNfX4QwQjCG6bVYL9xMhKL00fgcZhY1VNY7OYjYr0SjK+U/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLu7Y9yz0c8sZ90BgFUR3/21Fj6yMB8GA1UdIwQY
MBaAFEBmJzO8hz0T4fn2bo3/dcgg1dL3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUdZbk03eUhQUlBoLWZadWpmOTF5Q0RWMHZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9kOTEwZDEtOTRjNi00NDEyLTg1MDYt
OWNiNTFlNTFmZjc3LzEvdTd0ajNMUFJ6eXhuM1FHQVZSSGZfYlVXUHJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9kOTEwZDEtOTRjNi00NDEyLTg1MDYtOWNiNTFlNTFmZjc3
LzEvUUdZbk03eUhQUlBoLWZadWpmOTF5Q0RWMHZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA2RyIMA0E
AgACMAcDBQMqEiVAMA0GCSqGSIb3DQEBCwUAA4IBAQBGLtHWJKoCF5c9pus8OnKd
9jWk1GKt/llbZkJz43mrQB0J1SqCqWzctOdgBJE/rbLEWLgjyMzAuJlZ5yzfNaTs
eqCpAeOF0jUl9MWHgC21Ml1DYn15DwhnE2fnKPdYimxcYQayk26TEyu5NZWIppV7
0TqTjQ5Ty62pMJou8MitM9G/SrAp3Xe5CjBWAkLNlaz3wBEuPMYE7BouNo4h3qKT
/TmBN/rXIoNQPICZLW/DLe5u+RdtqBtcIt7eHU6rZ4BiiP+Qz7/khMdvNt4oHEBf
8esLWVZeJJcvwcbAsJh/koWlMU9JnhPmGFmLpx1iQY+Orcb6yDTiDROswGlV3Aau
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:01:51 2025 by rpki-client