Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/Uk1R-rtw08p5xLmEPvlebcp5bkA.roa
File: Uk1R-rtw08p5xLmEPvlebcp5bkA.roa (raw, json)
Hash identifier: IrnRidpvKx1Xa46ym1q3rIhb1GsbkHYIP1WCBTtQPQI=
Subject key identifier: 52:4D:51:FA:BB:70:D3:CA:79:C4:B9:84:3E:F9:5E:6D:CA:79:6E:40
Certificate issuer: /CN=9891c4488699e6d024e39cc4d61eeeabd38010fa
Certificate serial: 018CC7935CB0E774525A055584291549F47F
Authority key identifier: 98:91:C4:48:86:99:E6:D0:24:E3:9C:C4:D6:1E:EE:AB:D3:80:10:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mJHESIaZ5tAk45zE1h7uq9OAEPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/Uk1R-rtw08p5xLmEPvlebcp5bkA.roa
Signing time: Tue 02 Jan 2024 00:29:32 +0000
ROA not before: Tue 02 Jan 2024 00:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29588
IP address blocks: 2a00:f440:a::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:5c:b0:e7:74:52:5a:05:55:84:29:15:49:f4:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9891c4488699e6d024e39cc4d61eeeabd38010fa
Validity
Not Before: Jan 2 00:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=524d51fabb70d3ca79c4b9843ef95e6dca796e40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d7:2f:e4:de:5f:16:83:6a:5c:ad:49:36:29:
2c:3e:08:d7:98:38:96:0d:e3:8b:90:d1:b2:26:f1:
40:9e:99:9b:c2:0f:56:60:41:00:54:01:cd:58:5b:
f2:0a:7e:db:70:16:bd:f7:7e:cd:fa:b5:36:28:d2:
24:f3:35:99:28:f3:54:24:97:11:23:33:dd:fe:cd:
d6:ae:43:8d:0f:52:a1:58:42:9e:00:52:11:77:81:
5e:60:b9:34:15:2b:f0:4d:6c:62:8f:8c:6d:63:8e:
c7:ff:bf:fc:4c:7f:06:5c:c5:0a:e1:40:d9:30:3c:
06:d9:9e:af:12:1a:26:ac:6f:59:62:ad:e1:fc:af:
8e:02:d1:a5:c2:b6:e3:06:1e:7c:a6:e9:cf:c0:4d:
53:ba:14:42:cc:4b:2b:7f:19:71:19:b0:91:bd:bb:
38:96:74:44:31:4a:8d:cd:52:93:e1:24:2d:c9:00:
e9:2c:95:9c:90:32:dc:0a:c6:8a:34:62:d5:78:14:
b9:de:19:fb:90:1b:60:8d:15:39:cf:6c:4f:a4:17:
4d:dc:80:cc:eb:78:69:7f:5d:9c:f9:33:3a:12:2c:
39:a4:3e:13:e8:51:cb:44:4b:da:06:f0:0f:78:ee:
d4:e6:29:26:cb:21:c0:16:de:d3:93:30:e0:24:9f:
b8:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:4D:51:FA:BB:70:D3:CA:79:C4:B9:84:3E:F9:5E:6D:CA:79:6E:40
X509v3 Authority Key Identifier:
keyid:98:91:C4:48:86:99:E6:D0:24:E3:9C:C4:D6:1E:EE:AB:D3:80:10:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mJHESIaZ5tAk45zE1h7uq9OAEPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/Uk1R-rtw08p5xLmEPvlebcp5bkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/mJHESIaZ5tAk45zE1h7uq9OAEPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:f440:a::/48
Signature Algorithm: sha256WithRSAEncryption
60:98:b0:da:94:7f:3a:a8:a9:c0:e0:69:18:b2:1c:fb:48:5f:
3e:2d:79:cf:58:a7:92:91:f3:31:96:7a:9a:17:34:a7:25:d2:
48:e7:35:b9:ce:5c:e8:9a:dd:f7:75:47:96:e5:f0:5d:02:f5:
09:3f:6d:51:20:f2:c9:cc:70:1a:d7:64:31:5e:9d:10:1d:d5:
d6:50:9c:c7:ea:8d:32:95:5e:f2:cc:46:f7:a3:70:f4:ca:0e:
2e:37:a5:a5:7f:d2:78:cb:3e:81:8c:fe:18:43:8e:13:af:1b:
8d:b2:8b:6a:0f:a5:c5:77:d7:77:0f:a8:a1:99:c1:f1:35:11:
be:6a:b4:52:d2:ed:58:38:99:29:56:d3:fd:14:44:55:4f:11:
aa:8f:56:27:94:23:bb:ef:bd:a2:d4:25:77:a3:32:ef:c5:db:
d3:a0:7f:7e:e0:42:04:04:fd:55:35:02:46:a9:32:40:24:9c:
eb:d7:53:81:50:fc:82:58:14:90:4a:82:6d:48:75:6b:56:b7:
b3:6d:94:85:91:b6:de:b7:57:64:ce:47:93:66:fa:8e:a3:be:
25:0a:c5:3e:76:1c:28:2c:23:ea:29:c0:58:4d:68:a8:12:14:
36:63:44:72:e6:9f:9b:72:ca:87:ad:ef:c5:9e:95:fe:94:42:
68:69:6b:cc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzHk1yw53RSWgVVhCkVSfR/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4OTFjNDQ4ODY5OWU2ZDAyNGUzOWNjNGQ2MWVlZWFiZDM4
MDEwZmEwHhcNMjQwMTAyMDAyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjRkNTFmYWJiNzBkM2NhNzljNGI5ODQzZWY5NWU2ZGNhNzk2ZTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9cv5N5fFoNqXK1JNiksPgjXmDiW
DeOLkNGyJvFAnpmbwg9WYEEAVAHNWFvyCn7bcBa9937N+rU2KNIk8zWZKPNUJJcR
IzPd/s3WrkOND1KhWEKeAFIRd4FeYLk0FSvwTWxij4xtY47H/7/8TH8GXMUK4UDZ
MDwG2Z6vEhomrG9ZYq3h/K+OAtGlwrbjBh58punPwE1TuhRCzEsrfxlxGbCRvbs4
lnREMUqNzVKT4SQtyQDpLJWckDLcCsaKNGLVeBS53hn7kBtgjRU5z2xPpBdN3IDM
63hpf12c+TM6Eiw5pD4T6FHLREvaBvAPeO7U5ikmyyHAFt7TkzDgJJ+4owIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFJNUfq7cNPKecS5hD75Xm3KeW5AMB8GA1UdIwQY
MBaAFJiRxEiGmebQJOOcxNYe7qvTgBD6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUpIRVNJYVo1dEFrNDV6RTFoN3VxOU9BRVBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80N2RmMDAtODQ2OC00YzM5LWJlOTUt
ZTEwYTYwNTk2YzI2LzEvVWsxUi1ydHcwOHA1eExtRVB2bGViY3A1YmtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80N2RmMDAtODQ2OC00YzM5LWJlOTUtZTEwYTYwNTk2YzI2
LzEvbUpIRVNJYVo1dEFrNDV6RTFoN3VxOU9BRVBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgD0QAAK
MA0GCSqGSIb3DQEBCwUAA4IBAQBgmLDalH86qKnA4GkYshz7SF8+LXnPWKeSkfMx
lnqaFzSnJdJI5zW5zlzomt33dUeW5fBdAvUJP21RIPLJzHAa12QxXp0QHdXWUJzH
6o0ylV7yzEb3o3D0yg4uN6Wlf9J4yz6BjP4YQ44TrxuNsotqD6XFd9d3D6ihmcHx
NRG+arRS0u1YOJkpVtP9FERVTxGqj1YnlCO7772i1CV3ozLvxdvToH9+4EIEBP1V
NQJGqTJAJJzr11OBUPyCWBSQSoJtSHVrVrezbZSFkbbet1dkzkeTZvqOo74lCsU+
dhwoLCPqKcBYTWioEhQ2Y0Ry5p+bcsqHre/FnpX+lEJoaWvM
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:36:24 2025 by rpki-client