Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/uYQso--0i-i8ahbO50Bx9-B4kWE.roa
File: uYQso--0i-i8ahbO50Bx9-B4kWE.roa (raw, json)
Hash identifier: mIh3VkFjjXZtoOkPcAGWgIPPDEEtegYiaixmlcf+fZU=
Subject key identifier: B9:84:2C:A3:EF:B4:8B:E8:BC:6A:16:CE:E7:40:71:F7:E0:78:91:61
Certificate issuer: /CN=c236e8c216f05a9d9e0327f1222bf12198aba5da
Certificate serial: 019421B247D9004403839DDD306D521C20E5
Authority key identifier: C2:36:E8:C2:16:F0:5A:9D:9E:03:27:F1:22:2B:F1:21:98:AB:A5:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/uYQso--0i-i8ahbO50Bx9-B4kWE.roa
Signing time: Wed 01 Jan 2025 11:48:39 +0000
ROA not before: Wed 01 Jan 2025 11:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215828
IP address blocks: 2a07:2486::/48 maxlen: 48
2a07:2486:1::/48 maxlen: 48
2a07:2486:333::/48 maxlen: 48
2a07:2487::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:19:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:47:d9:00:44:03:83:9d:dd:30:6d:52:1c:20:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c236e8c216f05a9d9e0327f1222bf12198aba5da
Validity
Not Before: Jan 1 11:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b9842ca3efb48be8bc6a16cee74071f7e0789161
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:48:c3:ae:5e:bd:f9:5e:11:ab:e0:17:14:59:
62:7f:2b:9a:3c:59:c9:74:fb:63:f8:dd:b9:1d:61:
a5:30:36:a6:d9:f1:8f:a6:28:77:bf:b5:04:a7:6d:
c9:24:05:43:e9:b3:c8:21:2b:87:7d:d2:d3:07:df:
08:37:24:a3:47:67:11:67:70:d2:ba:14:b6:26:ec:
c3:c1:d4:e1:29:69:8c:9c:e2:31:5c:0c:d2:20:2e:
ca:0f:3e:56:50:2e:cc:9d:d2:8a:15:33:0c:2f:a3:
98:71:70:46:d8:d2:e1:c7:f9:7d:44:46:c4:f3:f3:
81:62:6d:23:6e:d6:6c:74:55:3e:24:14:82:be:2d:
37:9e:50:a8:14:1d:ef:d6:7d:86:11:a6:9a:ac:7e:
89:4d:b7:d4:4d:29:08:d1:e5:de:12:fe:ba:f3:ce:
76:9d:c6:84:9d:a9:2f:26:82:d3:49:a2:33:a6:e7:
f2:22:c8:e7:49:2e:c9:38:b2:ec:25:66:6d:b3:68:
ec:96:e3:6d:b9:6e:ae:68:4e:c2:18:92:49:a6:0e:
90:68:ed:ed:66:59:75:f3:8a:31:79:a7:7d:d8:40:
d6:b7:76:f5:c5:ce:4d:4d:1f:13:ae:2f:d4:99:8d:
3a:f9:57:f2:3a:e6:30:43:6f:c7:cd:2b:3c:e9:48:
b8:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:84:2C:A3:EF:B4:8B:E8:BC:6A:16:CE:E7:40:71:F7:E0:78:91:61
X509v3 Authority Key Identifier:
keyid:C2:36:E8:C2:16:F0:5A:9D:9E:03:27:F1:22:2B:F1:21:98:AB:A5:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/uYQso--0i-i8ahbO50Bx9-B4kWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/wjbowhbwWp2eAyfxIivxIZirpdo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:2486::/47
2a07:2486:333::/48
2a07:2487::/32
Signature Algorithm: sha256WithRSAEncryption
25:1e:dd:11:a1:f4:6d:51:b2:07:29:76:5c:23:e6:57:14:78:
20:eb:e9:d7:47:b3:0f:ef:a0:23:1f:18:2d:3d:04:9c:1f:68:
f9:1c:4c:09:7f:31:65:91:49:1e:b2:fb:dc:4e:a3:3c:4d:fd:
40:1a:4b:07:72:41:dc:34:18:ee:c9:03:26:d5:8f:f2:9b:c5:
c3:c2:1c:08:4d:9e:f4:6a:f6:96:8e:b8:e5:6f:36:eb:8e:8e:
79:30:50:da:90:b8:5f:e9:03:91:24:f3:dc:67:94:d3:b1:e4:
42:d7:1d:6f:fe:2a:d6:60:f8:e2:44:12:ac:93:73:c7:2a:4a:
ed:28:cd:3b:97:35:ac:2b:ea:31:68:ff:15:6a:eb:2c:e0:de:
a9:6c:7b:bd:93:52:32:d7:a7:0a:8c:58:4f:e4:e4:11:a0:a7:
19:ef:6e:23:9e:cd:1b:cf:c1:9d:5f:3a:39:eb:d1:68:ee:5a:
fd:f4:a2:74:1c:46:1d:6d:60:b1:25:43:1a:ad:9a:0e:9f:76:
01:f7:67:24:ed:b1:50:e4:9a:f3:0b:4a:4d:63:ec:ad:2a:57:
75:a3:6a:fa:5f:0d:23:10:6d:61:c0:3c:32:d8:9a:85:43:f5:
ff:c4:d3:9d:51:f0:c8:f8:8c:60:a7:09:a6:36:09:84:6c:bb:
d3:b1:1e:b2
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZQhskfZAEQDg53dMG1SHCDlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMzZlOGMyMTZmMDVhOWQ5ZTAzMjdmMTIyMmJmMTIxOThh
YmE1ZGEwHhcNMjUwMTAxMTE0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTg0MmNhM2VmYjQ4YmU4YmM2YTE2Y2VlNzQwNzFmN2UwNzg5MTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00jDrl69+V4Rq+AXFFlifyuaPFnJ
dPtj+N25HWGlMDam2fGPpih3v7UEp23JJAVD6bPIISuHfdLTB98INySjR2cRZ3DS
uhS2JuzDwdThKWmMnOIxXAzSIC7KDz5WUC7MndKKFTMML6OYcXBG2NLhx/l9REbE
8/OBYm0jbtZsdFU+JBSCvi03nlCoFB3v1n2GEaaarH6JTbfUTSkI0eXeEv668852
ncaEnakvJoLTSaIzpufyIsjnSS7JOLLsJWZts2jsluNtuW6uaE7CGJJJpg6QaO3t
Zll184oxead92EDWt3b1xc5NTR8Tri/UmY06+VfyOuYwQ2/HzSs86Ui4nQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFLmELKPvtIvovGoWzudAcffgeJFhMB8GA1UdIwQY
MBaAFMI26MIW8FqdngMn8SIr8SGYq6XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2pib3doYndXcDJlQXlmeElpdnhJWmlycGRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yYTQxM2UtODk3NC00ZGM3LTljZTgt
Mzg0ZmZjZTc3ZjUyLzEvdVlRc28tLTBpLWk4YWhiTzUwQng5LUI0a1dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yYTQxM2UtODk3NC00ZGM3LTljZTgtMzg0ZmZjZTc3ZjUy
LzEvd2pib3doYndXcDJlQXlmeElpdnhJWmlycGRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAAjAZAwcBKgckhgAA
AwcAKgckhgMzAwUAKgckhzANBgkqhkiG9w0BAQsFAAOCAQEAJR7dEaH0bVGyByl2
XCPmVxR4IOvp10ezD++gIx8YLT0EnB9o+RxMCX8xZZFJHrL73E6jPE39QBpLB3JB
3DQY7skDJtWP8pvFw8IcCE2e9Gr2lo645W82646OeTBQ2pC4X+kDkSTz3GeU07Hk
Qtcdb/4q1mD44kQSrJNzxypK7SjNO5c1rCvqMWj/FWrrLODeqWx7vZNSMtenCoxY
T+TkEaCnGe9uI57NG8/BnV86OevRaO5a/fSidBxGHW1gsSVDGq2aDp92AfdnJO2x
UOSa8wtKTWPsrSpXdaNq+l8NIxBtYcA8MtiahUP1/8TTnVHwyPiMYKcJpjYJhGy7
07Eesg==
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:25:12 2025 by rpki-client