Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/UpdH-CU4x7UvuXTkr8GsLz-IJtQ.roa
File: UpdH-CU4x7UvuXTkr8GsLz-IJtQ.roa (raw, json)
Hash identifier: mG1Gp/TQn1Q7iIAQGrCZCPcKJkWCVBrecD5gK5XNf7Q=
Subject key identifier: 52:97:47:F8:25:38:C7:B5:2F:B9:74:E4:AF:C1:AC:2F:3F:88:26:D4
Certificate issuer: /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial: 019426D99345269081B335C311782B0FD473
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/UpdH-CU4x7UvuXTkr8GsLz-IJtQ.roa
Signing time: Thu 02 Jan 2025 11:49:40 +0000
ROA not before: Thu 02 Jan 2025 11:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216431
IP address blocks: 2a03:5840:fe::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 09 Jan 2025 16:52:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:93:45:26:90:81:b3:35:c3:11:78:2b:0f:d4:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Validity
Not Before: Jan 2 11:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=529747f82538c7b52fb974e4afc1ac2f3f8826d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:11:1d:bf:2e:73:64:8a:c8:9d:8c:3f:74:3b:
e0:3c:de:40:38:84:63:83:43:63:8b:2a:8c:7a:00:
2c:09:12:22:d3:50:cc:0e:59:02:9f:f5:2e:25:d9:
b6:24:ec:d1:f3:dc:66:a2:f8:86:93:7f:74:94:bc:
c8:1e:37:3d:5d:6c:51:8a:ea:7b:d1:c1:30:92:73:
c4:77:02:08:1a:9e:e6:ed:16:2b:e6:3c:38:f6:d6:
14:6b:1e:a4:1c:25:a8:e2:08:de:5b:c4:01:ab:84:
bf:33:a3:2a:1c:bf:3a:e2:38:34:e0:66:27:52:7e:
c8:f3:4b:a4:f1:8f:20:ed:70:fd:58:23:37:48:00:
17:72:c0:d2:74:bf:12:b9:a3:a0:25:13:a3:b3:65:
49:31:41:f8:45:aa:35:93:29:7c:f9:5f:4d:1f:94:
6a:32:02:93:c7:ea:d5:b5:fa:ca:66:5d:3f:ca:99:
5d:2e:9d:33:d0:c4:d4:53:30:03:46:3c:ae:79:06:
cb:94:3a:cd:2c:e7:e1:41:20:54:0d:d7:d8:b5:1e:
42:cd:6b:73:26:e2:a5:af:04:27:46:9c:48:1a:b9:
3b:17:c1:6c:e0:a2:d5:b7:53:03:90:ed:f9:aa:08:
f0:39:4a:a1:f9:6b:a4:d0:66:7c:cb:a1:64:18:a5:
d1:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:97:47:F8:25:38:C7:B5:2F:B9:74:E4:AF:C1:AC:2F:3F:88:26:D4
X509v3 Authority Key Identifier:
keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/UpdH-CU4x7UvuXTkr8GsLz-IJtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:5840:fe::/48
Signature Algorithm: sha256WithRSAEncryption
72:ce:19:eb:74:56:a0:82:bc:e1:f6:57:50:38:64:ad:6a:9a:
6c:8e:e4:98:2c:70:2b:b5:3f:33:ad:7b:0b:1b:ab:7f:e9:e7:
f7:62:35:3b:df:49:7e:cc:a5:0a:b3:a7:d5:aa:59:cd:a0:bc:
ce:f3:d1:57:ef:83:14:76:e1:ec:24:aa:e8:a3:70:77:de:98:
a5:d1:11:b4:18:ce:55:e6:df:10:f7:ac:e5:02:03:45:3e:36:
31:f1:cd:72:4d:42:8c:4c:88:29:a8:be:7b:ef:c8:e8:71:77:
a3:c5:5a:89:0b:32:57:11:82:dc:1a:50:4b:29:07:8a:c9:05:
a2:8c:a0:d9:e8:c5:75:40:8a:49:6b:4e:4a:6a:f2:58:18:fd:
e6:61:ff:9f:6a:2d:0c:ee:9f:37:4d:84:b9:3b:97:19:ff:61:
ed:d3:94:58:4f:87:13:99:46:ca:d8:fe:f7:a1:5d:54:3a:71:
5b:4a:93:42:8a:cd:b6:79:23:45:e7:a4:ac:57:8d:80:05:4f:
12:9a:cf:bc:0b:4e:58:70:ef:d7:7b:6b:bf:46:47:c4:04:91:
03:40:a9:ef:40:d5:43:4a:46:1b:9d:e8:b1:59:f8:bc:4d:e8:
5d:69:a4:e1:2a:93:d2:a8:45:ab:8f:4b:70:1b:67:30:7e:d7:
9b:1d:6b:b7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQm2ZNFJpCBszXDEXgrD9RzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzcwNWU4OWJiNjViNDcyZTRlMDE4NGQ2ZmU5YmZiOGM1
ODYzNWEwHhcNMjUwMTAyMTE0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mjk3NDdmODI1MzhjN2I1MmZiOTc0ZTRhZmMxYWMyZjNmODgyNmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBEdvy5zZIrInYw/dDvgPN5AOIRj
g0NjiyqMegAsCRIi01DMDlkCn/UuJdm2JOzR89xmoviGk390lLzIHjc9XWxRiup7
0cEwknPEdwIIGp7m7RYr5jw49tYUax6kHCWo4gjeW8QBq4S/M6MqHL864jg04GYn
Un7I80uk8Y8g7XD9WCM3SAAXcsDSdL8SuaOgJROjs2VJMUH4Rao1kyl8+V9NH5Rq
MgKTx+rVtfrKZl0/ypldLp0z0MTUUzADRjyueQbLlDrNLOfhQSBUDdfYtR5CzWtz
JuKlrwQnRpxIGrk7F8Fs4KLVt1MDkO35qgjwOUqh+Wuk0GZ8y6FkGKXRiwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFKXR/glOMe1L7l05K/BrC8/iCbUMB8GA1UdIwQY
MBaAFPd3BeibtltHLk4BhNb+m/uMWGNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYt
NmNiODk3OTFkN2ZkLzEvVXBkSC1DVTR4N1V2dVhUa3I4R3NMei1JSnRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYtNmNiODk3OTFkN2Zk
LzEvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgNYQAD+
MA0GCSqGSIb3DQEBCwUAA4IBAQByzhnrdFaggrzh9ldQOGStappsjuSYLHArtT8z
rXsLG6t/6ef3YjU730l+zKUKs6fVqlnNoLzO89FX74MUduHsJKroo3B33pil0RG0
GM5V5t8Q96zlAgNFPjYx8c1yTUKMTIgpqL5778jocXejxVqJCzJXEYLcGlBLKQeK
yQWijKDZ6MV1QIpJa05KavJYGP3mYf+fai0M7p83TYS5O5cZ/2Ht05RYT4cTmUbK
2P73oV1UOnFbSpNCis22eSNF56SsV42ABU8Sms+8C05YcO/Xe2u/RkfEBJEDQKnv
QNVDSkYbneixWfi8TehdaaThKpPSqEWrj0twG2cwftebHWu3
-----END CERTIFICATE-----
Generated at Fri Apr 18 15:01:22 2025 by rpki-client