Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/3ef96e-f8a6-4f9b-9bc7-fe26e899deb8/1/uNhK4cwW5g4-tu3ZVib4dOmUzxs.roa
File: uNhK4cwW5g4-tu3ZVib4dOmUzxs.roa (raw, json)
Hash identifier: oJI6IDck05XrOxOzEpC2ucaBXh3W49nsQvyDBgijjpY=
Subject key identifier: B8:D8:4A:E1:CC:16:E6:0E:3E:B6:ED:D9:56:26:F8:74:E9:94:CF:1B
Certificate issuer: /CN=20f81274f66bde89f12c243d09a9edc3e5b1e229
Certificate serial: 018CCA2AD1F9255256D03FEB4059992CFE45
Authority key identifier: 20:F8:12:74:F6:6B:DE:89:F1:2C:24:3D:09:A9:ED:C3:E5:B1:E2:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IPgSdPZr3onxLCQ9Cantw-Wx4ik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef96e-f8a6-4f9b-9bc7-fe26e899deb8/1/uNhK4cwW5g4-tu3ZVib4dOmUzxs.roa
Signing time: Tue 02 Jan 2024 12:34:13 +0000
ROA not before: Tue 02 Jan 2024 12:34:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207568
IP address blocks: 2.57.222.0/23 maxlen: 23
2a09:d9c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:d1:f9:25:52:56:d0:3f:eb:40:59:99:2c:fe:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20f81274f66bde89f12c243d09a9edc3e5b1e229
Validity
Not Before: Jan 2 12:34:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8d84ae1cc16e60e3eb6edd95626f874e994cf1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:d8:b1:59:84:68:61:7f:bf:89:e1:2e:be:e2:
c3:48:99:cc:62:f6:49:91:ff:da:18:31:58:3c:f1:
4b:e4:2d:4f:da:85:b8:3e:d9:00:0b:f6:0e:6c:f2:
ce:ca:c5:b2:85:ae:da:cb:08:f6:9a:d7:1d:b8:c0:
77:8f:9f:86:5b:e4:39:98:98:e1:d5:a8:28:11:c6:
2a:fd:04:45:5a:6b:ae:83:af:3b:3d:22:7b:d7:af:
be:ef:1b:80:0a:cf:54:db:1e:0e:b3:10:36:62:0e:
a2:aa:91:53:bc:10:f2:2c:bb:dc:1f:d3:bb:db:ce:
bc:e0:c1:ee:37:23:eb:57:63:a2:b2:e9:9b:cc:46:
73:69:ae:2a:ca:29:77:39:40:bd:fa:4d:b2:62:56:
ee:9c:e1:0f:e6:2f:8e:7a:62:cc:3b:67:87:c4:91:
33:f7:79:7d:52:13:98:6c:1e:c6:ee:d5:c3:1f:1a:
fd:3a:bb:20:c1:67:e1:77:6d:1f:58:a7:5c:97:46:
9a:09:ec:7e:7a:dd:35:38:8b:8a:82:89:60:2b:1a:
e3:16:4a:d9:1a:dc:b1:8c:00:c3:7d:27:ca:14:ee:
da:95:ff:f8:50:c8:38:be:61:c4:7e:68:a8:5c:66:
58:ce:b3:70:d3:fe:18:15:47:b0:87:9c:be:ae:7a:
c1:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:D8:4A:E1:CC:16:E6:0E:3E:B6:ED:D9:56:26:F8:74:E9:94:CF:1B
X509v3 Authority Key Identifier:
keyid:20:F8:12:74:F6:6B:DE:89:F1:2C:24:3D:09:A9:ED:C3:E5:B1:E2:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IPgSdPZr3onxLCQ9Cantw-Wx4ik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef96e-f8a6-4f9b-9bc7-fe26e899deb8/1/uNhK4cwW5g4-tu3ZVib4dOmUzxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef96e-f8a6-4f9b-9bc7-fe26e899deb8/1/IPgSdPZr3onxLCQ9Cantw-Wx4ik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.222.0/23
IPv6:
2a09:d9c0::/32
Signature Algorithm: sha256WithRSAEncryption
7b:82:0a:22:fb:01:49:88:89:fb:ff:44:f1:28:a6:ab:d1:d6:
19:eb:d6:52:bb:46:e4:53:50:38:2e:0b:35:2b:4b:c8:1c:b4:
a4:5c:f3:60:5a:d1:3f:a3:f1:60:af:16:bc:eb:6f:81:c7:54:
0c:88:04:0a:96:c4:49:9c:40:a4:ef:5b:aa:0a:be:56:f2:19:
79:5c:ea:ab:17:b2:fb:e4:85:6a:b2:b4:7b:56:d8:c4:26:b0:
b6:34:41:53:1a:1a:fd:07:66:ca:85:7d:f3:e7:5b:4c:20:dc:
61:65:e6:f1:8b:73:41:ef:2f:a2:37:74:0b:5b:f2:d1:1e:49:
f3:71:d8:8f:b4:82:87:f8:a8:b4:6f:db:fc:24:ee:bc:ab:75:
1d:ed:a1:15:ee:94:6b:98:34:5d:57:13:c0:ef:09:14:42:32:
4b:38:91:b4:2c:47:6f:fe:99:4e:3b:ad:6d:7f:3e:2d:29:18:
2a:24:b4:c7:a0:6d:83:f2:9b:a2:d0:da:0f:36:dd:44:14:51:
a8:96:a6:e0:73:ae:13:0d:df:6f:03:8b:c4:a4:d9:5d:a6:0f:
3c:01:1a:01:10:e1:6d:4d:9a:2a:28:12:f2:fb:51:bb:21:ea:
75:41:b5:85:4b:15:63:39:78:53:c1:9d:ab:6c:dc:a1:78:79:
1d:c0:a6:74
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKKtH5JVJW0D/rQFmZLP5FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZjgxMjc0ZjY2YmRlODlmMTJjMjQzZDA5YTllZGMzZTVi
MWUyMjkwHhcNMjQwMTAyMTIzNDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGQ4NGFlMWNjMTZlNjBlM2ViNmVkZDk1NjI2Zjg3NGU5OTRjZjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9ixWYRoYX+/ieEuvuLDSJnMYvZJ
kf/aGDFYPPFL5C1P2oW4PtkAC/YObPLOysWyha7aywj2mtcduMB3j5+GW+Q5mJjh
1agoEcYq/QRFWmuug687PSJ716++7xuACs9U2x4OsxA2Yg6iqpFTvBDyLLvcH9O7
28684MHuNyPrV2OisumbzEZzaa4qyil3OUC9+k2yYlbunOEP5i+OemLMO2eHxJEz
93l9UhOYbB7G7tXDHxr9OrsgwWfhd20fWKdcl0aaCex+et01OIuKgolgKxrjFkrZ
GtyxjADDfSfKFO7alf/4UMg4vmHEfmioXGZYzrNw0/4YFUewh5y+rnrBIQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLjYSuHMFuYOPrbt2VYm+HTplM8bMB8GA1UdIwQY
MBaAFCD4EnT2a96J8SwkPQmp7cPlseIpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVBnU2RQWnIzb254TENROUNhbnR3LVd4NGlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8zZWY5NmUtZjhhNi00ZjliLTliYzct
ZmUyNmU4OTlkZWI4LzEvdU5oSzRjd1c1ZzQtdHUzWlZpYjRkT21VenhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8zZWY5NmUtZjhhNi00ZjliLTliYzctZmUyNmU4OTlkZWI4
LzEvSVBnU2RQWnIzb254TENROUNhbnR3LVd4NGlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBAjneMA0E
AgACMAcDBQAqCdnAMA0GCSqGSIb3DQEBCwUAA4IBAQB7ggoi+wFJiIn7/0TxKKar
0dYZ69ZSu0bkU1A4Lgs1K0vIHLSkXPNgWtE/o/Fgrxa862+Bx1QMiAQKlsRJnECk
71uqCr5W8hl5XOqrF7L75IVqsrR7VtjEJrC2NEFTGhr9B2bKhX3z51tMINxhZebx
i3NB7y+iN3QLW/LRHknzcdiPtIKH+Ki0b9v8JO68q3Ud7aEV7pRrmDRdVxPA7wkU
QjJLOJG0LEdv/plOO61tfz4tKRgqJLTHoG2D8pui0NoPNt1EFFGolqbgc64TDd9v
A4vEpNldpg88ARoBEOFtTZoqKBLy+1G7Iep1QbWFSxVjOXhTwZ2rbNyheHkdwKZ0
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:34:24 2025 by rpki-client