Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/U_UFqvjHmbZ73c-gz67t65_SD48.roa
File: U_UFqvjHmbZ73c-gz67t65_SD48.roa (raw, json)
Hash identifier: zkOj2Ot1IS1VUXtiGKk/jBoXnRXxZMRe+iW1iL3j4Ik=
Subject key identifier: 53:F5:05:AA:F8:C7:99:B6:7B:DD:CF:A0:CF:AE:ED:EB:9F:D2:0F:8F
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01917E422DE980E148C557E5BB8C9C73F5BE
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/U_UFqvjHmbZ73c-gz67t65_SD48.roa
Signing time: Fri 23 Aug 2024 08:02:31 +0000
ROA not before: Fri 23 Aug 2024 08:02:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199925
IP address blocks: 2a0d:b740::/29 maxlen: 29
2a0f:1480::/29 maxlen: 29
2a0f:28c0::/29 maxlen: 29
2a0f:e040::/29 maxlen: 29
2a13:2b40::/29 maxlen: 32
Validation: Failed, certificate revoked on Fri 20 Sep 2024 08:55:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7e:42:2d:e9:80:e1:48:c5:57:e5:bb:8c:9c:73:f5:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 23 08:02:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53f505aaf8c799b67bddcfa0cfaeedeb9fd20f8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:7d:d1:f6:09:bf:b9:49:65:05:60:1b:07:ea:
4f:c9:d5:4b:86:6f:89:12:70:b7:2e:21:91:1b:d9:
26:38:35:40:b6:d0:dc:09:d9:3a:82:21:17:6f:75:
e1:ad:61:59:09:20:8e:b4:bf:b6:33:9b:56:6b:e2:
46:f9:80:cf:ec:92:07:8d:b7:6e:59:c3:3f:43:43:
cd:36:7e:b3:1b:ab:49:82:00:9f:7a:78:72:16:e9:
15:69:4c:36:c5:f2:b8:7f:6c:02:c3:d5:1b:dd:13:
f7:48:27:e8:20:e1:c5:18:6c:4a:33:5f:af:46:fe:
17:1d:39:89:a3:93:63:08:7b:33:05:8d:be:29:c3:
bb:78:0c:eb:0c:6f:c6:94:2f:48:6c:9f:94:ad:e3:
c6:92:d2:cc:e2:c8:a7:0c:cd:8e:0f:ad:56:d8:d8:
d7:a1:88:9f:8b:03:9a:01:a3:3a:bf:15:57:c8:94:
9a:95:df:02:4d:dd:0c:4f:6d:b9:fb:e8:a9:65:f8:
f4:43:ad:20:30:bd:53:3b:00:4d:a6:1d:bc:f3:03:
69:2a:0f:15:16:4a:6f:37:ba:e6:4a:7c:08:4b:fc:
74:f0:6e:69:cc:cd:35:7e:36:e1:96:c9:80:84:aa:
48:37:27:1f:64:55:bc:61:21:67:f6:62:0e:f4:6b:
76:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:F5:05:AA:F8:C7:99:B6:7B:DD:CF:A0:CF:AE:ED:EB:9F:D2:0F:8F
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/U_UFqvjHmbZ73c-gz67t65_SD48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b740::/29
2a0f:1480::/29
2a0f:28c0::/29
2a0f:e040::/29
2a13:2b40::/29
Signature Algorithm: sha256WithRSAEncryption
11:a2:f7:3b:37:57:9a:80:e3:a3:56:26:c3:cd:2f:fb:d2:dc:
eb:61:2f:08:9e:3e:f9:77:55:9b:71:63:ff:7f:28:12:71:f2:
6b:34:15:0e:fb:f0:cb:05:f0:54:d1:91:83:cb:68:38:3e:bc:
fd:c2:23:7e:d8:8c:27:28:db:74:f0:81:69:b0:b8:42:e6:b2:
fb:0b:b1:5d:8a:91:91:be:75:40:f6:f1:9f:de:c5:3d:e1:ac:
60:a3:1c:c4:95:88:24:ec:9f:35:57:d3:e6:70:fd:e6:87:fe:
23:0b:3d:6d:85:60:e6:2b:b8:3f:96:1d:32:a5:18:62:c4:bc:
89:d8:9f:6c:cb:c5:b2:bf:04:27:27:78:76:30:a5:e9:d4:d2:
e3:12:80:8e:4a:29:b8:2d:02:40:21:b0:36:c5:6d:d2:8d:01:
f7:8e:15:df:cb:a5:04:4e:dd:80:e1:2c:79:0b:ae:00:19:ef:
82:85:f0:eb:6d:4d:f3:1e:81:12:64:47:5e:cf:4a:87:5d:ab:
ac:e6:25:a0:e9:81:1c:db:3a:cc:73:87:73:25:25:1d:eb:82:
c0:a6:f3:1c:cb:31:84:b8:e4:39:4f:0f:41:46:1e:43:67:fd:
d0:3a:82:24:e2:81:e0:8a:6d:fc:6b:84:33:76:2d:eb:7e:ac:
f1:4c:c5:38
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZF+Qi3pgOFIxVflu4ycc/W+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwODIzMDgwMjMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2Y1MDVhYWY4Yzc5OWI2N2JkZGNmYTBjZmFlZWRlYjlmZDIwZjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5H3R9gm/uUllBWAbB+pPydVLhm+J
EnC3LiGRG9kmODVAttDcCdk6giEXb3XhrWFZCSCOtL+2M5tWa+JG+YDP7JIHjbdu
WcM/Q0PNNn6zG6tJggCfenhyFukVaUw2xfK4f2wCw9Ub3RP3SCfoIOHFGGxKM1+v
Rv4XHTmJo5NjCHszBY2+KcO7eAzrDG/GlC9IbJ+UrePGktLM4sinDM2OD61W2NjX
oYifiwOaAaM6vxVXyJSald8CTd0MT225++ipZfj0Q60gML1TOwBNph288wNpKg8V
FkpvN7rmSnwIS/x08G5pzM01fjbhlsmAhKpINycfZFW8YSFn9mIO9Gt2YQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFFP1Bar4x5m2e93PoM+u7euf0g+PMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvVV9VRnF2akhtYlo3M2MtZ3o2N3Q2NV9TRDQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKg23QAMF
AyoPFIADBQMqDyjAAwUDKg/gQAMFAyoTK0AwDQYJKoZIhvcNAQELBQADggEBABGi
9zs3V5qA46NWJsPNL/vS3OthLwiePvl3VZtxY/9/KBJx8ms0FQ778MsF8FTRkYPL
aDg+vP3CI37YjCco23TwgWmwuELmsvsLsV2KkZG+dUD28Z/exT3hrGCjHMSViCTs
nzVX0+Zw/eaH/iMLPW2FYOYruD+WHTKlGGLEvInYn2zLxbK/BCcneHYwpenU0uMS
gI5KKbgtAkAhsDbFbdKNAfeOFd/LpQRO3YDhLHkLrgAZ74KF8OttTfMegRJkR17P
Soddq6zmJaDpgRzbOsxzh3MlJR3rgsCm8xzLMYS45DlPD0FGHkNn/dA6giTigeCK
bfxrhDN2Let+rPFMxTg=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:00:45 2025 by rpki-client