Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/UpND2q8IetoBvMWXRnuQjURY3pM.roa
File: UpND2q8IetoBvMWXRnuQjURY3pM.roa (raw, json)
Hash identifier: 4e5LUb1KAn9tiza0t0Y25qTXXo/Aqc0EFKvuU1i5NsQ=
Subject key identifier: 52:93:43:DA:AF:08:7A:DA:01:BC:C5:97:46:7B:90:8D:44:58:DE:93
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018FBB28107196E060F01183E4B61E2DE28F
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/UpND2q8IetoBvMWXRnuQjURY3pM.roa
Signing time: Mon 27 May 2024 17:45:15 +0000
ROA not before: Mon 27 May 2024 17:45:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 2a0a:2d02::/32 maxlen: 48
2a0f:3d80:123::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 15 Aug 2024 09:37:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:bb:28:10:71:96:e0:60:f0:11:83:e4:b6:1e:2d:e2:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 27 17:45:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=529343daaf087ada01bcc597467b908d4458de93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:81:a2:d5:17:06:25:44:54:18:10:a4:84:1e:
ac:cb:99:59:cb:29:7d:0b:3c:2d:9d:cb:df:70:27:
11:3a:70:72:54:23:f5:e7:9f:04:2a:fd:f8:29:f8:
3f:2c:ed:02:ec:03:27:4a:c7:8f:b0:73:fe:56:9c:
32:1d:f3:fe:4f:d7:ad:88:b7:8b:96:9d:b4:7a:66:
ec:b8:fc:b4:31:7c:bb:bf:8a:42:68:00:5b:da:2c:
ff:32:38:ba:70:fc:fe:47:da:51:8f:8e:53:b8:9b:
dd:71:bf:b9:33:dc:c0:47:41:97:31:a8:21:ff:85:
f1:16:f2:2f:53:7b:a1:ce:19:0c:93:55:55:a1:93:
66:90:8c:08:36:2a:07:54:01:bf:d8:c3:ca:7e:e8:
75:a4:73:aa:e5:91:cc:87:3d:37:05:95:83:bd:b2:
41:50:08:81:c3:39:9f:96:17:8b:24:49:2e:27:04:
30:18:4e:c7:77:3d:f1:1a:2a:b0:73:c3:a1:d4:22:
8f:4d:7a:3e:c9:28:89:a7:a5:91:0b:8d:c7:66:f1:
2f:9c:99:4a:fa:2c:ed:0a:9f:88:ed:c1:65:69:c8:
2c:36:1a:32:78:f7:5d:ea:26:a6:51:c1:30:6d:31:
9d:fa:d7:1f:2b:75:80:35:f1:02:e6:28:ec:cd:6c:
74:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:93:43:DA:AF:08:7A:DA:01:BC:C5:97:46:7B:90:8D:44:58:DE:93
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/UpND2q8IetoBvMWXRnuQjURY3pM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2d02::/32
2a0f:3d80:123::/48
Signature Algorithm: sha256WithRSAEncryption
5e:ab:eb:f7:50:d7:16:38:a8:d7:16:37:3e:c9:1b:29:50:e6:
f5:e7:08:34:71:cd:f1:fc:b2:47:63:02:c3:03:06:9c:2a:ec:
61:64:c1:fe:8a:f6:7a:63:c8:f7:a9:c3:0f:71:44:c3:05:85:
fd:a9:01:e6:09:c3:46:f1:89:fd:77:f1:28:a5:7f:76:d2:30:
9a:0e:be:6e:b9:73:28:ca:91:d0:d4:c8:1a:82:f5:51:a7:d8:
89:8a:e4:98:18:e5:94:b3:51:c8:64:76:ff:70:dd:9b:6e:f0:
4a:48:d4:1c:39:8b:74:f6:d9:7d:e5:c9:05:54:a8:9b:af:02:
5a:cb:20:e6:fd:a4:67:b1:e9:5f:bb:ab:ec:a8:b6:19:71:79:
f3:50:41:6d:de:3b:d2:9a:0e:2b:2b:57:42:32:39:fc:d2:14:
bf:f0:9b:f1:a1:b8:73:82:fe:21:8a:f1:11:89:44:2d:37:66:
1f:9a:5d:8c:b9:99:6a:4f:f5:1d:9c:03:f5:08:d6:19:62:a1:
32:1c:a1:d9:45:5b:19:55:67:01:fd:8c:47:70:b2:e7:14:97:
f2:a5:c8:85:0d:1f:dd:fe:26:00:4c:11:bc:9f:93:47:81:73:
69:4b:a3:f0:05:44:60:8d:7d:5a:cd:08:18:cb:4a:be:5c:4d:
f2:e3:d7:e9
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAY+7KBBxluBg8BGD5LYeLeKPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNTI3MTc0NTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjkzNDNkYWFmMDg3YWRhMDFiY2M1OTc0NjdiOTA4ZDQ0NThkZTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIGi1RcGJURUGBCkhB6sy5lZyyl9
CzwtncvfcCcROnByVCP1558EKv34Kfg/LO0C7AMnSsePsHP+VpwyHfP+T9etiLeL
lp20embsuPy0MXy7v4pCaABb2iz/Mji6cPz+R9pRj45TuJvdcb+5M9zAR0GXMagh
/4XxFvIvU3uhzhkMk1VVoZNmkIwINioHVAG/2MPKfuh1pHOq5ZHMhz03BZWDvbJB
UAiBwzmflheLJEkuJwQwGE7Hdz3xGiqwc8Oh1CKPTXo+ySiJp6WRC43HZvEvnJlK
+iztCp+I7cFlacgsNhoyePdd6iamUcEwbTGd+tcfK3WANfEC5ijszWx0aQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFFKTQ9qvCHraAbzFl0Z7kI1EWN6TMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvVXBORDJxOElldG9Cdk1XWFJudVFqVVJZM3BNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwUAKgotAgMH
ACoPPYABIzANBgkqhkiG9w0BAQsFAAOCAQEAXqvr91DXFjio1xY3PskbKVDm9ecI
NHHN8fyyR2MCwwMGnCrsYWTB/or2emPI96nDD3FEwwWF/akB5gnDRvGJ/XfxKKV/
dtIwmg6+brlzKMqR0NTIGoL1UafYiYrkmBjllLNRyGR2/3Ddm27wSkjUHDmLdPbZ
feXJBVSom68CWssg5v2kZ7HpX7ur7Ki2GXF581BBbd470poOKytXQjI5/NIUv/Cb
8aG4c4L+IYrxEYlELTdmH5pdjLmZak/1HZwD9QjWGWKhMhyh2UVbGVVnAf2MR3Cy
5xSX8qXIhQ0f3f4mAEwRvJ+TR4FzaUuj8AVEYI19Ws0IGMtKvlxN8uPX6Q==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:01:11 2025 by rpki-client