Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/uTZG8wFOMqaByNEo-1w_NmlePm8.roa
File: uTZG8wFOMqaByNEo-1w_NmlePm8.roa (raw, json)
Hash identifier: PkYZkKIm1Lj8HpA2eoI9cdMHxadCXTzcBbixQhWlins=
Subject key identifier: B9:36:46:F3:01:4E:32:A6:81:C8:D1:28:FB:5C:3F:36:69:5E:3E:6F
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0193D8F500C361850BCD790F04A3445B76EF
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/uTZG8wFOMqaByNEo-1w_NmlePm8.roa
Signing time: Wed 18 Dec 2024 08:49:15 +0000
ROA not before: Wed 18 Dec 2024 08:49:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54852
IP address blocks: 2a0f:1640::/29 maxlen: 29
2a0f:2a40::/29 maxlen: 29
2a0f:3140::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d8:f5:00:c3:61:85:0b:cd:79:0f:04:a3:44:5b:76:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 18 08:49:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b93646f3014e32a681c8d128fb5c3f36695e3e6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:fe:ec:1c:aa:7f:dd:ce:a5:c3:3b:f1:60:1a:
b0:02:a4:7c:76:28:d8:a1:43:4f:45:a1:df:62:71:
85:57:27:87:c7:f3:c0:80:a6:a4:29:09:30:4f:61:
fc:9f:43:5c:c6:42:0f:05:23:36:e3:7f:95:0b:ae:
39:61:ae:8f:e8:ef:a4:23:95:3e:40:54:f3:96:ae:
f0:8a:a5:8b:8a:4b:40:a6:51:42:79:d0:ea:36:9b:
c6:5d:59:a0:83:a7:b4:94:45:0b:ca:2e:78:24:32:
90:74:d9:15:11:f2:57:94:35:ee:cc:9a:78:82:69:
29:0c:4f:df:e7:e0:e6:53:c2:a3:ce:4a:23:15:9d:
e2:2a:ce:6a:dd:41:5a:a2:1b:60:4d:3b:ca:1f:02:
96:ba:6e:00:0a:4c:2b:b4:10:44:71:95:27:7f:6e:
89:40:14:b3:99:f8:2f:2b:37:d9:95:b6:a7:8c:fb:
be:91:cf:1b:14:61:93:50:aa:60:4a:df:c1:c6:29:
60:db:ff:0f:3a:84:ad:1c:ea:39:8a:af:f6:47:dd:
70:05:be:7f:19:02:60:ed:bd:9b:d2:c4:7b:95:d4:
30:57:a3:37:00:7f:24:3c:9c:f5:4b:44:89:60:24:
a7:41:c0:7d:0b:bc:99:14:fb:ad:ec:5e:4e:1a:5f:
94:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:36:46:F3:01:4E:32:A6:81:C8:D1:28:FB:5C:3F:36:69:5E:3E:6F
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/uTZG8wFOMqaByNEo-1w_NmlePm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1640::/29
2a0f:2a40::/29
2a0f:3140::/29
Signature Algorithm: sha256WithRSAEncryption
0e:34:d5:a8:6a:f2:72:a0:1c:74:e3:2d:70:8b:68:1a:7f:5c:
f0:2f:dc:ff:76:72:ad:5c:44:c3:42:3f:34:6f:5f:32:a0:a9:
8b:60:ff:52:d6:07:b4:52:18:5d:55:ee:de:4d:4d:c6:f8:1c:
66:88:de:e3:31:19:a1:2f:01:e3:39:fd:c7:b5:88:25:7b:62:
49:b8:8f:5e:4a:92:6a:55:64:7b:51:76:4c:07:56:36:68:b6:
d2:22:96:2d:7a:e8:0a:98:a1:a1:3d:6f:53:bb:ef:95:b0:04:
57:ae:13:48:b5:1d:29:a4:b1:05:f5:8b:45:5b:3a:9f:1e:23:
eb:b7:1a:94:69:c6:be:b5:9d:87:c0:74:61:1e:47:7c:dd:a1:
bc:d5:fd:88:af:5d:16:3f:5e:f7:55:ef:96:0f:da:b0:06:6b:
68:1f:38:1c:4e:a3:eb:2d:2a:a0:d9:09:b0:40:7b:63:e3:25:
ec:04:f1:4d:66:4b:c6:70:f1:0a:60:70:fa:80:01:2b:0d:aa:
34:2e:3a:c1:28:c6:39:70:c5:c2:7a:ca:e8:32:f7:d8:5f:26:
04:25:31:59:0b:9e:e1:51:9d:ca:49:35:bf:d4:87:1d:d5:3c:
56:4d:fc:6e:ec:44:d8:c0:24:c7:36:8d:a8:cf:d7:f0:83:a5:
69:31:c0:a8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZPY9QDDYYULzXkPBKNEW3bvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMjE4MDg0OTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTM2NDZmMzAxNGUzMmE2ODFjOGQxMjhmYjVjM2YzNjY5NWUzZTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApf7sHKp/3c6lwzvxYBqwAqR8dijY
oUNPRaHfYnGFVyeHx/PAgKakKQkwT2H8n0NcxkIPBSM243+VC645Ya6P6O+kI5U+
QFTzlq7wiqWLiktAplFCedDqNpvGXVmgg6e0lEULyi54JDKQdNkVEfJXlDXuzJp4
gmkpDE/f5+DmU8KjzkojFZ3iKs5q3UFaohtgTTvKHwKWum4ACkwrtBBEcZUnf26J
QBSzmfgvKzfZlbanjPu+kc8bFGGTUKpgSt/Bxilg2/8POoStHOo5iq/2R91wBb5/
GQJg7b2b0sR7ldQwV6M3AH8kPJz1S0SJYCSnQcB9C7yZFPut7F5OGl+UWwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLk2RvMBTjKmgcjRKPtcPzZpXj5vMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvdVRaRzh3Rk9NcWFCeU5Fby0xd19ObWxlUG04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg8WQAMF
AyoPKkADBQMqDzFAMA0GCSqGSIb3DQEBCwUAA4IBAQAONNWoavJyoBx04y1wi2ga
f1zwL9z/dnKtXETDQj80b18yoKmLYP9S1ge0UhhdVe7eTU3G+BxmiN7jMRmhLwHj
Of3HtYgle2JJuI9eSpJqVWR7UXZMB1Y2aLbSIpYteugKmKGhPW9Tu++VsARXrhNI
tR0ppLEF9YtFWzqfHiPrtxqUaca+tZ2HwHRhHkd83aG81f2Ir10WP173Ve+WD9qw
BmtoHzgcTqPrLSqg2QmwQHtj4yXsBPFNZkvGcPEKYHD6gAErDao0LjrBKMY5cMXC
esroMvfYXyYEJTFZC57hUZ3KSTW/1Icd1TxWTfxu7ETYwCTHNo2oz9fwg6VpMcCo
-----END CERTIFICATE-----
Generated at Tue Apr 22 00:06:33 2025 by rpki-client