Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/UldAo54quMPtb7Jk4whucxO17j8.roa
File: UldAo54quMPtb7Jk4whucxO17j8.roa (raw, json)
Hash identifier: KFvqBAZ54mmaDru7RxS30A0kTI6zR9unRS7Dm6E5YWk=
Subject key identifier: 52:57:40:A3:9E:2A:B8:C3:ED:6F:B2:64:E3:08:6E:73:13:B5:EE:3F
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 01930148FFBFA5A4779F5250D875DCEDFAD3
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/UldAo54quMPtb7Jk4whucxO17j8.roa
Signing time: Wed 06 Nov 2024 11:43:01 +0000
ROA not before: Wed 06 Nov 2024 11:43:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 217.25.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:01:48:ff:bf:a5:a4:77:9f:52:50:d8:75:dc:ed:fa:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Nov 6 11:43:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=525740a39e2ab8c3ed6fb264e3086e7313b5ee3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:13:f0:ca:d2:ce:bd:ed:c4:57:77:7f:1a:9b:
82:95:19:1c:5f:5c:33:fa:0b:40:eb:c2:6c:1f:5e:
d9:68:7e:a7:45:df:6a:37:da:f1:a4:a2:66:43:5b:
58:8e:07:14:46:cd:3c:f1:60:82:4e:08:4e:3c:42:
a8:c6:69:3b:e4:cf:61:02:74:69:f8:ec:05:e5:70:
3a:54:56:f0:2f:68:3f:c4:e6:63:2f:a3:a6:bb:a2:
04:a4:2c:1a:fe:35:e1:91:46:af:1f:5c:79:c2:a8:
4d:8f:39:51:0f:c4:82:06:0f:39:96:8d:29:9e:fc:
ef:0a:25:20:80:14:30:a9:50:82:87:f4:52:e8:19:
70:41:e9:b3:8c:e6:07:f2:b4:e6:2a:17:67:4b:65:
fc:bd:ae:8a:47:03:8f:13:07:1a:6d:83:f9:d0:d5:
33:3f:26:a5:25:83:fe:ee:53:50:89:c8:db:55:95:
91:77:bb:92:41:8d:f4:12:1f:43:7c:e8:08:18:8f:
70:2c:90:ef:a1:fe:32:ad:ea:54:03:9e:05:66:5e:
bf:47:58:d7:db:c1:9f:e9:67:0e:03:e8:bf:fd:a9:
72:fb:a4:ff:3f:07:85:b4:0f:4c:7b:4a:88:b9:6a:
5a:10:d9:c0:1f:36:fb:12:f7:5e:93:8f:83:1e:2a:
59:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:57:40:A3:9E:2A:B8:C3:ED:6F:B2:64:E3:08:6E:73:13:B5:EE:3F
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/UldAo54quMPtb7Jk4whucxO17j8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.25.12.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:00:00:bc:ef:60:7b:f5:b9:31:82:d2:f8:af:09:46:fa:c7:
ac:13:66:0b:8b:67:6e:29:7b:6d:11:8c:b5:6f:51:8a:f3:c6:
99:93:6c:c1:25:34:57:2d:14:f4:00:65:a3:c3:cd:2b:c8:f0:
d4:21:b2:65:37:c3:41:fb:a8:e6:ac:f6:13:eb:6f:ab:70:a7:
1c:1a:2a:7e:1f:8c:91:b9:ad:cb:c4:f8:ea:a5:3c:5f:ba:1b:
f5:aa:70:56:9c:e0:db:a8:57:f5:40:75:34:01:66:81:4b:3d:
ac:7e:d4:dd:1e:bb:42:ce:a7:eb:2d:3c:ff:ec:e3:e5:09:1f:
89:9d:50:cc:67:c5:2d:cb:de:e9:2b:6f:f6:16:79:d7:ac:b1:
f4:ac:77:f0:27:30:7d:e4:12:59:75:e8:86:85:92:18:cd:81:
71:74:4f:9c:c7:84:99:87:fe:71:60:6e:e5:d9:4c:f1:61:6d:
b5:33:87:f7:62:15:8c:a7:75:fc:04:13:bb:aa:0b:03:ec:03:
b1:c3:cd:b6:e5:07:89:59:47:01:59:21:22:7e:45:b8:e7:95:
e7:b1:6b:46:82:8a:5d:50:c6:cc:f2:14:e2:68:3a:d9:85:e7:
cf:ab:fa:29:67:9d:81:71:3e:36:6c:21:50:fa:a2:5b:e0:f0:
db:42:74:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZMBSP+/paR3n1JQ2HXc7frTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjQxMTA2MTE0MzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjU3NDBhMzllMmFiOGMzZWQ2ZmIyNjRlMzA4NmU3MzEzYjVlZTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxPwytLOve3EV3d/GpuClRkcX1wz
+gtA68JsH17ZaH6nRd9qN9rxpKJmQ1tYjgcURs088WCCTghOPEKoxmk75M9hAnRp
+OwF5XA6VFbwL2g/xOZjL6Omu6IEpCwa/jXhkUavH1x5wqhNjzlRD8SCBg85lo0p
nvzvCiUggBQwqVCCh/RS6BlwQemzjOYH8rTmKhdnS2X8va6KRwOPEwcabYP50NUz
PyalJYP+7lNQicjbVZWRd7uSQY30Eh9DfOgIGI9wLJDvof4yrepUA54FZl6/R1jX
28Gf6WcOA+i//aly+6T/PweFtA9Me0qIuWpaENnAHzb7Evdek4+DHipZOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFJXQKOeKrjD7W+yZOMIbnMTte4/MB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvVWxkQW81NHF1TVB0YjdKazR3aHVjeE8xN2o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RkMMA0G
CSqGSIb3DQEBCwUAA4IBAQClAAC872B79bkxgtL4rwlG+sesE2YLi2duKXttEYy1
b1GK88aZk2zBJTRXLRT0AGWjw80ryPDUIbJlN8NB+6jmrPYT62+rcKccGip+H4yR
ua3LxPjqpTxfuhv1qnBWnODbqFf1QHU0AWaBSz2sftTdHrtCzqfrLTz/7OPlCR+J
nVDMZ8Uty97pK2/2FnnXrLH0rHfwJzB95BJZdeiGhZIYzYFxdE+cx4SZh/5xYG7l
2UzxYW21M4f3YhWMp3X8BBO7qgsD7AOxw8225QeJWUcBWSEifkW455XnsWtGgopd
UMbM8hTiaDrZhefPq/opZ52BcT42bCFQ+qJb4PDbQnRj
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:49:09 2025 by rpki-client