Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/U5K4nZt5GwpnTogWsCIrDUe5GNA.roa
File: U5K4nZt5GwpnTogWsCIrDUe5GNA.roa (raw, json)
Hash identifier: Cp/pfeYsX04ai67Upci8F8qQXIjwLAutixRq9H+gCok=
Subject key identifier: 53:92:B8:9D:9B:79:1B:0A:67:4E:88:16:B0:22:2B:0D:47:B9:18:D0
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 0195F6E3F77AB30B7C29F8C3D7C39E8C803A
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/U5K4nZt5GwpnTogWsCIrDUe5GNA.roa
Signing time: Wed 02 Apr 2025 14:24:49 +0000
ROA not before: Wed 02 Apr 2025 14:24:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61400
IP address blocks: 2a11:643::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 07 Apr 2025 18:51:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f6:e3:f7:7a:b3:0b:7c:29:f8:c3:d7:c3:9e:8c:80:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Apr 2 14:24:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5392b89d9b791b0a674e8816b0222b0d47b918d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ab:ca:7f:35:68:d0:44:32:92:44:f7:a1:25:
f2:90:20:01:56:eb:bf:b4:1f:37:d2:70:e6:96:7d:
97:2f:2a:b8:8b:09:a1:22:ad:3e:19:9c:81:7c:d7:
a6:20:46:43:2d:28:3d:ba:a4:e5:8b:ef:c6:92:6e:
05:18:3e:13:6e:f9:13:69:d2:36:65:2f:17:b8:f1:
43:d1:4b:69:77:b9:53:98:00:8c:64:95:8f:5f:e0:
e8:a1:f8:22:7a:63:37:19:5f:93:ee:d1:88:d6:7c:
f2:94:0d:80:12:5c:2c:11:4c:8f:d8:50:e9:7a:b7:
e6:25:f1:87:fc:6f:ae:90:d6:9f:0b:d9:34:da:dd:
01:ee:21:c0:a3:80:7a:20:0e:62:e5:78:c2:46:fc:
5d:a3:73:e0:95:76:ef:2e:1c:dd:35:0c:a8:5a:79:
3e:8d:71:bd:64:4d:98:03:09:c1:83:14:94:9c:98:
81:ca:cb:3a:f6:af:06:bb:ed:00:14:69:15:81:fe:
a7:ef:60:b4:27:3c:03:8c:f9:d5:15:86:b5:4d:1e:
71:97:fb:ff:86:31:32:19:9b:f2:e8:12:e8:5b:f7:
88:12:9b:21:58:38:d1:16:3e:53:04:98:d5:bd:fd:
df:a9:c9:80:fd:34:9b:a3:3f:4f:50:81:b2:cf:62:
ae:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:92:B8:9D:9B:79:1B:0A:67:4E:88:16:B0:22:2B:0D:47:B9:18:D0
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/U5K4nZt5GwpnTogWsCIrDUe5GNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:643::/32
Signature Algorithm: sha256WithRSAEncryption
69:dd:4c:97:bf:8a:24:ac:06:bf:71:a3:40:c7:72:5f:1c:67:
66:48:b6:79:fc:7a:68:cb:ae:80:d1:48:79:f7:c7:46:b2:eb:
54:19:02:89:63:a8:8e:56:04:52:c8:54:38:33:6d:19:71:1c:
b5:5e:b5:c8:65:52:68:25:84:21:8f:c2:d5:34:7c:60:2e:dd:
33:3c:1a:83:02:0a:2f:7c:f8:61:7d:c1:f3:08:44:22:2c:03:
bf:7e:14:05:6c:f2:86:18:06:8d:18:c2:9e:35:f7:ff:18:fb:
3b:74:c2:39:ff:4f:91:72:34:96:fd:58:00:d5:47:36:ed:42:
d2:8a:24:57:76:4a:a7:d4:f5:87:2a:d5:9a:18:44:fe:e8:3a:
8a:91:1a:e7:64:1b:2b:61:c3:46:d0:7f:36:54:2b:27:20:d7:
48:a9:6b:72:6a:2d:e0:02:be:a3:67:e6:9d:fa:5d:df:49:ea:
66:0d:7f:3f:ad:70:3a:cc:88:db:4b:8f:9f:d5:ef:f5:a0:64:
f2:d4:e0:f4:67:c4:89:1c:92:8a:bb:e5:c8:da:19:02:dd:bd:
c2:0e:6c:0e:7f:24:3e:a5:cb:43:aa:be:a5:52:31:98:10:34:
b2:a3:8c:c5:47:ae:09:81:42:72:98:66:ab:69:c3:a5:6a:bc:
96:84:36:0e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZX24/d6swt8KfjD18OejIA6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwNDAyMTQyNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzkyYjg5ZDliNzkxYjBhNjc0ZTg4MTZiMDIyMmIwZDQ3YjkxOGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqavKfzVo0EQykkT3oSXykCABVuu/
tB830nDmln2XLyq4iwmhIq0+GZyBfNemIEZDLSg9uqTli+/Gkm4FGD4TbvkTadI2
ZS8XuPFD0Utpd7lTmACMZJWPX+DoofgiemM3GV+T7tGI1nzylA2AElwsEUyP2FDp
erfmJfGH/G+ukNafC9k02t0B7iHAo4B6IA5i5XjCRvxdo3PglXbvLhzdNQyoWnk+
jXG9ZE2YAwnBgxSUnJiByss69q8Gu+0AFGkVgf6n72C0JzwDjPnVFYa1TR5xl/v/
hjEyGZvy6BLoW/eIEpshWDjRFj5TBJjVvf3fqcmA/TSboz9PUIGyz2KuYQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFOSuJ2beRsKZ06IFrAiKw1HuRjQMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvVTVLNG5adDVHd3BuVG9nV3NDSXJEVWU1R05BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhEGQzAN
BgkqhkiG9w0BAQsFAAOCAQEAad1Ml7+KJKwGv3GjQMdyXxxnZki2efx6aMuugNFI
effHRrLrVBkCiWOojlYEUshUODNtGXEctV61yGVSaCWEIY/C1TR8YC7dMzwagwIK
L3z4YX3B8whEIiwDv34UBWzyhhgGjRjCnjX3/xj7O3TCOf9PkXI0lv1YANVHNu1C
0ookV3ZKp9T1hyrVmhhE/ug6ipEa52QbK2HDRtB/NlQrJyDXSKlrcmot4AK+o2fm
nfpd30nqZg1/P61wOsyI20uPn9Xv9aBk8tTg9GfEiRySirvlyNoZAt29wg5sDn8k
PqXLQ6q+pVIxmBA0sqOMxUeuCYFCcphmq2nDpWq8loQ2Dg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 13:23:19 2025 by rpki-client