Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/rUfqQ5k_-DxyCLkM2UlYXpBNfKI.roa
File: rUfqQ5k_-DxyCLkM2UlYXpBNfKI.roa (raw, json)
Hash identifier: TbUWvM3hd8KzDimHuU9YtF1BIb/ShCsvRSjXgxe1wUk=
Subject key identifier: AD:47:EA:43:99:3F:F8:3C:72:08:B9:0C:D9:49:58:5E:90:4D:7C:A2
Certificate issuer: /CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Certificate serial: 0196169E4069D3605B4A5B642901A32CC78A
Authority key identifier: CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/rUfqQ5k_-DxyCLkM2UlYXpBNfKI.roa
Signing time: Tue 08 Apr 2025 18:16:31 +0000
ROA not before: Tue 08 Apr 2025 18:16:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a0a:c382::/32 maxlen: 32
2a11:2080::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 09 Apr 2025 17:22:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:16:9e:40:69:d3:60:5b:4a:5b:64:29:01:a3:2c:c7:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Validity
Not Before: Apr 8 18:16:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad47ea43993ff83c7208b90cd949585e904d7ca2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:79:5b:5a:3c:63:10:f7:a4:f6:22:df:6e:16:
e9:0b:7d:8b:51:07:e9:35:e3:99:3b:cd:58:f3:ed:
ed:f3:41:b7:fd:f0:69:15:04:af:fd:55:59:6e:81:
dd:ba:c4:a6:b0:e7:5a:1a:ed:ae:e1:7e:91:62:e4:
3a:13:d5:45:33:e9:62:75:ad:d7:4b:dd:95:12:77:
4e:c4:96:23:88:d5:dc:96:65:56:7c:e4:8f:bf:cd:
2b:87:ae:c3:63:75:f9:ad:34:99:6e:5f:56:7f:52:
42:69:17:5f:95:ca:cd:a9:2f:ce:d6:b3:47:0b:92:
73:95:7e:1d:a6:34:ea:24:4b:93:14:1a:dc:16:58:
8d:fb:9e:e4:db:5f:93:1c:cb:ec:08:22:1b:06:09:
1c:49:6f:19:fb:02:85:f0:91:2a:e2:bc:42:e2:4c:
cf:c1:e0:75:bd:44:79:99:9f:be:a9:ee:71:41:17:
7d:90:f8:46:88:5d:99:95:88:5b:3d:8e:dc:95:ef:
63:71:91:d7:c0:3c:d7:b4:d1:ab:1f:13:24:67:46:
2c:91:bf:bf:eb:12:86:e3:f1:29:f9:18:50:22:a1:
54:fe:a8:9b:f7:ab:a0:22:22:76:95:e1:27:da:11:
f7:9c:43:42:dd:1e:0d:bb:15:62:38:ad:20:a9:dd:
a7:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:47:EA:43:99:3F:F8:3C:72:08:B9:0C:D9:49:58:5E:90:4D:7C:A2
X509v3 Authority Key Identifier:
keyid:CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/rUfqQ5k_-DxyCLkM2UlYXpBNfKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:c382::/32
2a11:2080::/32
Signature Algorithm: sha256WithRSAEncryption
1e:3a:f2:92:8e:2a:6e:49:0f:5a:7e:bd:db:0d:7e:79:89:9b:
25:72:de:f3:12:ea:65:88:8d:42:b7:bc:17:32:be:18:78:ab:
66:c4:1d:a0:e7:5d:a3:66:41:ac:dd:0f:b0:71:f5:d6:2a:df:
a7:de:08:5f:13:e0:d8:4f:20:12:7b:bd:d2:ca:e1:06:c2:85:
0d:0c:fc:8b:fb:4f:c2:a6:a2:e6:b6:20:69:00:1b:d2:60:da:
dd:58:a1:6c:bd:b7:77:77:82:1a:c0:c9:96:b8:60:50:aa:60:
69:1f:6a:96:75:4e:bb:78:b6:72:e2:5b:c3:25:17:8a:ef:68:
aa:d4:73:97:e4:d0:a2:43:a2:ae:c2:f0:72:d8:a9:62:57:87:
d8:d9:4a:0b:6d:9d:ca:66:d1:0d:0b:a0:d6:74:18:df:4a:fc:
ec:c5:c7:0a:7d:fc:c0:30:2e:89:d2:6e:c1:ec:c3:ad:da:f9:
26:1f:28:80:15:62:ce:a1:d6:16:ab:67:3c:35:fc:a3:58:7d:
44:84:dc:7f:10:7c:4e:e7:6b:b6:fd:53:5a:f1:5a:df:e5:b9:
fe:04:32:6d:15:79:a3:c6:10:03:c7:36:39:7a:eb:7f:99:06:
6e:57:d3:c1:8c:e4:73:a6:be:52:b8:f2:81:98:cf:83:b8:d8:
c6:30:38:11
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZYWnkBp02BbSltkKQGjLMeKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOWNjZDgzMGI3ZTAzMzA4YmY1Y2YyNWU2N2E3ZmMyYmRl
MDk1N2MwHhcNMjUwNDA4MTgxNjMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDQ3ZWE0Mzk5M2ZmODNjNzIwOGI5MGNkOTQ5NTg1ZTkwNGQ3Y2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3lbWjxjEPek9iLfbhbpC32LUQfp
NeOZO81Y8+3t80G3/fBpFQSv/VVZboHdusSmsOdaGu2u4X6RYuQ6E9VFM+lida3X
S92VEndOxJYjiNXclmVWfOSPv80rh67DY3X5rTSZbl9Wf1JCaRdflcrNqS/O1rNH
C5JzlX4dpjTqJEuTFBrcFliN+57k21+THMvsCCIbBgkcSW8Z+wKF8JEq4rxC4kzP
weB1vUR5mZ++qe5xQRd9kPhGiF2ZlYhbPY7cle9jcZHXwDzXtNGrHxMkZ0Yskb+/
6xKG4/Ep+RhQIqFU/qib96ugIiJ2leEn2hH3nENC3R4NuxViOK0gqd2nAQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFK1H6kOZP/g8cgi5DNlJWF6QTXyiMB8GA1UdIwQY
MBaAFMqczYMLfgMwi/XPJeZ6f8K94JV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQt
ZDFjZGUyNDY1Zjg5LzEvclVmcVE1a18tRHh5Q0xrTTJVbFlYcEJOZktJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQtZDFjZGUyNDY1Zjg5
LzEveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgrDggMF
ACoRIIAwDQYJKoZIhvcNAQELBQADggEBAB468pKOKm5JD1p+vdsNfnmJmyVy3vMS
6mWIjUK3vBcyvhh4q2bEHaDnXaNmQazdD7Bx9dYq36feCF8T4NhPIBJ7vdLK4QbC
hQ0M/Iv7T8Kmoua2IGkAG9Jg2t1YoWy9t3d3ghrAyZa4YFCqYGkfapZ1Trt4tnLi
W8MlF4rvaKrUc5fk0KJDoq7C8HLYqWJXh9jZSgttncpm0Q0LoNZ0GN9K/OzFxwp9
/MAwLonSbsHsw63a+SYfKIAVYs6h1harZzw1/KNYfUSE3H8QfE7na7b9U1rxWt/l
uf4EMm0VeaPGEAPHNjl663+ZBm5X08GM5HOmvlK48oGYz4O42MYwOBE=
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:52:21 2025 by rpki-client