Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/UDfRUwuizge0_FX4bS7xFx5Bdd4.roa
File: UDfRUwuizge0_FX4bS7xFx5Bdd4.roa (raw, json)
Hash identifier: wQxAxiWoMNBK0VbCGlph0c/FaNNe2v/vuOeRExSv0pg=
Subject key identifier: 50:37:D1:53:0B:A2:CE:07:B4:FC:55:F8:6D:2E:F1:17:1E:41:75:DE
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 0195868177D4E9EE893C7C46E7DAF59CE080
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/UDfRUwuizge0_FX4bS7xFx5Bdd4.roa
Signing time: Tue 11 Mar 2025 18:39:46 +0000
ROA not before: Tue 11 Mar 2025 18:39:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 2a09:af86::/32 maxlen: 32
2a0e:3f46::/32 maxlen: 32
2a0e:3f47::/32 maxlen: 32
2a0e:5886::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 12 Mar 2025 15:56:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:86:81:77:d4:e9:ee:89:3c:7c:46:e7:da:f5:9c:e0:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Mar 11 18:39:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5037d1530ba2ce07b4fc55f86d2ef1171e4175de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ef:b4:d8:b4:69:1d:a8:12:7c:48:40:f0:94:
a9:48:ba:df:4a:35:7a:03:15:75:ad:71:59:21:ea:
eb:4a:5a:d6:97:16:99:13:c9:bb:c0:dd:f0:b3:0c:
b7:9a:65:4b:ca:0c:f0:f9:34:c6:cd:71:91:3b:ca:
2e:fe:b5:c0:48:e2:56:21:29:99:d6:03:5d:76:22:
53:d7:e2:58:cb:11:56:1f:0d:1e:0b:23:75:5a:68:
c0:7a:f5:90:8a:86:98:75:05:e1:9a:31:6e:d5:fb:
0a:9a:a9:56:77:fd:c0:ba:b3:f3:30:0a:f7:2b:8f:
ee:42:bc:3f:f2:0b:f1:4e:5b:28:ad:97:70:76:f4:
2b:25:1e:1e:ae:96:56:22:84:c0:ec:cc:6d:fb:b0:
e6:db:16:3c:6b:a7:8a:b2:79:b2:c7:65:da:84:33:
b7:fe:ce:c2:6e:5d:cf:52:e9:3d:6a:12:45:68:89:
c8:70:20:64:7a:f7:ff:39:c0:fc:ff:34:26:cf:b1:
51:17:99:9f:ed:bd:15:b8:42:ad:cd:c3:7b:25:af:
d1:4e:13:36:68:68:5c:bd:d4:88:20:4d:b3:6b:d1:
3b:c5:07:0b:d6:17:9d:7a:67:14:f0:f9:df:a1:5f:
92:91:a0:d9:61:ea:fb:80:55:85:5e:cc:ba:90:79:
6c:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:37:D1:53:0B:A2:CE:07:B4:FC:55:F8:6D:2E:F1:17:1E:41:75:DE
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/UDfRUwuizge0_FX4bS7xFx5Bdd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:af86::/32
2a0e:3f46::/31
2a0e:5886::/32
Signature Algorithm: sha256WithRSAEncryption
45:54:4a:bc:1b:04:e9:9e:db:29:f4:4f:29:4e:ef:0c:a2:b9:
02:95:9d:dc:ce:3d:ef:64:47:a5:d1:b4:4c:4f:99:bd:32:f1:
c4:06:04:5c:a5:c7:37:e3:97:4b:4d:d9:a2:27:34:64:ec:10:
8e:a9:51:81:71:e8:00:19:3d:7c:bd:cb:ca:82:f1:00:ad:2f:
50:a8:f5:bd:9c:4e:f9:4a:bf:32:cd:4c:e3:5a:4a:bd:f0:aa:
c1:86:51:2e:b1:3b:44:06:eb:8b:2a:99:bb:bd:cd:e4:6a:8a:
1c:56:aa:46:dc:30:9a:f9:73:06:0c:88:44:90:2a:75:00:6b:
21:8c:79:78:71:63:42:02:e6:69:e2:79:fc:b5:ba:b2:f2:39:
6b:f7:be:bd:e2:49:50:36:98:4f:81:76:ba:c4:ec:fa:72:5a:
c0:71:0e:c2:ee:76:89:d4:a6:fe:4b:09:26:84:7c:e7:1f:f1:
7b:48:44:62:0e:17:44:d9:75:01:46:22:ee:82:52:26:69:c1:
a8:af:eb:d3:c1:b9:85:fa:3b:3b:3c:64:ce:87:12:bf:b1:d3:
6b:46:df:5f:10:f8:1a:60:58:cc:6f:ff:d3:04:66:93:92:5b:
02:03:a5:a4:58:1b:38:02:cf:9b:05:ac:ab:8c:96:ee:37:f5:
6c:cb:08:c6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZWGgXfU6e6JPHxG59r1nOCAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjUwMzExMTgzOTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDM3ZDE1MzBiYTJjZTA3YjRmYzU1Zjg2ZDJlZjExNzFlNDE3NWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAue+02LRpHagSfEhA8JSpSLrfSjV6
AxV1rXFZIerrSlrWlxaZE8m7wN3wswy3mmVLygzw+TTGzXGRO8ou/rXASOJWISmZ
1gNddiJT1+JYyxFWHw0eCyN1WmjAevWQioaYdQXhmjFu1fsKmqlWd/3AurPzMAr3
K4/uQrw/8gvxTlsorZdwdvQrJR4erpZWIoTA7Mxt+7Dm2xY8a6eKsnmyx2XahDO3
/s7Cbl3PUuk9ahJFaInIcCBkevf/OcD8/zQmz7FRF5mf7b0VuEKtzcN7Ja/RThM2
aGhcvdSIIE2za9E7xQcL1hedemcU8PnfoV+SkaDZYer7gFWFXsy6kHls7QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFA30VMLos4HtPxV+G0u8RceQXXeMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvVURmUlV3dWl6Z2UwX0ZYNGJTN3hGeDVCZGQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgmvhgMF
ASoOP0YDBQAqDliGMA0GCSqGSIb3DQEBCwUAA4IBAQBFVEq8GwTpntsp9E8pTu8M
orkClZ3czj3vZEel0bRMT5m9MvHEBgRcpcc345dLTdmiJzRk7BCOqVGBcegAGT18
vcvKgvEArS9QqPW9nE75Sr8yzUzjWkq98KrBhlEusTtEBuuLKpm7vc3kaoocVqpG
3DCa+XMGDIhEkCp1AGshjHl4cWNCAuZp4nn8tbqy8jlr97694klQNphPgXa6xOz6
clrAcQ7C7naJ1Kb+SwkmhHznH/F7SERiDhdE2XUBRiLuglImacGor+vTwbmF+js7
PGTOhxK/sdNrRt9fEPgaYFjMb//TBGaTklsCA6WkWBs4As+bBayrjJbuN/VsywjG
-----END CERTIFICATE-----
Generated at Wed Apr 30 01:34:01 2025 by rpki-client