Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/i1dX906fzH3masEet1CT6vMo-UA.roa
File: i1dX906fzH3masEet1CT6vMo-UA.roa (raw, json)
Hash identifier: UT4vSdw6Bx2fGe3I7jZL/XjjRgg9evDkPwWJGzELmcg=
Subject key identifier: 8B:57:57:F7:4E:9F:CC:7D:E6:6A:C1:1E:B7:50:93:EA:F3:28:F9:40
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 0194D43A17403553BB085BFC0661570145F8
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/i1dX906fzH3masEet1CT6vMo-UA.roa
Signing time: Wed 05 Feb 2025 03:49:24 +0000
ROA not before: Wed 05 Feb 2025 03:49:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213574
IP address blocks: 2a12:bec4:16e0::/44 maxlen: 48
Validation: Failed, certificate revoked on Wed 05 Feb 2025 04:34:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d4:3a:17:40:35:53:bb:08:5b:fc:06:61:57:01:45:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Feb 5 03:49:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b5757f74e9fcc7de66ac11eb75093eaf328f940
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3b:d9:02:d5:d2:df:f8:f1:eb:42:20:a5:53:
49:fd:a0:bf:5d:86:88:49:25:6c:81:3f:d1:bb:c3:
40:ba:70:f1:dd:f1:60:b6:e1:1d:d7:e2:df:e5:b1:
a4:e8:be:e6:13:a1:1f:49:60:96:cf:15:cb:8e:3b:
72:59:a2:ac:12:30:87:95:d1:d2:c1:6b:1f:9f:a3:
30:e5:26:72:b1:0b:3e:39:90:a6:e7:12:3a:b3:12:
72:70:0f:25:34:e3:2c:2a:fa:97:76:b5:84:c5:d1:
d3:22:a0:6e:71:51:63:79:b0:ab:6f:10:07:64:e7:
57:d2:b6:a1:97:3c:d7:f4:73:25:50:7f:fd:b7:e7:
7a:23:da:bf:b5:3c:37:f0:65:77:6a:ec:e1:13:4c:
1d:8d:63:3c:dc:41:ff:de:00:1c:0c:52:56:cb:48:
00:43:33:b6:f7:cd:e1:f9:ee:03:0c:57:b4:7e:68:
54:b6:2e:a0:66:65:3e:16:e5:c4:12:11:6a:73:64:
2d:04:bb:80:56:72:a0:9b:08:dc:66:d5:3c:15:6c:
e4:8d:6c:92:49:fd:b9:aa:6e:fb:14:d1:8a:b9:6a:
62:bf:81:93:de:b3:8a:e7:0a:99:f2:76:8b:7f:19:
e3:12:7c:43:09:43:40:c6:d2:c9:a5:c8:d0:b3:86:
3a:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:57:57:F7:4E:9F:CC:7D:E6:6A:C1:1E:B7:50:93:EA:F3:28:F9:40
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/i1dX906fzH3masEet1CT6vMo-UA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:16e0::/44
Signature Algorithm: sha256WithRSAEncryption
66:6d:bf:ad:17:2c:ea:33:e8:4b:e4:ae:02:98:0a:5d:52:3d:
9a:ad:06:23:bd:81:c4:a2:95:d5:fc:70:7f:8f:4d:7f:cc:37:
dc:bd:47:fe:4d:f1:b8:79:03:87:a2:8e:b0:d1:65:de:54:74:
95:e9:b3:00:4d:69:c5:02:d7:35:81:52:c4:f6:f6:aa:b6:3e:
91:14:ce:cc:6a:a7:4c:23:2a:57:1b:20:1e:71:78:6c:29:53:
69:37:03:e6:17:f5:63:3c:da:64:7f:0b:a3:91:6f:d7:67:27:
5c:5a:11:2e:bd:36:72:e3:ea:41:55:9a:2e:28:6d:81:aa:12:
5e:1b:99:d9:c1:34:d6:15:50:6b:ea:ee:f2:1e:60:9c:b1:be:
93:8d:09:ad:d8:e5:58:85:28:2c:1d:02:0d:b2:25:c3:e1:9a:
96:29:1d:a6:e4:8f:30:8e:80:f2:34:cc:ff:39:18:5d:d0:ca:
22:c6:b7:55:6b:97:be:d1:a3:d7:4c:d7:b0:cc:54:fd:12:16:
43:4b:e2:e2:83:c3:e5:10:68:77:17:d8:e1:f2:48:ba:15:f2:
b2:f2:fe:e3:67:c1:af:47:6e:26:b1:5a:f3:19:d1:fa:7b:57:
db:cf:8c:bb:5a:ea:68:50:62:cf:ea:ed:c4:65:0d:89:97:83:
f3:e5:49:79
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZTUOhdANVO7CFv8BmFXAUX4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwMjA1MDM0OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjU3NTdmNzRlOWZjYzdkZTY2YWMxMWViNzUwOTNlYWYzMjhmOTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDvZAtXS3/jx60IgpVNJ/aC/XYaI
SSVsgT/Ru8NAunDx3fFgtuEd1+Lf5bGk6L7mE6EfSWCWzxXLjjtyWaKsEjCHldHS
wWsfn6Mw5SZysQs+OZCm5xI6sxJycA8lNOMsKvqXdrWExdHTIqBucVFjebCrbxAH
ZOdX0rahlzzX9HMlUH/9t+d6I9q/tTw38GV3auzhE0wdjWM83EH/3gAcDFJWy0gA
QzO2983h+e4DDFe0fmhUti6gZmU+FuXEEhFqc2QtBLuAVnKgmwjcZtU8FWzkjWyS
Sf25qm77FNGKuWpiv4GT3rOK5wqZ8naLfxnjEnxDCUNAxtLJpcjQs4Y6pQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFItXV/dOn8x95mrBHrdQk+rzKPlAMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvaTFkWDkwNmZ6SDNtYXNFZXQxQ1Q2dk1vLVVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+xBbg
MA0GCSqGSIb3DQEBCwUAA4IBAQBmbb+tFyzqM+hL5K4CmApdUj2arQYjvYHEopXV
/HB/j01/zDfcvUf+TfG4eQOHoo6w0WXeVHSV6bMATWnFAtc1gVLE9vaqtj6RFM7M
aqdMIypXGyAecXhsKVNpNwPmF/VjPNpkfwujkW/XZydcWhEuvTZy4+pBVZouKG2B
qhJeG5nZwTTWFVBr6u7yHmCcsb6TjQmt2OVYhSgsHQINsiXD4ZqWKR2m5I8wjoDy
NMz/ORhd0MoixrdVa5e+0aPXTNewzFT9EhZDS+Lig8PlEGh3F9jh8ki6FfKy8v7j
Z8GvR24msVrzGdH6e1fbz4y7WupoUGLP6u3EZQ2Jl4Pz5Ul5
-----END CERTIFICATE-----
Generated at Thu May 15 19:27:58 2025 by rpki-client