Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/USRbCoRGuxYbbgAYrk2QFNowQoI.roa
File: USRbCoRGuxYbbgAYrk2QFNowQoI.roa (raw, json)
Hash identifier: 99+T19LdWVElf5u92kbOwJySiWApimd3MgXTh8nYEe0=
Subject key identifier: 51:24:5B:0A:84:46:BB:16:1B:6E:00:18:AE:4D:90:14:DA:30:42:82
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018D92C3B47EC3F73FC36A5879CD10446EA8
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/USRbCoRGuxYbbgAYrk2QFNowQoI.roa
Signing time: Sat 10 Feb 2024 11:25:15 +0000
ROA not before: Sat 10 Feb 2024 11:25:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 2a13:9480::/29 maxlen: 29
2a13:f900::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 26 Feb 2024 07:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:92:c3:b4:7e:c3:f7:3f:c3:6a:58:79:cd:10:44:6e:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 10 11:25:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=51245b0a8446bb161b6e0018ae4d9014da304282
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:9b:0c:f4:7f:6e:e7:7f:e0:a8:2d:a9:f4:80:
f1:58:e4:b3:35:34:bc:d1:8e:c2:ba:5a:3e:de:e0:
ce:dd:de:ea:b1:06:ac:cb:de:05:f5:b4:76:5a:3a:
2b:f5:5b:05:54:ba:14:c5:c4:a8:c3:98:01:6f:7b:
e9:21:f0:fc:95:ae:bc:45:06:a0:4a:4a:4c:d6:ae:
d2:53:86:6e:cf:e0:02:02:73:8e:02:77:05:3a:d9:
e4:4c:0e:67:1d:93:91:55:43:64:fc:f1:33:e7:a6:
79:ca:90:9d:62:cb:9a:d7:7e:e2:f8:d5:6d:d0:62:
e4:6d:a7:2d:9d:3f:f9:39:6a:92:ff:26:ff:25:64:
24:2d:af:c4:a4:0e:33:7e:6e:69:d3:82:45:de:c3:
53:08:32:3a:bc:47:f1:c2:53:10:c8:c0:98:4b:5e:
a9:ca:fa:38:71:c2:85:84:80:74:5a:7c:7f:22:7c:
66:ac:83:76:fd:c5:c8:fe:03:80:75:4a:5f:e1:90:
c0:05:38:36:18:e0:fa:ba:bb:2e:d8:49:f7:40:d3:
ed:6d:8b:c0:06:cc:bf:ad:d6:aa:ae:c6:24:0f:83:
ec:27:07:1c:e8:fc:57:bf:f3:81:96:49:97:be:88:
51:f4:0b:74:c4:58:5a:13:df:92:56:50:36:ef:76:
db:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:24:5B:0A:84:46:BB:16:1B:6E:00:18:AE:4D:90:14:DA:30:42:82
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/USRbCoRGuxYbbgAYrk2QFNowQoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9480::/29
2a13:f900::/29
Signature Algorithm: sha256WithRSAEncryption
21:a0:6e:36:50:25:2a:c1:d1:1d:20:44:11:b5:21:38:d8:b9:
17:d3:14:e0:28:9a:46:c4:97:23:0b:88:fd:3e:4b:6c:e2:35:
e5:d7:9c:88:1f:e5:de:cd:82:ef:32:5b:23:04:b4:fb:09:ba:
a5:cc:eb:e3:68:b6:4d:80:c1:87:96:f8:f8:99:4f:fd:e7:f1:
d1:ce:70:00:dc:73:7b:c2:07:61:16:c5:4d:b0:33:a5:43:9e:
c8:36:f9:74:f5:0e:f2:bb:52:60:01:7b:ed:55:4c:0b:e3:9b:
bd:46:ba:37:f3:86:65:61:63:83:50:02:ed:b7:14:e7:43:46:
78:94:18:aa:d4:03:0f:d0:42:2c:50:2a:6a:e4:a3:59:f9:3a:
e3:84:f5:2f:3a:19:0f:bd:ab:a6:2b:52:7d:22:7c:a8:8f:cd:
f8:de:81:c6:e1:f9:90:d4:01:72:80:45:a1:f9:af:65:80:2d:
76:c2:92:4f:94:4e:49:d8:e6:b1:b6:2d:71:52:68:89:81:d5:
96:b0:61:a1:46:00:bc:f2:93:1d:a3:4c:9f:15:2b:19:27:0f:
cc:0c:ce:af:0e:54:e2:65:9f:60:76:84:18:2f:e8:f1:7d:a9:
31:0b:03:3c:b6:f7:97:2c:62:3e:ee:4a:c2:df:c5:b0:26:3b:
c8:c1:7c:00
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY2Sw7R+w/c/w2pYec0QRG6oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMjEwMTEyNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTI0NWIwYTg0NDZiYjE2MWI2ZTAwMThhZTRkOTAxNGRhMzA0MjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZsM9H9u53/gqC2p9IDxWOSzNTS8
0Y7Culo+3uDO3d7qsQasy94F9bR2Wjor9VsFVLoUxcSow5gBb3vpIfD8la68RQag
SkpM1q7SU4Zuz+ACAnOOAncFOtnkTA5nHZORVUNk/PEz56Z5ypCdYsua137i+NVt
0GLkbactnT/5OWqS/yb/JWQkLa/EpA4zfm5p04JF3sNTCDI6vEfxwlMQyMCYS16p
yvo4ccKFhIB0Wnx/InxmrIN2/cXI/gOAdUpf4ZDABTg2GOD6ursu2En3QNPtbYvA
Bsy/rdaqrsYkD4PsJwcc6PxXv/OBlkmXvohR9At0xFhaE9+SVlA273bbpQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFEkWwqERrsWG24AGK5NkBTaMEKCMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvVVNSYkNvUkd1eFliYmdBWXJrMlFGTm93UW9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhOUgAMF
AyoT+QAwDQYJKoZIhvcNAQELBQADggEBACGgbjZQJSrB0R0gRBG1ITjYuRfTFOAo
mkbElyMLiP0+S2ziNeXXnIgf5d7Ngu8yWyMEtPsJuqXM6+Notk2AwYeW+PiZT/3n
8dHOcADcc3vCB2EWxU2wM6VDnsg2+XT1DvK7UmABe+1VTAvjm71GujfzhmVhY4NQ
Au23FOdDRniUGKrUAw/QQixQKmrko1n5OuOE9S86GQ+9q6YrUn0ifKiPzfjegcbh
+ZDUAXKARaH5r2WALXbCkk+UTknY5rG2LXFSaImB1ZawYaFGALzykx2jTJ8VKxkn
D8wMzq8OVOJln2B2hBgv6PF9qTELAzy295csYj7uSsLfxbAmO8jBfAA=
-----END CERTIFICATE-----
Generated at Thu May 8 17:12:51 2025 by rpki-client