Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/73d5ad-a3f2-46cb-8582-215dbc89c2b9/1/Uz8FaQArJwWYIKR8fdxlZ7ggdTI.roa
File: Uz8FaQArJwWYIKR8fdxlZ7ggdTI.roa (raw, json)
Hash identifier: ghU2q3i8Ygrm5nUVd5QEEYZEjITqD7o+lStT17bLp0Q=
Subject key identifier: 53:3F:05:69:00:2B:27:05:98:20:A4:7C:7D:DC:65:67:B8:20:75:32
Certificate issuer: /CN=5eedd6f53bcb49e4b9b0706dfd074259c9b8a408
Certificate serial: 01946673C84E2B7DF166F68A28F57DEA4952
Authority key identifier: 5E:ED:D6:F5:3B:CB:49:E4:B9:B0:70:6D:FD:07:42:59:C9:B8:A4:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xu3W9TvLSeS5sHBt_QdCWcm4pAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/73d5ad-a3f2-46cb-8582-215dbc89c2b9/1/Uz8FaQArJwWYIKR8fdxlZ7ggdTI.roa
Signing time: Tue 14 Jan 2025 20:14:11 +0000
ROA not before: Tue 14 Jan 2025 20:14:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31394
IP address blocks: 83.137.40.0/21 maxlen: 21
2a00:11d0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 15 Jan 2025 12:37:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:66:73:c8:4e:2b:7d:f1:66:f6:8a:28:f5:7d:ea:49:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5eedd6f53bcb49e4b9b0706dfd074259c9b8a408
Validity
Not Before: Jan 14 20:14:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=533f0569002b27059820a47c7ddc6567b8207532
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:66:a8:90:10:78:e7:19:04:6f:f2:d9:3b:14:
52:a6:36:0d:ac:be:96:0f:43:69:3d:dd:ba:76:cc:
eb:d7:7e:00:e0:ed:d6:c4:e3:3e:e7:0f:73:3e:8b:
54:14:74:ca:3d:d6:ad:76:04:eb:e3:b7:c6:a1:1d:
0f:33:95:76:62:e8:93:9a:3f:cb:d2:43:a5:dc:d5:
22:42:2f:04:a1:79:b0:76:19:9b:02:eb:65:67:12:
78:6c:22:6a:b8:6e:85:7b:0b:82:cb:60:2e:c8:d6:
db:c8:8e:ea:4b:41:a4:a3:3f:d0:4d:e7:3f:f9:15:
4d:82:d9:e1:ef:a6:ac:31:1c:5f:b3:e0:26:00:ad:
7d:bc:eb:63:44:60:71:02:35:95:4d:85:81:52:5c:
ce:9a:9b:75:09:c4:7d:d2:15:ee:86:00:43:0d:8c:
87:75:84:f9:c7:59:61:7d:f5:a5:8f:57:8c:7e:29:
9b:e4:90:a8:80:aa:1b:fa:6c:ac:47:26:07:57:62:
95:6f:09:9a:90:49:de:55:0c:a1:e6:c0:1d:86:99:
41:28:77:8d:e6:14:cb:36:58:1d:fb:39:ff:28:3d:
30:b1:7a:22:d8:48:3f:98:05:88:91:c0:2b:e5:f5:
ee:54:f1:ae:9d:c2:98:39:48:71:7b:c4:b5:75:11:
fd:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:3F:05:69:00:2B:27:05:98:20:A4:7C:7D:DC:65:67:B8:20:75:32
X509v3 Authority Key Identifier:
keyid:5E:ED:D6:F5:3B:CB:49:E4:B9:B0:70:6D:FD:07:42:59:C9:B8:A4:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xu3W9TvLSeS5sHBt_QdCWcm4pAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/73d5ad-a3f2-46cb-8582-215dbc89c2b9/1/Uz8FaQArJwWYIKR8fdxlZ7ggdTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/73d5ad-a3f2-46cb-8582-215dbc89c2b9/1/Xu3W9TvLSeS5sHBt_QdCWcm4pAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.137.40.0/21
IPv6:
2a00:11d0::/32
Signature Algorithm: sha256WithRSAEncryption
20:0d:22:0f:e7:e6:8b:b1:c6:45:70:82:29:c8:d0:db:85:89:
83:5e:10:b2:22:7d:d2:bf:3a:a3:0b:db:20:66:d7:51:36:78:
25:3f:27:85:1b:ab:63:64:cc:33:39:27:8a:b8:11:d0:e4:42:
81:80:f5:34:b3:c7:58:42:14:0d:fd:74:fa:e8:a6:c3:dd:12:
a3:4c:9d:3d:6b:4e:0b:2b:66:bd:f1:32:d8:6d:4c:10:d2:24:
58:44:79:9f:65:ce:5b:b6:66:28:ff:78:d8:dd:1c:3d:b3:24:
bf:54:a5:b9:21:b9:32:c8:df:fc:b5:a8:15:f2:4f:75:1a:ee:
fe:97:e8:45:b7:bb:c6:88:7c:cb:9e:ed:96:7d:b4:78:30:36:
5c:50:6c:ee:36:ea:97:e4:10:75:9e:93:bd:fd:d3:0e:c6:8c:
c5:11:24:55:00:62:98:9a:32:f1:c0:15:ec:a7:ea:aa:47:c7:
b2:d5:4e:ce:25:9a:6f:9a:f0:94:f4:fe:ca:0c:a2:f0:e0:d0:
dc:93:01:01:5e:f3:b0:89:27:ab:62:3c:16:06:6e:64:fe:01:
6e:e1:6d:da:2a:37:07:b2:30:b6:c9:ae:57:22:91:38:43:1f:
2d:ad:07:02:5c:b6:ec:18:8c:97:ba:17:26:04:43:d2:ee:0f:
fe:5f:d3:59
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZRmc8hOK33xZvaKKPV96klSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZWRkNmY1M2JjYjQ5ZTRiOWIwNzA2ZGZkMDc0MjU5Yzli
OGE0MDgwHhcNMjUwMTE0MjAxNDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzNmMDU2OTAwMmIyNzA1OTgyMGE0N2M3ZGRjNjU2N2I4MjA3NTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmaokBB45xkEb/LZOxRSpjYNrL6W
D0NpPd26dszr134A4O3WxOM+5w9zPotUFHTKPdatdgTr47fGoR0PM5V2YuiTmj/L
0kOl3NUiQi8EoXmwdhmbAutlZxJ4bCJquG6FewuCy2AuyNbbyI7qS0Gkoz/QTec/
+RVNgtnh76asMRxfs+AmAK19vOtjRGBxAjWVTYWBUlzOmpt1CcR90hXuhgBDDYyH
dYT5x1lhffWlj1eMfimb5JCogKob+mysRyYHV2KVbwmakEneVQyh5sAdhplBKHeN
5hTLNlgd+zn/KD0wsXoi2Eg/mAWIkcAr5fXuVPGuncKYOUhxe8S1dRH9RwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFM/BWkAKycFmCCkfH3cZWe4IHUyMB8GA1UdIwQY
MBaAFF7t1vU7y0nkubBwbf0HQlnJuKQIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHUzVzlUdkxTZVM1c0hCdF9RZENXY200cEFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi83M2Q1YWQtYTNmMi00NmNiLTg1ODIt
MjE1ZGJjODljMmI5LzEvVXo4RmFRQXJKd1dZSUtSOGZkeGxaN2dnZFRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi83M2Q1YWQtYTNmMi00NmNiLTg1ODItMjE1ZGJjODljMmI5
LzEvWHUzVzlUdkxTZVM1c0hCdF9RZENXY200cEFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDU4koMA0E
AgACMAcDBQAqABHQMA0GCSqGSIb3DQEBCwUAA4IBAQAgDSIP5+aLscZFcIIpyNDb
hYmDXhCyIn3SvzqjC9sgZtdRNnglPyeFG6tjZMwzOSeKuBHQ5EKBgPU0s8dYQhQN
/XT66KbD3RKjTJ09a04LK2a98TLYbUwQ0iRYRHmfZc5btmYo/3jY3Rw9syS/VKW5
IbkyyN/8tagV8k91Gu7+l+hFt7vGiHzLnu2WfbR4MDZcUGzuNuqX5BB1npO9/dMO
xozFESRVAGKYmjLxwBXsp+qqR8ey1U7OJZpvmvCU9P7KDKLw4NDckwEBXvOwiSer
YjwWBm5k/gFu4W3aKjcHsjC2ya5XIpE4Qx8trQcCXLbsGIyXuhcmBEPS7g/+X9NZ
-----END CERTIFICATE-----
Generated at Tue May 13 05:05:36 2025 by rpki-client