Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/AsdcmN80LWbmyUsh9VgeEfbK9LQ.roa
File: AsdcmN80LWbmyUsh9VgeEfbK9LQ.roa (raw, json)
Hash identifier: OhZ7XX1gPqUJhgXs5BbRffIUTijXCvGc0/k7ugGUpeE=
Subject key identifier: 02:C7:5C:98:DF:34:2D:66:E6:C9:4B:21:F5:58:1E:11:F6:CA:F4:B4
Certificate issuer: /CN=17526ccac4f9064e058549b30172c84439787fbc
Certificate serial: 019421B23D166D7FD74BF8D90BCC289FE6C3
Authority key identifier: 17:52:6C:CA:C4:F9:06:4E:05:85:49:B3:01:72:C8:44:39:78:7F:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F1JsysT5Bk4FhUmzAXLIRDl4f7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/AsdcmN80LWbmyUsh9VgeEfbK9LQ.roa
Signing time: Wed 01 Jan 2025 11:48:36 +0000
ROA not before: Wed 01 Jan 2025 11:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137409
IP address blocks: 2a0c:b6c0::/34 maxlen: 34
2a0c:b6c0:4000::/34 maxlen: 34
2a0c:b6c0:8000::/34 maxlen: 34
2a0c:b6c1::/34 maxlen: 34
2a0c:b6c1:4000::/34 maxlen: 34
2a0c:b6c1:8000::/34 maxlen: 34
Validation: Failed, certificate revoked on Tue 11 Feb 2025 21:24:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:3d:16:6d:7f:d7:4b:f8:d9:0b:cc:28:9f:e6:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17526ccac4f9064e058549b30172c84439787fbc
Validity
Not Before: Jan 1 11:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=02c75c98df342d66e6c94b21f5581e11f6caf4b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:74:d8:8a:2c:93:97:f3:5d:56:7b:b5:6b:07:
68:f7:35:65:4e:57:43:a4:15:8d:a7:7a:95:1e:96:
b5:b8:10:22:c0:2b:76:ec:6a:4a:89:ac:a0:90:44:
3b:0e:73:94:5f:1a:00:74:56:9f:64:82:14:73:2d:
e2:20:ba:de:a9:1f:f5:d5:3a:d1:90:e2:ea:3c:41:
22:67:66:52:15:d6:39:62:e1:2f:e4:da:e0:f4:0b:
7c:c7:dd:9d:cb:54:c4:88:5e:85:a8:b9:a5:a8:7e:
82:50:3e:b9:6c:ef:0a:c6:64:8e:c5:2f:12:a6:6f:
25:44:e8:c9:0c:99:eb:7b:0d:ae:97:30:2e:29:9d:
5b:c8:4a:bb:4c:6d:ef:37:b6:6f:02:ea:37:12:cc:
53:df:ed:2b:87:f1:86:1f:2c:cc:c6:40:5c:58:83:
4c:6f:e2:d2:05:83:68:0c:9a:52:70:87:61:2e:85:
a4:35:5d:c8:20:9b:1a:96:c0:05:a4:e8:b3:31:c4:
6a:07:df:05:89:72:ff:af:c0:f4:d5:d7:d1:7b:64:
2f:68:02:7b:b2:75:ea:2d:69:1d:1b:30:1d:23:da:
7f:0c:87:85:5f:37:36:9e:07:2f:d9:04:79:8e:97:
a2:79:0d:38:37:53:a0:68:bc:ae:7e:f5:cd:a0:17:
e2:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:C7:5C:98:DF:34:2D:66:E6:C9:4B:21:F5:58:1E:11:F6:CA:F4:B4
X509v3 Authority Key Identifier:
keyid:17:52:6C:CA:C4:F9:06:4E:05:85:49:B3:01:72:C8:44:39:78:7F:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F1JsysT5Bk4FhUmzAXLIRDl4f7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/AsdcmN80LWbmyUsh9VgeEfbK9LQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/F1JsysT5Bk4FhUmzAXLIRDl4f7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b6c0::-2a0c:b6c0:bfff:ffff:ffff:ffff:ffff:ffff
2a0c:b6c1::-2a0c:b6c1:bfff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a2:c0:1a:20:94:ba:6d:f6:cf:08:bf:7c:ff:3e:94:27:ea:76:
05:b1:d5:9b:78:a6:47:46:78:07:e7:21:d9:6b:83:54:96:a5:
da:77:71:f6:1e:6f:3f:0d:29:ef:ad:59:a5:6b:18:d7:8b:1e:
90:2e:43:04:a8:10:7a:82:75:c1:c6:d2:0e:6c:a7:6e:04:c8:
44:80:88:a7:6b:1c:30:18:a5:76:49:56:d0:af:15:5a:cf:9e:
4d:d9:58:ec:3b:47:ba:be:be:65:89:57:b7:00:b6:9f:90:38:
05:a5:cd:22:d8:ef:ea:7e:ac:46:e0:c6:09:4c:fb:08:9f:3c:
ad:89:4e:d2:ba:9f:49:16:13:61:45:22:10:4e:12:1c:dd:c3:
89:83:ae:f4:aa:9f:b8:3c:f4:1a:be:02:f7:d9:02:97:b7:c4:
47:6e:63:a1:1c:0c:26:f9:32:06:58:46:05:db:bf:c8:83:46:
c5:3e:39:f5:30:5d:fe:35:2e:f3:be:35:d8:a2:c3:d4:18:7e:
8e:da:3a:02:4d:61:f3:c8:14:06:26:75:d5:fd:34:fd:3e:55:
b2:4f:8a:35:a2:c0:b4:8e:e7:0a:1a:1d:c2:af:cf:a9:80:31:
06:37:cf:a6:3c:e3:57:f9:21:fb:62:31:98:02:65:40:5f:c5:
d2:f6:b6:14
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQhsj0WbX/XS/jZC8won+bDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NTI2Y2NhYzRmOTA2NGUwNTg1NDliMzAxNzJjODQ0Mzk3
ODdmYmMwHhcNMjUwMTAxMTE0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmM3NWM5OGRmMzQyZDY2ZTZjOTRiMjFmNTU4MWUxMWY2Y2FmNGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3TYiiyTl/NdVnu1awdo9zVlTldD
pBWNp3qVHpa1uBAiwCt27GpKiaygkEQ7DnOUXxoAdFafZIIUcy3iILreqR/11TrR
kOLqPEEiZ2ZSFdY5YuEv5Nrg9At8x92dy1TEiF6FqLmlqH6CUD65bO8KxmSOxS8S
pm8lROjJDJnrew2ulzAuKZ1byEq7TG3vN7ZvAuo3EsxT3+0rh/GGHyzMxkBcWINM
b+LSBYNoDJpScIdhLoWkNV3IIJsalsAFpOizMcRqB98FiXL/r8D01dfRe2QvaAJ7
snXqLWkdGzAdI9p/DIeFXzc2ngcv2QR5jpeieQ04N1OgaLyufvXNoBfirQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFALHXJjfNC1m5slLIfVYHhH2yvS0MB8GA1UdIwQY
MBaAFBdSbMrE+QZOBYVJswFyyEQ5eH+8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjFKc3lzVDVCazRGaFVtekFYTElSRGw0Zjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9jOWFhODEtNWJmZC00NTM1LTk2MDYt
OTQxY2M2YTdiYWQ5LzEvQXNkY21OODBMV2JteVVzaDlWZ2VFZmJLOUxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9jOWFhODEtNWJmZC00NTM1LTk2MDYtOTQxY2M2YTdiYWQ5
LzEvRjFKc3lzVDVCazRGaFVtekFYTElSRGw0Zjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAAjAiMA8DBQYqDLbA
AwYGKgy2wIAwDwMFACoMtsEDBgYqDLbBgDANBgkqhkiG9w0BAQsFAAOCAQEAosAa
IJS6bfbPCL98/z6UJ+p2BbHVm3imR0Z4B+ch2WuDVJal2ndx9h5vPw0p761ZpWsY
14sekC5DBKgQeoJ1wcbSDmynbgTIRICIp2scMBildklW0K8VWs+eTdlY7DtHur6+
ZYlXtwC2n5A4BaXNItjv6n6sRuDGCUz7CJ88rYlO0rqfSRYTYUUiEE4SHN3DiYOu
9KqfuDz0Gr4C99kCl7fER25joRwMJvkyBlhGBdu/yINGxT459TBd/jUu87412KLD
1Bh+jto6Ak1h88gUBiZ11f00/T5Vsk+KNaLAtI7nChodwq/PqYAxBjfPpjzjV/kh
+2IxmAJlQF/F0va2FA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 12:38:07 2025 by rpki-client