Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/eQLSd8v64x8B-5ZYQ-tlo2io8LY.roa
File: eQLSd8v64x8B-5ZYQ-tlo2io8LY.roa (raw, json)
Hash identifier: sCFAlKMZKR4DVRayYvtQqU02P/NCc1M+nFuRxFoxB/A=
Subject key identifier: 79:02:D2:77:CB:FA:E3:1F:01:FB:96:58:43:EB:65:A3:68:A8:F0:B6
Certificate issuer: /CN=17526ccac4f9064e058549b30172c84439787fbc
Certificate serial: 019421B23D8DCAAAF1A7B19C63CD480317C3
Authority key identifier: 17:52:6C:CA:C4:F9:06:4E:05:85:49:B3:01:72:C8:44:39:78:7F:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F1JsysT5Bk4FhUmzAXLIRDl4f7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/eQLSd8v64x8B-5ZYQ-tlo2io8LY.roa
Signing time: Wed 01 Jan 2025 11:48:36 +0000
ROA not before: Wed 01 Jan 2025 11:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206074
IP address blocks: 2a0c:b6c2::/35 maxlen: 35
2a0c:b6c2:2000::/35 maxlen: 35
2a0c:b6c2:4000::/35 maxlen: 35
2a0c:b6c2:6000::/35 maxlen: 35
2a0c:b6c2:8000::/35 maxlen: 35
2a0c:b6c2:a000::/35 maxlen: 35
Validation: Failed, certificate revoked on Tue 11 Feb 2025 20:53:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:3d:8d:ca:aa:f1:a7:b1:9c:63:cd:48:03:17:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17526ccac4f9064e058549b30172c84439787fbc
Validity
Not Before: Jan 1 11:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7902d277cbfae31f01fb965843eb65a368a8f0b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:bb:45:61:30:6b:e2:7c:6b:23:b1:2e:dc:db:
8e:77:06:7c:82:a4:19:d4:65:89:c4:c0:51:f8:53:
c9:bb:f4:5d:1e:98:4f:c6:fd:d6:c9:0e:1b:fc:60:
f5:53:db:90:8d:16:bd:4f:df:44:f0:a8:2f:ef:69:
64:3e:e5:27:8c:33:ee:f1:90:13:a0:f9:61:ad:3d:
87:1a:b5:6c:9f:6c:9b:c5:0a:9c:4a:c4:eb:9a:94:
b2:6b:e9:54:4a:9b:3f:52:83:2d:71:1f:20:c1:df:
dd:1e:e5:9b:2d:8f:f8:1a:bc:dd:cb:8e:27:b2:76:
d6:96:ae:84:13:47:22:27:58:56:a3:55:a4:aa:4e:
ae:07:c6:a0:3a:41:56:5d:5b:4f:cd:0e:8f:1e:14:
01:08:64:60:1b:e0:ad:fe:ae:73:54:a5:ca:29:de:
58:a4:34:06:fc:1e:1e:49:86:62:0b:35:24:61:e4:
31:11:d5:7f:bd:9e:02:dd:8a:5f:1d:e1:28:53:31:
06:d3:4a:1e:93:65:da:8a:a2:38:60:04:7f:e5:88:
16:21:d3:92:0a:df:73:f7:80:b0:42:cd:79:04:69:
db:9f:a3:44:ed:dc:5b:11:e0:82:f9:38:7f:ce:9d:
c7:47:c9:fc:58:b6:32:11:b7:b4:a7:2e:14:22:8e:
49:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:02:D2:77:CB:FA:E3:1F:01:FB:96:58:43:EB:65:A3:68:A8:F0:B6
X509v3 Authority Key Identifier:
keyid:17:52:6C:CA:C4:F9:06:4E:05:85:49:B3:01:72:C8:44:39:78:7F:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F1JsysT5Bk4FhUmzAXLIRDl4f7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/eQLSd8v64x8B-5ZYQ-tlo2io8LY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/F1JsysT5Bk4FhUmzAXLIRDl4f7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b6c2::-2a0c:b6c2:bfff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
35:5c:f3:de:18:46:a7:69:99:f6:f6:fc:6a:58:ee:aa:d0:b6:
05:69:59:dd:0b:82:01:49:45:8b:87:00:b0:23:4c:92:4d:36:
8b:e8:52:3d:d5:f3:54:86:99:aa:08:1c:1c:9c:bb:9d:53:e6:
11:34:b7:4e:10:2b:00:88:f0:ad:d1:35:f7:82:36:2d:a5:a1:
fb:08:eb:b9:0d:14:3a:07:94:e2:9c:66:b3:50:a7:47:a3:aa:
ac:9e:9b:d2:3a:30:97:28:6a:c5:69:a2:a6:cd:92:bc:b5:01:
95:06:6c:48:df:1b:a0:7b:ad:53:8a:6d:d7:2f:10:17:ed:d5:
7e:13:c8:b4:ce:5c:5b:88:89:3f:5c:0f:6e:f2:3a:a7:53:ca:
8d:ec:bb:43:d8:2b:ab:d1:bc:db:10:85:12:c9:72:9a:87:56:
04:97:f3:2f:3d:2f:15:9f:26:00:c2:f5:ad:de:2b:6e:c3:c4:
b4:ce:fa:24:30:b1:5a:51:d4:96:27:42:3f:51:05:fb:1e:0e:
18:e3:d8:53:03:92:ec:54:de:6c:19:ed:c1:f2:ec:5e:e1:f5:
90:9a:8d:37:28:1e:8a:2c:8d:14:67:40:f1:6a:bf:64:bd:3e:
06:cb:a4:df:d0:c1:07:df:e7:83:e3:43:09:9e:e6:53:67:5c:
5e:e1:e7:5e
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAZQhsj2Nyqrxp7GcY81IAxfDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NTI2Y2NhYzRmOTA2NGUwNTg1NDliMzAxNzJjODQ0Mzk3
ODdmYmMwHhcNMjUwMTAxMTE0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTAyZDI3N2NiZmFlMzFmMDFmYjk2NTg0M2ViNjVhMzY4YThmMGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLtFYTBr4nxrI7Eu3NuOdwZ8gqQZ
1GWJxMBR+FPJu/RdHphPxv3WyQ4b/GD1U9uQjRa9T99E8Kgv72lkPuUnjDPu8ZAT
oPlhrT2HGrVsn2ybxQqcSsTrmpSya+lUSps/UoMtcR8gwd/dHuWbLY/4Grzdy44n
snbWlq6EE0ciJ1hWo1Wkqk6uB8agOkFWXVtPzQ6PHhQBCGRgG+Ct/q5zVKXKKd5Y
pDQG/B4eSYZiCzUkYeQxEdV/vZ4C3YpfHeEoUzEG00oek2XaiqI4YAR/5YgWIdOS
Ct9z94CwQs15BGnbn6NE7dxbEeCC+Th/zp3HR8n8WLYyEbe0py4UIo5J+QIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFHkC0nfL+uMfAfuWWEPrZaNoqPC2MB8GA1UdIwQY
MBaAFBdSbMrE+QZOBYVJswFyyEQ5eH+8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjFKc3lzVDVCazRGaFVtekFYTElSRGw0Zjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9jOWFhODEtNWJmZC00NTM1LTk2MDYt
OTQxY2M2YTdiYWQ5LzEvZVFMU2Q4djY0eDhCLTVaWVEtdGxvMmlvOExZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9jOWFhODEtNWJmZC00NTM1LTk2MDYtOTQxY2M2YTdiYWQ5
LzEvRjFKc3lzVDVCazRGaFVtekFYTElSRGw0Zjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARMA8DBQEqDLbC
AwYGKgy2woAwDQYJKoZIhvcNAQELBQADggEBADVc894YRqdpmfb2/GpY7qrQtgVp
Wd0LggFJRYuHALAjTJJNNovoUj3V81SGmaoIHBycu51T5hE0t04QKwCI8K3RNfeC
Ni2lofsI67kNFDoHlOKcZrNQp0ejqqyem9I6MJcoasVpoqbNkry1AZUGbEjfG6B7
rVOKbdcvEBft1X4TyLTOXFuIiT9cD27yOqdTyo3su0PYK6vRvNsQhRLJcpqHVgSX
8y89LxWfJgDC9a3eK27DxLTO+iQwsVpR1JYnQj9RBfseDhjj2FMDkuxU3mwZ7cHy
7F7h9ZCajTcoHoosjRRnQPFqv2S9PgbLpN/QwQff54PjQwme5lNnXF7h514=
-----END CERTIFICATE-----
Generated at Mon Apr 7 12:45:34 2025 by rpki-client