Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/lasP1pk85e1OsauON550JEzw5F0.roa
File: lasP1pk85e1OsauON550JEzw5F0.roa (raw, json)
Hash identifier: UmxXDuK3i/vkggMfgV2MizdScui1dccUYg0AWzetx/Y=
Subject key identifier: 95:AB:0F:D6:99:3C:E5:ED:4E:B1:AB:8E:37:9E:74:24:4C:F0:E4:5D
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 0193ACDE81414EB942F8BF9EE49ABF7858DF
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/lasP1pk85e1OsauON550JEzw5F0.roa
Signing time: Mon 09 Dec 2024 19:21:23 +0000
ROA not before: Mon 09 Dec 2024 19:21:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213861
IP address blocks: 2a11:3c43::/32 maxlen: 32
2a11:3c46::/32 maxlen: 32
2a11:6bc3::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ac:de:81:41:4e:b9:42:f8:bf:9e:e4:9a:bf:78:58:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Dec 9 19:21:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95ab0fd6993ce5ed4eb1ab8e379e74244cf0e45d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:45:77:7e:1e:c8:e0:b3:67:97:71:ca:08:84:
ff:9c:36:cb:4b:f3:c5:66:ef:91:8b:fe:93:42:a6:
85:38:8a:62:63:9e:5d:b5:f2:8a:33:d1:37:2c:57:
0c:1a:ec:3c:e7:e9:df:34:9a:84:f3:c9:70:76:82:
ba:55:78:4c:2c:f6:b0:52:cb:c9:dc:9d:c5:db:d2:
d4:c3:b0:a9:36:dc:9e:3f:ed:86:77:d0:26:ed:4e:
25:eb:92:76:a2:aa:89:8d:90:e0:34:1e:79:80:3f:
4e:c4:16:e6:b2:33:e5:51:66:15:ec:79:d0:e7:5e:
43:e7:59:d6:b7:9c:21:7f:63:44:bc:28:69:26:62:
51:fa:53:db:8d:b9:7f:a2:e5:96:1e:09:ea:27:7c:
61:f8:bc:ba:ed:9f:1c:13:65:59:95:c6:80:2e:fe:
a2:65:da:ad:44:08:2e:cc:db:15:1d:cf:50:45:b3:
0f:68:af:24:3a:82:19:ad:aa:14:e2:47:65:fa:ec:
65:e4:24:b9:ee:da:fe:e7:00:95:12:c0:56:43:23:
c5:9c:92:9b:49:0a:6d:4b:d5:d4:87:e3:a9:8c:a4:
3d:67:50:f3:a6:8c:80:ab:67:5e:62:81:c1:54:bd:
f0:57:fd:92:ad:97:61:93:a6:5d:b8:a0:45:7d:79:
a3:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:AB:0F:D6:99:3C:E5:ED:4E:B1:AB:8E:37:9E:74:24:4C:F0:E4:5D
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/lasP1pk85e1OsauON550JEzw5F0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:3c43::/32
2a11:3c46::/32
2a11:6bc3::/32
Signature Algorithm: sha256WithRSAEncryption
3d:05:fd:8e:31:3a:e9:0e:99:d6:cc:62:7e:5d:6d:75:b7:62:
fa:fc:32:5a:60:a0:53:66:bb:31:73:bc:df:1c:af:59:8d:1e:
00:35:90:b9:87:63:40:1b:0d:31:84:3b:28:29:8f:0b:b6:95:
89:22:4d:52:5a:f5:d3:ec:b7:90:eb:44:ab:20:a5:a4:40:a7:
5a:01:a4:b1:93:2d:87:eb:80:35:60:2f:22:37:49:21:85:ee:
2b:8f:d9:51:87:5f:76:02:29:05:a1:65:a8:00:9c:4a:94:99:
9c:c5:45:1d:f9:b8:bb:eb:49:78:97:d5:90:60:ac:91:ed:cb:
fb:f4:51:e3:69:c6:8a:29:ad:5b:d8:39:5d:38:4e:1a:e2:24:
50:66:31:0b:56:b7:e9:60:25:eb:c5:2e:4a:bd:a8:eb:f9:93:
b0:ea:2b:82:b0:24:a5:c9:10:58:c8:fd:3d:6f:57:97:b3:fe:
d5:52:7e:23:51:d8:24:43:4e:ec:f5:64:a4:ce:a7:2a:f4:fc:
62:54:09:2b:05:49:b9:e8:27:e4:14:4c:ad:f4:9c:cd:2e:0e:
02:28:b6:0f:30:44:b1:f9:9e:ec:58:b2:3a:a9:48:48:f6:25:
b9:f6:2c:31:8c:80:68:5a:3b:d6:f5:98:ad:30:f6:29:3b:62:
31:25:c3:67
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZOs3oFBTrlC+L+e5Jq/eFjfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjQxMjA5MTkyMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWFiMGZkNjk5M2NlNWVkNGViMWFiOGUzNzllNzQyNDRjZjBlNDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6kV3fh7I4LNnl3HKCIT/nDbLS/PF
Zu+Ri/6TQqaFOIpiY55dtfKKM9E3LFcMGuw85+nfNJqE88lwdoK6VXhMLPawUsvJ
3J3F29LUw7CpNtyeP+2Gd9Am7U4l65J2oqqJjZDgNB55gD9OxBbmsjPlUWYV7HnQ
515D51nWt5whf2NEvChpJmJR+lPbjbl/ouWWHgnqJ3xh+Ly67Z8cE2VZlcaALv6i
ZdqtRAguzNsVHc9QRbMPaK8kOoIZraoU4kdl+uxl5CS57tr+5wCVEsBWQyPFnJKb
SQptS9XUh+OpjKQ9Z1DzpoyAq2deYoHBVL3wV/2SrZdhk6ZduKBFfXmjKwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJWrD9aZPOXtTrGrjjeedCRM8ORdMB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvbGFzUDFwazg1ZTFPc2F1T041NTBKRXp3NUYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKhE8QwMF
ACoRPEYDBQAqEWvDMA0GCSqGSIb3DQEBCwUAA4IBAQA9Bf2OMTrpDpnWzGJ+XW11
t2L6/DJaYKBTZrsxc7zfHK9ZjR4ANZC5h2NAGw0xhDsoKY8LtpWJIk1SWvXT7LeQ
60SrIKWkQKdaAaSxky2H64A1YC8iN0khhe4rj9lRh192AikFoWWoAJxKlJmcxUUd
+bi760l4l9WQYKyR7cv79FHjacaKKa1b2DldOE4a4iRQZjELVrfpYCXrxS5Kvajr
+ZOw6iuCsCSlyRBYyP09b1eXs/7VUn4jUdgkQ07s9WSkzqcq9PxiVAkrBUm56Cfk
FEyt9JzNLg4CKLYPMESx+Z7sWLI6qUhI9iW59iwxjIBoWjvW9ZitMPYpO2IxJcNn
-----END CERTIFICATE-----
Generated at Wed Apr 9 07:09:23 2025 by rpki-client