Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/L4Iugl9_tk_hPWWwUSPq56IwQQ0.roa
File: L4Iugl9_tk_hPWWwUSPq56IwQQ0.roa (raw, json)
Hash identifier: a9xaZGap7S/hOOale1/W1yFwEB8/01AytFmA2bbihzE=
Subject key identifier: 2F:82:2E:82:5F:7F:B6:4F:E1:3D:65:B0:51:23:EA:E7:A2:30:41:0D
Certificate issuer: /CN=5e0ff8aaf7453114147028d54ae1c693a8a147bc
Certificate serial: 018CC5008B8322C541D7AC06DDBAFE4828B9
Authority key identifier: 5E:0F:F8:AA:F7:45:31:14:14:70:28:D5:4A:E1:C6:93:A8:A1:47:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/L4Iugl9_tk_hPWWwUSPq56IwQQ0.roa
Signing time: Mon 01 Jan 2024 12:29:56 +0000
ROA not before: Mon 01 Jan 2024 12:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216300
IP address blocks: 2a12:b3c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 22 Mar 2024 09:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:8b:83:22:c5:41:d7:ac:06:dd:ba:fe:48:28:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e0ff8aaf7453114147028d54ae1c693a8a147bc
Validity
Not Before: Jan 1 12:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f822e825f7fb64fe13d65b05123eae7a230410d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:61:3b:b6:e3:e0:c0:21:01:fe:34:44:36:b8:
77:88:a7:20:73:1d:14:ba:db:cc:79:e4:a9:a9:3b:
75:48:ee:59:ab:bc:93:d5:63:a6:d1:54:04:39:fb:
c8:87:b3:64:33:5e:e7:26:79:a6:ca:fe:1e:4f:b9:
0c:45:5e:f7:7a:2f:29:2d:a5:41:b9:6c:d9:19:d7:
99:f2:95:44:94:b1:90:d8:9c:e2:06:51:31:42:c5:
d9:50:b1:8a:f7:c6:0e:29:6c:ff:05:7e:5d:19:b6:
f6:6d:55:df:c4:54:ae:4a:66:78:1a:33:ff:dd:2d:
50:c0:9b:95:2c:9f:82:bb:27:82:ee:b9:66:77:b3:
eb:ce:dc:e3:33:c6:92:20:50:dc:eb:e0:fc:06:12:
dd:9c:11:bf:04:fc:af:48:5c:e8:7e:6e:4d:4f:b8:
f8:da:86:6a:d8:72:85:91:21:db:d7:19:fa:b4:d5:
ec:02:6b:54:00:e2:cc:e0:84:e6:61:1c:90:03:cc:
a2:02:78:15:6e:1b:ee:50:61:b9:72:06:d3:80:c1:
b3:34:98:2c:e0:6c:b4:85:62:bc:b2:fe:e4:dd:ab:
0a:87:df:2d:a4:0a:0d:72:00:81:ed:a3:5d:e5:83:
94:b0:48:3e:03:c9:a3:e2:7b:d7:6a:3c:e5:0e:a3:
80:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:82:2E:82:5F:7F:B6:4F:E1:3D:65:B0:51:23:EA:E7:A2:30:41:0D
X509v3 Authority Key Identifier:
keyid:5E:0F:F8:AA:F7:45:31:14:14:70:28:D5:4A:E1:C6:93:A8:A1:47:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/L4Iugl9_tk_hPWWwUSPq56IwQQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:b3c0::/48
Signature Algorithm: sha256WithRSAEncryption
1b:07:9c:38:b6:b0:11:79:e8:6a:de:ae:97:70:ed:11:af:0e:
bf:6c:63:db:c0:d9:01:71:33:4a:4b:da:b1:17:71:3f:28:37:
1c:90:54:49:3f:37:ed:75:05:33:69:93:a6:22:2e:50:98:d6:
1e:64:2d:50:17:7a:d6:d2:b7:38:4d:6d:f1:bf:8b:12:46:92:
c4:93:27:b0:29:ec:e6:0a:41:e8:a3:a4:47:78:1c:c8:c6:36:
0f:96:6b:4b:d4:b6:3b:e6:09:50:e4:21:01:38:36:5a:e7:7a:
72:94:ef:78:41:60:a0:33:8e:a7:d4:81:63:b6:d6:50:ec:69:
7c:2c:d5:c4:ad:11:8a:ef:99:82:99:5c:e7:c7:b0:dc:3a:f1:
be:e9:70:71:03:82:8b:4c:4c:0d:68:33:90:ed:45:c8:49:2c:
8e:b1:07:e5:fa:b1:ae:7c:2d:96:20:02:33:09:ed:66:7f:2f:
df:ee:70:da:0e:f2:68:d4:0f:7e:5f:3f:e3:8b:f0:55:fa:b4:
a8:1b:7e:34:1b:4c:91:2b:0d:80:36:ac:f8:52:2f:0d:a0:00:
53:55:ff:f6:91:b9:32:bc:c3:2e:d3:fc:2b:13:14:cd:06:02:
e2:5d:ee:3b:95:db:fd:a6:9b:ee:82:fc:be:88:c8:80:ab:c5:
45:78:0a:2b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzFAIuDIsVB16wG3br+SCi5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMGZmOGFhZjc0NTMxMTQxNDcwMjhkNTRhZTFjNjkzYThh
MTQ3YmMwHhcNMjQwMTAxMTIyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjgyMmU4MjVmN2ZiNjRmZTEzZDY1YjA1MTIzZWFlN2EyMzA0MTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmE7tuPgwCEB/jRENrh3iKcgcx0U
utvMeeSpqTt1SO5Zq7yT1WOm0VQEOfvIh7NkM17nJnmmyv4eT7kMRV73ei8pLaVB
uWzZGdeZ8pVElLGQ2JziBlExQsXZULGK98YOKWz/BX5dGbb2bVXfxFSuSmZ4GjP/
3S1QwJuVLJ+CuyeC7rlmd7PrztzjM8aSIFDc6+D8BhLdnBG/BPyvSFzofm5NT7j4
2oZq2HKFkSHb1xn6tNXsAmtUAOLM4ITmYRyQA8yiAngVbhvuUGG5cgbTgMGzNJgs
4Gy0hWK8sv7k3asKh98tpAoNcgCB7aNd5YOUsEg+A8mj4nvXajzlDqOAzwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFC+CLoJff7ZP4T1lsFEj6ueiMEENMB8GA1UdIwQY
MBaAFF4P+Kr3RTEUFHAo1UrhxpOooUe8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGdfNHF2ZEZNUlFVY0NqVlN1SEdrNmloUjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9kZDZlMWQtYWJjOS00NzNiLWE5MWEt
ZDg3MjEzNzU2NDRhLzEvTDRJdWdsOV90a19oUFdXd1VTUHE1Nkl3UVEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9kZDZlMWQtYWJjOS00NzNiLWE5MWEtZDg3MjEzNzU2NDRh
LzEvWGdfNHF2ZEZNUlFVY0NqVlN1SEdrNmloUjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhKzwAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAbB5w4trAReehq3q6XcO0Rrw6/bGPbwNkBcTNK
S9qxF3E/KDcckFRJPzftdQUzaZOmIi5QmNYeZC1QF3rW0rc4TW3xv4sSRpLEkyew
KezmCkHoo6RHeBzIxjYPlmtL1LY75glQ5CEBODZa53pylO94QWCgM46n1IFjttZQ
7Gl8LNXErRGK75mCmVznx7DcOvG+6XBxA4KLTEwNaDOQ7UXISSyOsQfl+rGufC2W
IAIzCe1mfy/f7nDaDvJo1A9+Xz/ji/BV+rSoG340G0yRKw2ANqz4Ui8NoABTVf/2
kbkyvMMu0/wrExTNBgLiXe47ldv9ppvugvy+iMiAq8VFeAor
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:28:22 2025 by rpki-client