Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/li_xee7nYJLkhbkJ7qT-5-xRZi8.roa
File: li_xee7nYJLkhbkJ7qT-5-xRZi8.roa (raw, json)
Hash identifier: jfdv6ZsLltFnZgO1MnOSkaGLDNLiSRn+nnn2m8+dyW4=
Subject key identifier: 96:2F:F1:79:EE:E7:60:92:E4:85:B9:09:EE:A4:FE:E7:EC:51:66:2F
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018D89498EDCC5EE66BD47F86AC826D200B0
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/li_xee7nYJLkhbkJ7qT-5-xRZi8.roa
Signing time: Thu 08 Feb 2024 15:15:15 +0000
ROA not before: Thu 08 Feb 2024 15:15:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1239
IP address blocks: 2a0b:3c40:10::/48 maxlen: 48
2a0c:9e06::/32 maxlen: 32
2a0e:a944::/32 maxlen: 32
2a0e:a945::/32 maxlen: 32
2a0e:a946::/32 maxlen: 32
2a0e:a947::/32 maxlen: 32
2a0f:3b80::/32 maxlen: 32
2a0f:3b81::/32 maxlen: 32
2a0f:3b82::/32 maxlen: 32
2a0f:3b83::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:89:49:8e:dc:c5:ee:66:bd:47:f8:6a:c8:26:d2:00:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Feb 8 15:15:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=962ff179eee76092e485b909eea4fee7ec51662f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:33:d9:7a:1b:c7:e0:db:e6:10:b9:5f:91:b4:
e4:c4:bb:0d:10:cb:68:06:2a:de:1f:ab:b8:fd:82:
39:ef:93:24:91:b6:83:32:f1:a3:a9:23:43:a6:17:
5f:bf:b5:18:2f:85:16:8a:2d:bb:d7:a9:1d:07:82:
41:68:bd:d4:46:65:f3:85:2b:83:bd:a5:8d:f5:b0:
f9:58:25:cc:3f:5d:be:59:f0:b3:c9:0e:ee:01:11:
50:37:00:67:90:f0:8c:ad:9f:0d:97:46:7a:0d:1c:
58:ba:5a:47:d2:f0:19:75:a7:20:5e:e8:6b:50:67:
08:4b:df:4d:9d:82:36:8c:40:90:71:bc:71:2f:c5:
19:8e:0a:6a:ef:e5:3f:27:52:e3:62:77:db:22:f1:
c3:5a:b8:2b:02:4a:43:77:52:59:38:5b:f4:84:e8:
a9:db:41:d9:da:61:05:2e:f5:36:45:5e:ec:a0:c0:
2f:1a:5c:a1:b5:73:aa:db:ad:63:17:59:71:7e:9e:
9b:ee:3c:a4:a0:0a:2c:ff:08:f6:00:7c:a4:e4:16:
9e:0c:6d:40:23:4e:0f:ba:b2:37:fa:3f:3f:9e:ab:
d0:e4:d8:e4:8e:ef:71:01:52:23:f8:30:05:86:3a:
9f:9e:4e:55:88:e3:d1:3b:47:7e:2f:03:2e:17:a8:
a0:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:2F:F1:79:EE:E7:60:92:E4:85:B9:09:EE:A4:FE:E7:EC:51:66:2F
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/li_xee7nYJLkhbkJ7qT-5-xRZi8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:3c40:10::/48
2a0c:9e06::/32
2a0e:a944::/30
2a0f:3b80::/30
Signature Algorithm: sha256WithRSAEncryption
55:2d:1c:cd:23:bc:5a:8b:f4:67:c6:b5:53:22:fb:8d:34:0b:
4a:c5:06:de:d9:df:5b:f7:38:e0:e1:22:52:10:1f:9a:16:42:
c5:e6:2e:e8:63:9b:c2:2a:bd:06:8b:5b:27:6d:3e:43:1e:15:
2d:d9:13:b6:55:6d:b6:8e:01:2b:ef:07:ee:a4:6b:a2:2e:b1:
da:09:d1:cd:2d:6c:d9:81:45:69:d8:5b:e1:3e:1b:c9:c5:57:
4b:cd:5c:31:00:07:40:b7:c8:26:ec:32:02:ae:b2:f1:72:0c:
c6:78:8c:a2:f8:d1:c2:ff:a7:ba:ae:c7:13:a0:39:0f:77:19:
3e:be:dd:e6:99:0d:32:98:7e:1f:e6:05:5b:18:52:4d:6c:4b:
a3:60:34:ba:95:1e:50:30:bc:59:d7:50:6f:49:f9:35:7f:82:
a4:0d:8a:7a:aa:0e:1c:bf:b1:c1:91:0d:a5:61:37:6b:dd:a6:
54:e3:ae:88:2f:2c:82:b2:78:90:e7:10:a3:90:b0:a5:09:e6:
3d:f6:77:a0:0c:b9:fc:a9:bf:b3:3d:2c:78:24:7f:71:fb:36:
e1:5f:fc:81:1c:cd:02:3c:1d:ef:15:83:28:16:63:86:c8:f7:
1a:19:18:96:27:57:3a:84:b4:7a:2e:b7:61:93:c3:48:83:11:
a5:e6:66:2b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY2JSY7cxe5mvUf4asgm0gCwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjQwMjA4MTUxNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjJmZjE3OWVlZTc2MDkyZTQ4NWI5MDllZWE0ZmVlN2VjNTE2NjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjPZehvH4NvmELlfkbTkxLsNEMto
BireH6u4/YI575MkkbaDMvGjqSNDphdfv7UYL4UWii2716kdB4JBaL3URmXzhSuD
vaWN9bD5WCXMP12+WfCzyQ7uARFQNwBnkPCMrZ8Nl0Z6DRxYulpH0vAZdacgXuhr
UGcIS99NnYI2jECQcbxxL8UZjgpq7+U/J1LjYnfbIvHDWrgrAkpDd1JZOFv0hOip
20HZ2mEFLvU2RV7soMAvGlyhtXOq261jF1lxfp6b7jykoAos/wj2AHyk5BaeDG1A
I04PurI3+j8/nqvQ5Njkju9xAVIj+DAFhjqfnk5ViOPRO0d+LwMuF6igzQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJYv8Xnu52CS5IW5Ce6k/ufsUWYvMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvbGlfeGVlN25ZSkxraGJrSjdxVC01LXhSWmk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAAjAeAwcAKgs8QAAQ
AwUAKgyeBgMFAioOqUQDBQIqDzuAMA0GCSqGSIb3DQEBCwUAA4IBAQBVLRzNI7xa
i/RnxrVTIvuNNAtKxQbe2d9b9zjg4SJSEB+aFkLF5i7oY5vCKr0Gi1snbT5DHhUt
2RO2VW22jgEr7wfupGuiLrHaCdHNLWzZgUVp2FvhPhvJxVdLzVwxAAdAt8gm7DIC
rrLxcgzGeIyi+NHC/6e6rscToDkPdxk+vt3mmQ0ymH4f5gVbGFJNbEujYDS6lR5Q
MLxZ11BvSfk1f4KkDYp6qg4cv7HBkQ2lYTdr3aZU466ILyyCsniQ5xCjkLClCeY9
9negDLn8qb+zPSx4JH9x+zbhX/yBHM0CPB3vFYMoFmOGyPcaGRiWJ1c6hLR6Lrdh
k8NIgxGl5mYr
-----END CERTIFICATE-----
Generated at Fri Apr 11 15:08:45 2025 by rpki-client