Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/c7b495-0119-4cf9-b0b2-d2060d3a4332/1/Z_q35vCGyWjCc0PpYQ2bvRCJC48.roa
File: Z_q35vCGyWjCc0PpYQ2bvRCJC48.roa (raw, json)
Hash identifier: T4Cvf2S/J+tJHOF8ggaTqxueuOb0GlU2N6XPsdN+8xA=
Subject key identifier: 67:FA:B7:E6:F0:86:C9:68:C2:73:43:E9:61:0D:9B:BD:10:89:0B:8F
Certificate issuer: /CN=2d5fe056f7677e43a6ef1aa1a0a05c07c4b4b65c
Certificate serial: 0193BA93B467F10A8DB697ABEAD55950E965
Authority key identifier: 2D:5F:E0:56:F7:67:7E:43:A6:EF:1A:A1:A0:A0:5C:07:C4:B4:B6:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LV_gVvdnfkOm7xqhoKBcB8S0tlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/c7b495-0119-4cf9-b0b2-d2060d3a4332/1/Z_q35vCGyWjCc0PpYQ2bvRCJC48.roa
Signing time: Thu 12 Dec 2024 11:14:22 +0000
ROA not before: Thu 12 Dec 2024 11:14:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5482
IP address blocks: 2a0b:5f00::/29 maxlen: 48
2a0b:5f04::/39 maxlen: 39
2a0b:5f04:1000::/39 maxlen: 39
2a0b:5f04:4000::/39 maxlen: 39
2a0b:5f04:5000::/39 maxlen: 39
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ba:93:b4:67:f1:0a:8d:b6:97:ab:ea:d5:59:50:e9:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d5fe056f7677e43a6ef1aa1a0a05c07c4b4b65c
Validity
Not Before: Dec 12 11:14:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67fab7e6f086c968c27343e9610d9bbd10890b8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ec:99:3c:b9:68:a7:59:e5:e5:18:39:00:87:
1a:a5:c1:ec:6b:ae:31:99:26:09:74:dd:f7:eb:bf:
a2:1e:b9:36:8f:77:b5:68:52:ed:c2:a4:ca:5b:6b:
58:0e:bb:2a:24:69:1c:f9:07:e9:bb:77:a8:ce:65:
2a:fa:6f:81:14:70:23:1f:8e:cc:41:85:71:40:8c:
74:a1:3f:56:ac:13:6c:b0:3e:5e:31:fd:86:a2:bc:
12:a7:49:8a:45:55:7f:51:d9:72:71:89:7c:a6:e3:
22:24:71:47:17:40:2d:27:72:60:84:23:c5:3b:c8:
31:21:13:30:21:ff:9d:88:e3:ca:af:9a:62:14:e5:
67:4a:cb:a1:6b:d0:37:08:c5:7c:da:d8:2f:d1:55:
1d:25:55:e7:e0:7f:1c:fc:75:69:fd:7d:8e:be:a3:
77:2f:2b:ad:54:6f:67:01:87:e5:6b:c1:04:f0:9d:
0c:2e:38:a8:39:0d:33:42:fe:5f:d6:a8:cd:86:9d:
59:7d:59:e8:39:4e:a3:1e:ee:f4:9c:71:15:27:69:
a1:ec:d9:c8:fc:73:0b:b1:8b:f7:f9:ab:4b:b2:25:
53:cf:bb:45:7d:52:ae:5b:38:b0:b4:0e:11:33:50:
65:1a:53:8f:c4:d6:54:2e:4c:ad:11:16:ec:af:19:
f5:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:FA:B7:E6:F0:86:C9:68:C2:73:43:E9:61:0D:9B:BD:10:89:0B:8F
X509v3 Authority Key Identifier:
keyid:2D:5F:E0:56:F7:67:7E:43:A6:EF:1A:A1:A0:A0:5C:07:C4:B4:B6:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LV_gVvdnfkOm7xqhoKBcB8S0tlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/c7b495-0119-4cf9-b0b2-d2060d3a4332/1/Z_q35vCGyWjCc0PpYQ2bvRCJC48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/c7b495-0119-4cf9-b0b2-d2060d3a4332/1/LV_gVvdnfkOm7xqhoKBcB8S0tlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:5f00::/29
Signature Algorithm: sha256WithRSAEncryption
37:e8:e4:f8:36:33:ef:e0:84:06:b9:18:17:c1:ef:7b:5a:44:
9d:78:ba:f4:e3:b0:bf:d7:66:a1:e1:cd:d1:ff:c7:ee:d7:d2:
c3:11:99:d9:c3:de:55:7b:42:c1:d1:f4:fb:05:4c:c0:3d:62:
e0:ba:4f:55:fd:0a:4e:2d:4c:69:93:b9:be:fc:c7:19:45:5e:
b4:52:fb:bc:ed:25:16:2c:e0:f9:b0:31:81:2d:cd:05:da:e0:
7f:5a:24:b9:f6:9d:c3:8a:86:b4:bd:71:9e:50:a4:66:e9:05:
01:5b:ad:43:43:4b:0f:a6:cf:9a:e7:cc:85:de:a2:00:57:11:
c4:d1:bd:66:12:a0:7e:80:87:4e:e9:21:9b:0d:4f:34:36:e4:
02:ed:3c:2e:92:1e:a3:2c:5c:1b:77:a2:e8:da:0e:b3:a5:d6:
98:1c:f8:79:aa:64:af:2b:6c:ec:66:25:7c:ba:70:25:0c:88:
40:19:99:5c:5a:e6:95:e5:15:53:55:c1:6a:b5:b8:79:3e:44:
e4:92:51:c9:7c:fe:13:c2:1b:af:3b:68:bd:99:6e:8f:b3:5b:
cf:b8:84:c6:b2:4b:79:a8:ff:1c:25:bf:f0:f7:1e:aa:b9:89:
f1:38:e7:e1:46:4d:84:ad:2b:cb:c1:12:ad:a3:89:b5:e6:cd:
1a:19:e5:46
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZO6k7Rn8QqNtper6tVZUOllMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkNWZlMDU2Zjc2NzdlNDNhNmVmMWFhMWEwYTA1YzA3YzRi
NGI2NWMwHhcNMjQxMjEyMTExNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2ZhYjdlNmYwODZjOTY4YzI3MzQzZTk2MTBkOWJiZDEwODkwYjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueyZPLlop1nl5Rg5AIcapcHsa64x
mSYJdN3367+iHrk2j3e1aFLtwqTKW2tYDrsqJGkc+Qfpu3eozmUq+m+BFHAjH47M
QYVxQIx0oT9WrBNssD5eMf2GorwSp0mKRVV/UdlycYl8puMiJHFHF0AtJ3JghCPF
O8gxIRMwIf+diOPKr5piFOVnSsuha9A3CMV82tgv0VUdJVXn4H8c/HVp/X2OvqN3
LyutVG9nAYfla8EE8J0MLjioOQ0zQv5f1qjNhp1ZfVnoOU6jHu70nHEVJ2mh7NnI
/HMLsYv3+atLsiVTz7tFfVKuWziwtA4RM1BlGlOPxNZULkytERbsrxn1nwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGf6t+bwhslownND6WENm70QiQuPMB8GA1UdIwQY
MBaAFC1f4Fb3Z35Dpu8aoaCgXAfEtLZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFZfZ1Z2ZG5ma09tN3hxaG9LQmNCOFMwdGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9jN2I0OTUtMDExOS00Y2Y5LWIwYjIt
ZDIwNjBkM2E0MzMyLzEvWl9xMzV2Q0d5V2pDYzBQcFlRMmJ2UkNKQzQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9jN2I0OTUtMDExOS00Y2Y5LWIwYjItZDIwNjBkM2E0MzMy
LzEvTFZfZ1Z2ZG5ma09tN3hxaG9LQmNCOFMwdGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgtfADAN
BgkqhkiG9w0BAQsFAAOCAQEAN+jk+DYz7+CEBrkYF8Hve1pEnXi69OOwv9dmoeHN
0f/H7tfSwxGZ2cPeVXtCwdH0+wVMwD1i4LpPVf0KTi1MaZO5vvzHGUVetFL7vO0l
Fizg+bAxgS3NBdrgf1okufadw4qGtL1xnlCkZukFAVutQ0NLD6bPmufMhd6iAFcR
xNG9ZhKgfoCHTukhmw1PNDbkAu08LpIeoyxcG3ei6NoOs6XWmBz4eapkryts7GYl
fLpwJQyIQBmZXFrmleUVU1XBarW4eT5E5JJRyXz+E8IbrztovZluj7Nbz7iExrJL
eaj/HCW/8PceqrmJ8Tjn4UZNhK0ry8ESraOJtebNGhnlRg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:13:33 2025 by rpki-client