Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/XctsErQr6PeKjwN1aoxEDTW-feI.roa
File: XctsErQr6PeKjwN1aoxEDTW-feI.roa (raw, json)
Hash identifier: DMMMwn8rVwJMBddQHF7ZVHmv0UzigSDCaI81vBkpsOY=
Subject key identifier: 5D:CB:6C:12:B4:2B:E8:F7:8A:8F:03:75:6A:8C:44:0D:35:BE:7D:E2
Certificate issuer: /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial: 0194244599F355E47D446137D82FE9F4B775
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/XctsErQr6PeKjwN1aoxEDTW-feI.roa
Signing time: Wed 01 Jan 2025 23:48:48 +0000
ROA not before: Wed 01 Jan 2025 23:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215330
IP address blocks: 2a05:4140:49::/48 maxlen: 48
2a05:4140:2500::/40 maxlen: 48
2a05:4140:2600::/40 maxlen: 48
2a05:4140:2700::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 07 Jan 2025 17:40:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:99:f3:55:e4:7d:44:61:37:d8:2f:e9:f4:b7:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Validity
Not Before: Jan 1 23:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5dcb6c12b42be8f78a8f03756a8c440d35be7de2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:07:4b:ec:78:10:74:64:49:d9:3c:3a:e5:af:
cc:27:91:df:a3:f3:0a:9c:c5:5e:4d:f8:f7:fe:74:
8e:2c:08:39:0a:a8:07:2f:52:c4:17:41:d9:9b:6d:
8c:d8:4b:5b:22:9a:46:61:d5:10:10:a9:b5:e5:d5:
ed:12:89:72:ae:2d:84:62:9e:20:cd:7a:01:24:30:
22:b1:a2:5d:ee:92:c9:6d:17:53:a9:4d:a6:20:0d:
4f:5a:3a:36:0e:d8:d0:27:27:e4:d6:ab:ef:bd:fb:
2d:09:60:94:ff:c8:77:82:28:40:de:9b:ec:f0:18:
c9:d5:32:e8:df:59:85:44:28:5b:47:c7:c2:04:97:
8d:28:b9:fd:bf:96:8c:0b:82:47:d4:05:1f:d4:d3:
77:73:11:d1:01:c9:08:fb:c5:ca:44:5a:e1:60:d2:
3d:10:77:bc:38:dc:01:86:d5:a2:77:d1:28:26:05:
0a:d2:ca:87:17:47:9a:59:74:69:63:bf:c9:e0:05:
b7:e6:ee:ef:47:64:4a:b2:d7:79:d8:c2:d7:46:42:
42:a3:88:48:9a:6f:ba:14:ac:fa:12:c1:a5:79:71:
ba:e7:3e:b6:ae:7e:cd:c9:55:71:2d:b0:45:7c:36:
8d:ca:2f:85:f4:52:a1:e7:5b:2a:23:df:59:c5:fc:
94:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:CB:6C:12:B4:2B:E8:F7:8A:8F:03:75:6A:8C:44:0D:35:BE:7D:E2
X509v3 Authority Key Identifier:
keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/XctsErQr6PeKjwN1aoxEDTW-feI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:4140:49::/48
2a05:4140:2500::-2a05:4140:27ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
43:e1:82:4d:78:02:80:ee:1a:4f:f0:bb:9a:9e:58:e2:03:00:
e9:50:0f:14:48:38:3e:70:05:81:ca:e5:1c:5c:a9:85:ef:bb:
e6:68:ca:d9:aa:7f:40:14:04:79:dd:80:e8:c6:05:1b:e7:44:
8e:c5:21:ec:a6:e9:2e:3f:04:90:3c:21:ad:98:c6:22:51:9a:
a5:db:5f:5f:3d:10:da:cf:95:42:a2:c2:1b:b0:4f:45:51:3b:
d9:f7:8d:ea:64:a9:31:ce:5c:12:f7:b0:3a:8b:a7:92:03:ce:
2b:29:22:3d:5b:2c:90:f8:7a:91:64:10:fe:21:5a:23:a0:14:
21:dd:4b:26:03:09:57:bd:7a:02:57:19:bb:12:6b:a2:71:ba:
65:a6:57:69:5e:0a:cc:86:ee:1d:5d:10:08:8b:6c:a6:cc:d0:
63:07:c1:37:b4:3c:0b:ee:31:1f:ba:ca:48:aa:fd:e3:b4:f0:
bf:ac:8e:eb:85:14:0e:ee:75:ec:31:03:4d:c4:b2:dc:42:36:
a8:4d:f6:11:c0:e8:a2:c9:49:6c:c5:1c:0a:a4:b3:54:bc:52:
76:c3:ba:08:ca:8c:40:cb:42:6e:f7:3c:65:97:df:63:49:7b:
7a:b5:b9:be:8a:78:c1:20:3d:fa:a2:fe:0e:fd:03:f7:60:ee:
60:7e:26:79
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQkRZnzVeR9RGE32C/p9Ld1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjUwMTAxMjM0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGNiNmMxMmI0MmJlOGY3OGE4ZjAzNzU2YThjNDQwZDM1YmU3ZGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAdL7HgQdGRJ2Tw65a/MJ5Hfo/MK
nMVeTfj3/nSOLAg5CqgHL1LEF0HZm22M2EtbIppGYdUQEKm15dXtEolyri2EYp4g
zXoBJDAisaJd7pLJbRdTqU2mIA1PWjo2DtjQJyfk1qvvvfstCWCU/8h3gihA3pvs
8BjJ1TLo31mFRChbR8fCBJeNKLn9v5aMC4JH1AUf1NN3cxHRAckI+8XKRFrhYNI9
EHe8ONwBhtWid9EoJgUK0sqHF0eaWXRpY7/J4AW35u7vR2RKstd52MLXRkJCo4hI
mm+6FKz6EsGleXG65z62rn7NyVVxLbBFfDaNyi+F9FKh51sqI99ZxfyUVQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFF3LbBK0K+j3io8DdWqMRA01vn3iMB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvWGN0c0VyUXI2UGVLandOMWFveEVEVFctZmVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgVBQABJ
MBADBgAqBUFAJQMGAyoFQUAgMA0GCSqGSIb3DQEBCwUAA4IBAQBD4YJNeAKA7hpP
8LuanljiAwDpUA8USDg+cAWByuUcXKmF77vmaMrZqn9AFAR53YDoxgUb50SOxSHs
pukuPwSQPCGtmMYiUZql219fPRDaz5VCosIbsE9FUTvZ943qZKkxzlwS97A6i6eS
A84rKSI9WyyQ+HqRZBD+IVojoBQh3UsmAwlXvXoCVxm7EmuicbplpldpXgrMhu4d
XRAIi2ymzNBjB8E3tDwL7jEfuspIqv3jtPC/rI7rhRQO7nXsMQNNxLLcQjaoTfYR
wOiiyUlsxRwKpLNUvFJ2w7oIyoxAy0Ju9zxll99jSXt6tbm+injBID36ov4O/QP3
YO5gfiZ5
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:11:29 2025 by rpki-client