Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/8331e0-e8ab-4a6e-92b7-8a96f03bc617/1/l2TLxjbG7GklW5ajDzDVwwzfk_k.roa
File: l2TLxjbG7GklW5ajDzDVwwzfk_k.roa (raw, json)
Hash identifier: Wqwcc0cl/Wnkxe8vviIMVPeWOpvn98D6DKZZRDGefxk=
Subject key identifier: 97:64:CB:C6:36:C6:EC:69:25:5B:96:A3:0F:30:D5:C3:0C:DF:93:F9
Certificate issuer: /CN=baa7ed08b8e9e8eef5f83e3ccb26745f8b3885e7
Certificate serial: 0194F9519BC8A473DCE99CAD07848FD6D683
Authority key identifier: BA:A7:ED:08:B8:E9:E8:EE:F5:F8:3E:3C:CB:26:74:5F:8B:38:85:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqftCLjp6O71-D48yyZ0X4s4hec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/8331e0-e8ab-4a6e-92b7-8a96f03bc617/1/l2TLxjbG7GklW5ajDzDVwwzfk_k.roa
Signing time: Wed 12 Feb 2025 08:41:02 +0000
ROA not before: Wed 12 Feb 2025 08:41:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13283
IP address blocks: 2a06:d581:1000::/36 maxlen: 36
2a06:d581:1000::/37 maxlen: 37
2a06:d581:1800::/37 maxlen: 37
Validation: Failed, certificate revoked on Fri 21 Feb 2025 08:07:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f9:51:9b:c8:a4:73:dc:e9:9c:ad:07:84:8f:d6:d6:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa7ed08b8e9e8eef5f83e3ccb26745f8b3885e7
Validity
Not Before: Feb 12 08:41:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9764cbc636c6ec69255b96a30f30d5c30cdf93f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:78:9e:5b:6f:d3:10:61:af:5e:3d:c5:63:60:
a0:85:3a:14:52:c9:01:8d:71:76:2f:fd:dd:6b:f8:
0d:44:40:bd:ff:f0:20:f4:ae:c4:08:65:48:ca:09:
83:1e:42:13:b8:4f:85:f0:a2:01:d5:5c:95:f2:31:
25:e1:95:48:33:c3:68:dc:de:d2:da:7b:c7:31:2a:
fa:52:44:86:fe:fe:3b:69:0b:0a:a1:90:a1:23:7e:
97:88:b5:ad:7e:36:c4:de:df:58:8a:95:9f:ba:a6:
e6:0c:6f:32:33:2b:e8:db:38:47:c0:25:0b:ff:2f:
6d:14:3e:ec:34:46:23:48:f7:9a:0c:ee:40:d1:b0:
20:e2:63:3f:4a:eb:6c:3c:cc:ff:4b:fa:2e:c3:3d:
45:fa:6c:30:c0:0a:89:33:7e:30:f2:f3:0d:3e:b3:
e8:c7:ee:72:83:b3:fe:ca:0a:fb:1a:4d:f8:8f:3a:
fb:54:93:6b:b5:b6:0b:00:fe:22:a3:67:29:cd:29:
c0:50:0f:bf:09:a3:18:00:89:32:f9:db:90:b3:cc:
39:89:cd:c4:99:fe:81:3b:bb:9c:0c:81:14:c4:f3:
c1:55:38:c6:c7:3f:02:1b:2d:5a:e1:c6:ff:7f:16:
68:53:e9:f8:77:97:17:0f:a0:97:8b:00:5d:5a:fa:
1e:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:64:CB:C6:36:C6:EC:69:25:5B:96:A3:0F:30:D5:C3:0C:DF:93:F9
X509v3 Authority Key Identifier:
keyid:BA:A7:ED:08:B8:E9:E8:EE:F5:F8:3E:3C:CB:26:74:5F:8B:38:85:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqftCLjp6O71-D48yyZ0X4s4hec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8331e0-e8ab-4a6e-92b7-8a96f03bc617/1/l2TLxjbG7GklW5ajDzDVwwzfk_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8331e0-e8ab-4a6e-92b7-8a96f03bc617/1/uqftCLjp6O71-D48yyZ0X4s4hec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:d581:1000::/36
Signature Algorithm: sha256WithRSAEncryption
44:ef:35:2c:8a:a1:df:b8:c8:dd:5e:d5:7e:fa:ca:5d:62:34:
58:9a:bc:21:77:1a:6e:1c:28:dc:fe:cc:31:b6:8b:9e:5f:75:
8e:c1:6b:3b:ee:ab:f9:51:76:98:75:b5:48:60:63:c9:0f:91:
02:42:d4:fc:a1:9c:f3:ac:99:3e:59:27:ed:12:b4:ed:a7:d6:
c5:bb:e0:91:e4:9e:ef:c0:be:01:0b:62:9b:2c:0a:a2:6f:26:
08:f8:1c:31:48:27:98:19:b8:a0:6c:04:52:1e:4d:97:b0:27:
fb:6b:c8:1f:39:81:07:d8:03:62:e8:de:9d:26:16:c5:03:b9:
20:d3:2d:86:a7:48:3f:e4:21:41:92:b9:89:c9:96:a2:37:2f:
81:4f:ec:02:e1:64:b3:b6:04:bd:35:ce:31:22:a9:00:79:5a:
df:de:38:e1:a6:60:2c:e0:d1:b6:a2:64:77:f3:16:9f:69:35:
ee:28:b1:3d:b8:c1:e2:ff:57:bc:bf:08:3f:07:39:e2:32:23:
ef:f1:82:cd:9c:ad:e4:3d:bb:a9:7e:65:13:3a:a1:d4:d5:75:
01:23:83:c1:f9:0c:c4:34:cc:65:ec:a1:d7:ca:dd:89:49:c7:
ec:44:e0:70:c3:5e:58:97:3c:ee:0d:45:4d:fa:c0:38:15:4e:
86:5c:45:c8
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZT5UZvIpHPc6ZytB4SP1taDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTdlZDA4YjhlOWU4ZWVmNWY4M2UzY2NiMjY3NDVmOGIz
ODg1ZTcwHhcNMjUwMjEyMDg0MTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzY0Y2JjNjM2YzZlYzY5MjU1Yjk2YTMwZjMwZDVjMzBjZGY5M2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2nieW2/TEGGvXj3FY2CghToUUskB
jXF2L/3da/gNREC9//Ag9K7ECGVIygmDHkITuE+F8KIB1VyV8jEl4ZVIM8No3N7S
2nvHMSr6UkSG/v47aQsKoZChI36XiLWtfjbE3t9YipWfuqbmDG8yMyvo2zhHwCUL
/y9tFD7sNEYjSPeaDO5A0bAg4mM/SutsPMz/S/ouwz1F+mwwwAqJM34w8vMNPrPo
x+5yg7P+ygr7Gk34jzr7VJNrtbYLAP4io2cpzSnAUA+/CaMYAIky+duQs8w5ic3E
mf6BO7ucDIEUxPPBVTjGxz8CGy1a4cb/fxZoU+n4d5cXD6CXiwBdWvoebwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJdky8Y2xuxpJVuWow8w1cMM35P5MB8GA1UdIwQY
MBaAFLqn7Qi46eju9fg+PMsmdF+LOIXnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFmdENManA2TzcxLUQ0OHl5WjBYNHM0aGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84MzMxZTAtZThhYi00YTZlLTkyYjct
OGE5NmYwM2JjNjE3LzEvbDJUTHhqYkc3R2tsVzVhakR6RFZ3d3pma19rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84MzMxZTAtZThhYi00YTZlLTkyYjctOGE5NmYwM2JjNjE3
LzEvdXFmdENManA2TzcxLUQ0OHl5WjBYNHM0aGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgbVgRAw
DQYJKoZIhvcNAQELBQADggEBAETvNSyKod+4yN1e1X76yl1iNFiavCF3Gm4cKNz+
zDG2i55fdY7Bazvuq/lRdph1tUhgY8kPkQJC1PyhnPOsmT5ZJ+0StO2n1sW74JHk
nu/AvgELYpssCqJvJgj4HDFIJ5gZuKBsBFIeTZewJ/tryB85gQfYA2Lo3p0mFsUD
uSDTLYanSD/kIUGSuYnJlqI3L4FP7ALhZLO2BL01zjEiqQB5Wt/eOOGmYCzg0bai
ZHfzFp9pNe4osT24weL/V7y/CD8HOeIyI+/xgs2creQ9u6l+ZRM6odTVdQEjg8H5
DMQ0zGXsodfK3YlJx+xE4HDDXliXPO4NRU36wDgVToZcRcg=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:11:19 2025 by rpki-client