Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/50e780-eca7-458e-b6aa-9dbc35672329/1/PldTJ-omMrl7jDHPqeVFBXpdWtE.roa
File: PldTJ-omMrl7jDHPqeVFBXpdWtE.roa (raw, json)
Hash identifier: AbyZtcXsgejDVbbCgCLGzgfsMzRuhBBJ8NK/gdxiMEo=
Subject key identifier: 3E:57:53:27:EA:26:32:B9:7B:8C:31:CF:A9:E5:45:05:7A:5D:5A:D1
Certificate issuer: /CN=ca329ced8efb41f3b4a2078d94bbb0a3aab4fb02
Certificate serial: 01951ECE2AA6D9C06DBA3B5C1492AB73AB88
Authority key identifier: CA:32:9C:ED:8E:FB:41:F3:B4:A2:07:8D:94:BB:B0:A3:AA:B4:FB:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yjKc7Y77QfO0ogeNlLuwo6q0-wI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/50e780-eca7-458e-b6aa-9dbc35672329/1/PldTJ-omMrl7jDHPqeVFBXpdWtE.roa
Signing time: Wed 19 Feb 2025 15:23:02 +0000
ROA not before: Wed 19 Feb 2025 15:23:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211055
IP address blocks: 2a11:3400::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 07 Mar 2025 09:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1e:ce:2a:a6:d9:c0:6d:ba:3b:5c:14:92:ab:73:ab:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca329ced8efb41f3b4a2078d94bbb0a3aab4fb02
Validity
Not Before: Feb 19 15:23:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e575327ea2632b97b8c31cfa9e545057a5d5ad1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:8e:45:68:20:84:c2:24:a4:c6:e5:06:42:73:
d6:30:f2:13:0c:6b:8e:7b:6c:9f:21:88:5c:62:e4:
9a:fb:f3:02:61:29:e4:f2:3c:63:d0:e4:0f:fa:9f:
71:2d:20:d6:94:08:d4:24:9f:95:92:f6:54:08:5c:
56:66:57:77:31:b0:d5:9f:cb:8b:de:73:0f:d5:53:
f8:5d:51:66:90:38:e6:f6:80:cc:f1:7f:18:b9:0c:
fc:a8:8f:4c:81:3f:45:f2:61:df:94:de:62:3f:b6:
69:9a:c1:e4:b4:cf:10:67:5c:69:87:68:aa:c7:88:
a6:b0:41:a7:cc:06:d9:70:74:61:d2:f0:e0:ea:eb:
ba:9b:7d:f9:ea:f5:2b:97:b6:4c:fa:26:2d:ac:21:
3b:86:32:00:21:f8:3b:8c:b7:61:e7:46:44:6c:e6:
cb:73:0d:64:3e:4e:ad:33:11:97:58:6b:d0:d1:fc:
2d:19:ad:5c:59:f3:40:0e:73:19:8b:47:d9:6b:2a:
0a:b0:2f:b4:cf:13:00:1d:80:bd:a9:43:a3:c9:cf:
d8:f5:f4:a3:ef:96:6b:07:82:bd:be:8a:02:a5:a8:
ac:f9:9a:ff:7b:08:ad:90:7b:3c:81:c9:2d:bb:22:
10:04:0c:4c:8a:ff:84:67:7a:7d:3a:43:4b:1f:c1:
24:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:57:53:27:EA:26:32:B9:7B:8C:31:CF:A9:E5:45:05:7A:5D:5A:D1
X509v3 Authority Key Identifier:
keyid:CA:32:9C:ED:8E:FB:41:F3:B4:A2:07:8D:94:BB:B0:A3:AA:B4:FB:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjKc7Y77QfO0ogeNlLuwo6q0-wI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/50e780-eca7-458e-b6aa-9dbc35672329/1/PldTJ-omMrl7jDHPqeVFBXpdWtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/50e780-eca7-458e-b6aa-9dbc35672329/1/yjKc7Y77QfO0ogeNlLuwo6q0-wI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:3400::/29
Signature Algorithm: sha256WithRSAEncryption
46:d6:fd:44:01:8e:5c:27:66:ab:83:75:01:db:98:14:27:e8:
b4:80:85:a0:f1:f6:31:09:39:15:1e:29:24:1f:fd:86:b8:d3:
c8:10:54:6e:40:7c:d1:82:43:b4:f0:fe:41:5d:84:62:7e:1d:
dd:6e:91:2c:3a:37:4b:02:26:31:e7:b2:f6:94:da:b7:38:5a:
0d:11:ae:45:66:9e:f5:8e:70:ea:14:4d:43:ad:e2:de:70:e9:
5b:e5:d0:60:bc:32:64:14:82:42:bf:92:d4:60:15:97:3c:ce:
c8:37:5b:7f:2e:37:fd:9c:e5:f9:f7:7a:fc:4f:ae:d0:e3:e2:
7c:08:13:48:4c:43:f1:d5:1f:f6:6c:20:5d:ab:71:c6:0e:4b:
34:09:f0:6a:15:97:e3:0c:08:ee:6a:33:23:d8:12:ff:cc:b1:
dc:35:89:eb:ef:14:0b:84:2a:1b:7c:80:8e:f7:44:26:a4:2d:
b4:13:c4:53:00:10:08:d3:54:59:f0:24:2f:d7:23:35:9c:92:
86:d4:ad:67:3a:4a:09:6e:e9:00:65:b4:dc:a0:eb:ce:1d:54:
b2:eb:92:60:03:a5:fb:1c:25:cc:ed:f3:b9:41:85:c6:33:c2:
27:ae:fc:5c:b3:a6:2d:9f:53:08:22:05:48:0c:b5:89:2b:c4:
e3:3e:91:77
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZUeziqm2cBtujtcFJKrc6uIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMzI5Y2VkOGVmYjQxZjNiNGEyMDc4ZDk0YmJiMGEzYWFi
NGZiMDIwHhcNMjUwMjE5MTUyMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTU3NTMyN2VhMjYzMmI5N2I4YzMxY2ZhOWU1NDUwNTdhNWQ1YWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyI5FaCCEwiSkxuUGQnPWMPITDGuO
e2yfIYhcYuSa+/MCYSnk8jxj0OQP+p9xLSDWlAjUJJ+VkvZUCFxWZld3MbDVn8uL
3nMP1VP4XVFmkDjm9oDM8X8YuQz8qI9MgT9F8mHflN5iP7ZpmsHktM8QZ1xph2iq
x4imsEGnzAbZcHRh0vDg6uu6m3356vUrl7ZM+iYtrCE7hjIAIfg7jLdh50ZEbObL
cw1kPk6tMxGXWGvQ0fwtGa1cWfNADnMZi0fZayoKsC+0zxMAHYC9qUOjyc/Y9fSj
75ZrB4K9vooCpais+Zr/ewitkHs8gcktuyIQBAxMiv+EZ3p9OkNLH8Ek9QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFD5XUyfqJjK5e4wxz6nlRQV6XVrRMB8GA1UdIwQY
MBaAFMoynO2O+0HztKIHjZS7sKOqtPsCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWpLYzdZNzdRZk8wb2dlTmxMdXdvNnEwLXdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My81MGU3ODAtZWNhNy00NThlLWI2YWEt
OWRiYzM1NjcyMzI5LzEvUGxkVEotb21Ncmw3akRIUHFlVkZCWHBkV3RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My81MGU3ODAtZWNhNy00NThlLWI2YWEtOWRiYzM1NjcyMzI5
LzEveWpLYzdZNzdRZk8wb2dlTmxMdXdvNnEwLXdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhE0ADAN
BgkqhkiG9w0BAQsFAAOCAQEARtb9RAGOXCdmq4N1AduYFCfotICFoPH2MQk5FR4p
JB/9hrjTyBBUbkB80YJDtPD+QV2EYn4d3W6RLDo3SwImMeey9pTatzhaDRGuRWae
9Y5w6hRNQ63i3nDpW+XQYLwyZBSCQr+S1GAVlzzOyDdbfy43/Zzl+fd6/E+u0OPi
fAgTSExD8dUf9mwgXatxxg5LNAnwahWX4wwI7mozI9gS/8yx3DWJ6+8UC4QqG3yA
jvdEJqQttBPEUwAQCNNUWfAkL9cjNZyShtStZzpKCW7pAGW03KDrzh1UsuuSYAOl
+xwlzO3zuUGFxjPCJ678XLOmLZ9TCCIFSAy1iSvE4z6Rdw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 21:18:15 2025 by rpki-client