Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/2ad4fa-bd7b-407e-b25a-df7410b2d275/1/iQ2__D1SyJzADiNoPhNQeVPB_Yc.roa
File: iQ2__D1SyJzADiNoPhNQeVPB_Yc.roa (raw, json)
Hash identifier: lqkyJ6zmIlECmWU1azb1X4DpUQDDVZ+y9VrQ0kNoEpE=
Subject key identifier: 89:0D:BF:FC:3D:52:C8:9C:C0:0E:23:68:3E:13:50:79:53:C1:FD:87
Certificate issuer: /CN=3eabe028f3be7ee072885d02bbd7b62a652425ef
Certificate serial: 01941FFA0AE0DD6ABA4CEBF1716F7CC89183
Authority key identifier: 3E:AB:E0:28:F3:BE:7E:E0:72:88:5D:02:BB:D7:B6:2A:65:24:25:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PqvgKPO-fuByiF0Cu9e2KmUkJe8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/2ad4fa-bd7b-407e-b25a-df7410b2d275/1/iQ2__D1SyJzADiNoPhNQeVPB_Yc.roa
Signing time: Wed 01 Jan 2025 03:47:47 +0000
ROA not before: Wed 01 Jan 2025 03:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210414
IP address blocks: 2a12:a080::/29 maxlen: 48
Validation: Failed, certificate revoked on Sun 09 Mar 2025 23:47:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:0a:e0:dd:6a:ba:4c:eb:f1:71:6f:7c:c8:91:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eabe028f3be7ee072885d02bbd7b62a652425ef
Validity
Not Before: Jan 1 03:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=890dbffc3d52c89cc00e23683e13507953c1fd87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a3:36:13:9c:14:bf:a6:9b:8a:b9:25:a0:77:
49:5b:60:d7:99:6e:da:d9:66:e6:2e:28:1f:86:cb:
86:aa:79:5e:22:b3:3b:e4:4f:2c:23:51:86:9e:1c:
31:f2:ba:9b:f8:bb:72:d1:1a:ca:85:9d:a0:81:b8:
e1:69:48:f4:24:3a:1b:13:de:57:08:8a:eb:a4:3e:
d2:d0:de:2c:32:a0:5a:56:96:cd:93:8e:05:d1:7c:
f1:5a:b4:c4:a9:51:0d:28:ae:7d:cb:8e:74:5b:8a:
9e:3a:9e:91:bb:85:3e:d3:04:af:d6:24:8b:fe:44:
75:cd:27:3f:68:55:97:d5:34:74:3d:ec:5b:9f:65:
04:88:24:89:35:89:6a:dd:21:ce:0b:82:bc:e3:a8:
28:0f:37:de:73:0b:32:e1:0b:00:44:c3:87:22:41:
c1:55:4c:ce:d2:60:37:3f:1b:92:49:9e:ce:3f:a8:
29:9d:52:09:cc:b3:d7:5a:48:d1:cf:eb:99:f0:27:
cd:00:57:a8:ac:a6:14:f7:59:b2:73:40:1c:e7:18:
a0:ea:1b:77:26:13:64:80:2d:3e:1f:ae:20:02:40:
db:89:91:66:42:97:e5:9f:f3:95:eb:ad:fa:f5:f6:
ed:47:77:66:71:c0:7a:7f:02:94:02:ba:9c:00:d7:
8c:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:0D:BF:FC:3D:52:C8:9C:C0:0E:23:68:3E:13:50:79:53:C1:FD:87
X509v3 Authority Key Identifier:
keyid:3E:AB:E0:28:F3:BE:7E:E0:72:88:5D:02:BB:D7:B6:2A:65:24:25:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PqvgKPO-fuByiF0Cu9e2KmUkJe8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/2ad4fa-bd7b-407e-b25a-df7410b2d275/1/iQ2__D1SyJzADiNoPhNQeVPB_Yc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/2ad4fa-bd7b-407e-b25a-df7410b2d275/1/PqvgKPO-fuByiF0Cu9e2KmUkJe8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:a080::/29
Signature Algorithm: sha256WithRSAEncryption
69:54:eb:b9:b3:3a:d5:f3:96:11:77:85:f4:f4:de:af:a0:e0:
e0:b3:b8:81:66:2f:b1:7b:07:e5:78:48:d8:ba:48:5f:5f:8b:
15:db:6b:da:27:30:41:25:f1:ff:b1:bf:6e:7b:85:82:69:f1:
18:96:15:b4:af:e3:e8:6a:83:2c:e5:f0:70:80:8c:a8:dd:b8:
81:9f:bf:65:2c:81:95:47:dd:e2:f5:d5:7a:cb:e4:ff:b1:de:
07:f5:f3:8d:1d:c4:28:0f:4b:ef:f7:f7:2b:9f:76:51:13:72:
22:3b:a4:e9:3d:ea:73:b8:04:45:65:af:27:13:ce:32:12:25:
4b:02:bd:7a:f9:5c:e5:25:1b:ce:4e:06:c2:ac:cc:88:16:ac:
b2:8a:f8:01:da:b2:91:f7:22:29:84:fd:23:b9:e1:d2:9f:2c:
f1:78:3f:c6:f1:e7:c0:77:dd:76:de:d9:6c:b6:b7:e3:ba:0e:
a3:55:e0:d7:da:8a:5a:84:73:42:f1:22:fe:07:be:95:43:80:
81:bb:8e:57:39:95:2c:95:aa:73:5a:ad:21:a1:b0:7a:fb:9e:
c5:1f:ef:00:80:76:68:0d:5a:30:bd:ce:ff:96:3f:a5:fc:7b:
75:e0:37:4e:0b:f5:ba:8a:9e:03:1f:52:bf:54:db:37:77:1a:
b1:a7:7b:45
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQf+grg3Wq6TOvxcW98yJGDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYWJlMDI4ZjNiZTdlZTA3Mjg4NWQwMmJiZDdiNjJhNjUy
NDI1ZWYwHhcNMjUwMTAxMDM0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTBkYmZmYzNkNTJjODljYzAwZTIzNjgzZTEzNTA3OTUzYzFmZDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1aM2E5wUv6abirkloHdJW2DXmW7a
2WbmLigfhsuGqnleIrM75E8sI1GGnhwx8rqb+Lty0RrKhZ2ggbjhaUj0JDobE95X
CIrrpD7S0N4sMqBaVpbNk44F0XzxWrTEqVENKK59y450W4qeOp6Ru4U+0wSv1iSL
/kR1zSc/aFWX1TR0Pexbn2UEiCSJNYlq3SHOC4K846goDzfecwsy4QsARMOHIkHB
VUzO0mA3PxuSSZ7OP6gpnVIJzLPXWkjRz+uZ8CfNAFeorKYU91myc0Ac5xig6ht3
JhNkgC0+H64gAkDbiZFmQpfln/OV66369fbtR3dmccB6fwKUArqcANeMvwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIkNv/w9UsicwA4jaD4TUHlTwf2HMB8GA1UdIwQY
MBaAFD6r4Cjzvn7gcohdArvXtiplJCXvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHF2Z0tQTy1mdUJ5aUYwQ3U5ZTJLbVVrSmU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8yYWQ0ZmEtYmQ3Yi00MDdlLWIyNWEt
ZGY3NDEwYjJkMjc1LzEvaVEyX19EMVN5SnpBRGlOb1BoTlFlVlBCX1ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8yYWQ0ZmEtYmQ3Yi00MDdlLWIyNWEtZGY3NDEwYjJkMjc1
LzEvUHF2Z0tQTy1mdUJ5aUYwQ3U5ZTJLbVVrSmU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhKggDAN
BgkqhkiG9w0BAQsFAAOCAQEAaVTrubM61fOWEXeF9PTer6Dg4LO4gWYvsXsH5XhI
2LpIX1+LFdtr2icwQSXx/7G/bnuFgmnxGJYVtK/j6GqDLOXwcICMqN24gZ+/ZSyB
lUfd4vXVesvk/7HeB/XzjR3EKA9L7/f3K592URNyIjuk6T3qc7gERWWvJxPOMhIl
SwK9evlc5SUbzk4GwqzMiBassor4AdqykfciKYT9I7nh0p8s8Xg/xvHnwHfddt7Z
bLa347oOo1Xg19qKWoRzQvEi/ge+lUOAgbuOVzmVLJWqc1qtIaGwevuexR/vAIB2
aA1aML3O/5Y/pfx7deA3Tgv1uoqeAx9Sv1TbN3casad7RQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:55:01 2025 by rpki-client