Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/20tj8xGqYVm-C4WuBbY3wgP4Wu8.roa
File: 20tj8xGqYVm-C4WuBbY3wgP4Wu8.roa (raw, json)
Hash identifier: 6TbYgwmaGgOfY09rAmON/WzZlvLudHxGNOGsAZs5Wzs=
Subject key identifier: DB:4B:63:F3:11:AA:61:59:BE:0B:85:AE:05:B6:37:C2:03:F8:5A:EF
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019388F493304C184D133998AC0B3A12D9EA
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/20tj8xGqYVm-C4WuBbY3wgP4Wu8.roa
Signing time: Mon 02 Dec 2024 19:59:10 +0000
ROA not before: Mon 02 Dec 2024 19:59:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214168
IP address blocks: 2a11:7b00::/29 maxlen: 29
2a12:8580::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 08 Dec 2024 19:35:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:88:f4:93:30:4c:18:4d:13:39:98:ac:0b:3a:12:d9:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Dec 2 19:59:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db4b63f311aa6159be0b85ae05b637c203f85aef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:22:bc:0d:12:b1:12:c1:f2:98:d2:e0:c8:27:
8e:d3:74:a9:98:d9:76:ce:0d:f4:a5:ab:1e:29:64:
dc:d5:e7:e8:0b:d8:07:c6:84:8d:9d:9c:36:3f:19:
62:4f:2c:6a:ba:0e:1c:6b:c6:21:1e:ca:17:9b:f2:
4a:a5:fc:9a:b2:91:41:f4:69:b0:5e:bd:85:a5:46:
b6:2d:61:0e:fc:91:ab:9e:b3:42:76:a3:23:cf:8f:
43:b8:34:d9:49:4d:e2:0f:12:06:bd:00:14:32:99:
45:a8:e0:c3:f9:09:78:a9:d1:99:a4:52:8a:7d:4f:
f3:57:7a:4a:16:c1:2e:50:2b:1e:72:be:ff:e2:7b:
31:50:a0:c8:ff:17:71:eb:95:80:3a:07:75:40:5c:
fc:bc:39:f3:e6:92:e6:5d:ed:b7:79:41:71:ad:3f:
aa:05:15:39:08:9a:73:b7:3c:90:6e:01:e8:bf:90:
fb:ea:17:dd:6e:67:12:36:a4:ac:20:0d:8b:14:0d:
a5:6e:ed:f9:fb:d3:e8:8d:80:98:c3:14:9e:93:83:
47:e4:b7:cd:b0:c9:0d:b4:e4:e5:e9:68:01:6d:72:
d3:f1:21:54:c6:52:39:fe:88:a0:d2:47:06:99:0e:
57:48:1d:e5:92:83:bd:14:fd:96:1f:32:80:fe:eb:
9b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:4B:63:F3:11:AA:61:59:BE:0B:85:AE:05:B6:37:C2:03:F8:5A:EF
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/20tj8xGqYVm-C4WuBbY3wgP4Wu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:7b00::/29
2a12:8580::/29
Signature Algorithm: sha256WithRSAEncryption
07:d2:75:cd:a7:19:5b:57:94:52:0a:1f:49:e2:ea:57:26:dd:
0f:fc:d9:53:b7:c7:8b:e9:8a:33:23:75:0c:01:56:03:48:8b:
73:25:80:d0:d4:9e:28:e3:e8:3f:51:b3:d4:36:03:3d:17:9f:
de:5c:34:a8:28:f4:fa:42:d1:22:51:cd:26:da:c9:10:64:6b:
7b:bb:1b:0d:a5:fe:8d:a0:5a:01:50:6e:85:64:0b:a1:90:b9:
29:af:12:ad:bc:ab:63:cf:2c:d2:0a:d3:13:a5:80:a8:57:5e:
5d:04:0a:d8:84:64:85:c8:e5:86:c6:7e:00:f8:9b:ec:15:78:
a0:09:45:81:d3:cf:9f:c9:67:4e:bd:d0:66:98:ed:5d:70:bf:
97:bb:a8:b1:12:56:9b:03:66:49:54:af:a0:28:6b:9c:04:1c:
ad:64:22:8a:b3:d3:70:37:00:af:71:6f:12:1c:13:5b:9e:fe:
76:1d:f9:54:5d:7b:a2:56:27:e7:2a:da:e7:64:a5:63:5c:0c:
a7:af:83:25:f0:a5:ba:54:2f:60:5e:74:1d:7e:90:89:9d:b8:
59:b5:e6:e7:30:2b:8f:ae:7e:a4:f4:c8:e2:27:89:fd:3e:be:
f0:36:bb:8c:20:89:8d:6d:af:c6:80:a2:12:14:3f:cd:55:62:
c0:ba:d5:40
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZOI9JMwTBhNEzmYrAs6EtnqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQxMjAyMTk1OTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjRiNjNmMzExYWE2MTU5YmUwYjg1YWUwNWI2MzdjMjAzZjg1YWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriK8DRKxEsHymNLgyCeO03SpmNl2
zg30paseKWTc1efoC9gHxoSNnZw2PxliTyxqug4ca8YhHsoXm/JKpfyaspFB9Gmw
Xr2FpUa2LWEO/JGrnrNCdqMjz49DuDTZSU3iDxIGvQAUMplFqODD+Ql4qdGZpFKK
fU/zV3pKFsEuUCsecr7/4nsxUKDI/xdx65WAOgd1QFz8vDnz5pLmXe23eUFxrT+q
BRU5CJpztzyQbgHov5D76hfdbmcSNqSsIA2LFA2lbu35+9PojYCYwxSek4NH5LfN
sMkNtOTl6WgBbXLT8SFUxlI5/oig0kcGmQ5XSB3lkoO9FP2WHzKA/uubGQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNtLY/MRqmFZvguFrgW2N8ID+FrvMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvMjB0ajh4R3FZVm0tQzRXdUJiWTN3Z1A0V3U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhF7AAMF
AyoShYAwDQYJKoZIhvcNAQELBQADggEBAAfSdc2nGVtXlFIKH0ni6lcm3Q/82VO3
x4vpijMjdQwBVgNIi3MlgNDUnijj6D9Rs9Q2Az0Xn95cNKgo9PpC0SJRzSbayRBk
a3u7Gw2l/o2gWgFQboVkC6GQuSmvEq28q2PPLNIK0xOlgKhXXl0ECtiEZIXI5YbG
fgD4m+wVeKAJRYHTz5/JZ0690GaY7V1wv5e7qLESVpsDZklUr6Aoa5wEHK1kIoqz
03A3AK9xbxIcE1ue/nYd+VRde6JWJ+cq2udkpWNcDKevgyXwpbpUL2BedB1+kImd
uFm15ucwK4+ufqT0yOInif0+vvA2u4wgiY1tr8aAohIUP81VYsC61UA=
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:40:25 2025 by rpki-client