Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/ee3e3f-3a45-43eb-a5de-4285998392d3/1/m1eWgmVo_me2kG0CketlbJLxVcQ.roa
File: m1eWgmVo_me2kG0CketlbJLxVcQ.roa (raw, json)
Hash identifier: /9HRj3r8q1a93YZYA3pgGnk34YnF0N8LysZjvA9eyBk=
Subject key identifier: 9B:57:96:82:65:68:FE:67:B6:90:6D:02:91:EB:65:6C:92:F1:55:C4
Certificate issuer: /CN=ccc478dd9ccd6162f82488ac6fc50c21d369f2a0
Certificate serial: 019425FDA9CC27635C583B7C86EE27E1E69A
Authority key identifier: CC:C4:78:DD:9C:CD:61:62:F8:24:88:AC:6F:C5:0C:21:D3:69:F2:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zMR43ZzNYWL4JIisb8UMIdNp8qA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/ee3e3f-3a45-43eb-a5de-4285998392d3/1/m1eWgmVo_me2kG0CketlbJLxVcQ.roa
Signing time: Thu 02 Jan 2025 07:49:28 +0000
ROA not before: Thu 02 Jan 2025 07:49:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212144
IP address blocks: 2a01:64e0::/32 maxlen: 32
2a06:a640::/29 maxlen: 29
2a06:da80::/29 maxlen: 29
2a09:2fc0::/29 maxlen: 29
2a0d:c940::/29 maxlen: 29
2a0d:db00::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 06 Mar 2025 14:38:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:a9:cc:27:63:5c:58:3b:7c:86:ee:27:e1:e6:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccc478dd9ccd6162f82488ac6fc50c21d369f2a0
Validity
Not Before: Jan 2 07:49:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b5796826568fe67b6906d0291eb656c92f155c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:a0:35:0c:cd:99:13:ac:cd:fd:50:0d:50:bb:
90:59:0c:24:85:36:42:82:19:ee:9d:73:eb:b1:ec:
36:2a:80:de:fb:4c:1b:fd:9d:54:03:a2:c6:62:c2:
11:5b:a5:c4:6d:6d:76:af:3d:86:79:3d:11:63:73:
94:b0:03:50:13:06:6f:8e:87:04:d8:d9:23:25:1d:
10:5c:1a:66:f2:ec:a8:7b:0f:be:aa:ad:40:e5:2a:
d4:07:bf:d2:e9:5d:01:ff:b5:29:79:16:4a:ce:89:
70:bc:84:5c:5b:74:a2:44:55:ea:f9:6b:15:05:9e:
d1:32:46:7a:2a:36:59:73:f9:9c:81:bf:b2:b9:95:
57:bf:04:53:90:c2:45:8e:40:01:9b:b8:20:b8:8a:
a5:43:e5:51:e2:d3:a4:cc:0f:87:ec:22:8d:4a:3e:
8d:d5:82:b3:6f:0d:36:7e:fe:01:55:af:9d:89:4c:
46:dd:12:b3:0a:c0:1b:6a:86:b9:0d:89:d2:17:13:
75:0a:f9:81:ec:54:40:2e:2e:37:59:e5:b7:a7:57:
01:00:3f:19:c8:39:ae:10:b8:15:18:61:77:c8:2d:
6e:5f:ba:da:d8:be:85:59:fe:2c:66:0e:29:0d:79:
3c:35:4e:f1:8d:02:c1:ac:b0:2f:d0:38:8d:b0:ad:
fe:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:57:96:82:65:68:FE:67:B6:90:6D:02:91:EB:65:6C:92:F1:55:C4
X509v3 Authority Key Identifier:
keyid:CC:C4:78:DD:9C:CD:61:62:F8:24:88:AC:6F:C5:0C:21:D3:69:F2:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zMR43ZzNYWL4JIisb8UMIdNp8qA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/ee3e3f-3a45-43eb-a5de-4285998392d3/1/m1eWgmVo_me2kG0CketlbJLxVcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/ee3e3f-3a45-43eb-a5de-4285998392d3/1/zMR43ZzNYWL4JIisb8UMIdNp8qA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:64e0::/32
2a06:a640::/29
2a06:da80::/29
2a09:2fc0::/29
2a0d:c940::/29
2a0d:db00::/29
Signature Algorithm: sha256WithRSAEncryption
77:12:ef:6f:c4:de:f7:9c:1f:43:16:34:5c:cd:d5:8f:ab:38:
b9:15:06:8f:98:bd:91:18:63:ea:72:aa:de:a7:9c:ad:81:f5:
15:63:b9:ac:75:ee:bf:7c:17:f4:3c:55:c1:c5:7f:03:68:d1:
03:e2:1a:7e:74:55:70:77:39:35:7e:b8:72:33:99:7d:1f:52:
e0:c4:c3:02:a4:03:80:03:c8:21:a9:63:d6:43:1a:6c:6c:f8:
64:78:83:bc:1b:d8:31:86:b7:ea:62:ee:69:a0:dd:e5:14:8a:
81:31:b4:98:41:ce:41:27:f2:3b:45:08:7e:1f:c1:9b:f5:73:
1d:00:38:d7:3a:5e:d8:fb:0d:79:a0:fa:4f:6a:4b:02:f7:92:
55:53:22:ce:a7:0e:77:89:ba:10:73:05:bb:ae:eb:bf:bc:e6:
ef:f2:ef:1e:4a:23:55:f6:f0:fb:3a:20:39:b7:d0:62:bb:68:
96:7f:3d:64:67:65:22:3d:45:1e:ef:78:1f:38:7f:be:c2:3b:
3c:6c:13:12:85:02:f4:c1:ab:1c:b1:7e:80:fb:19:3e:60:d8:
ed:e9:9a:42:58:42:cc:9d:c1:a9:c5:58:db:45:89:93:e0:40:
7b:f9:b7:55:56:7d:75:f0:a4:6a:b5:37:98:83:37:a5:33:91:
36:1a:29:be
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQl/anMJ2NcWDt8hu4n4eaaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjYzQ3OGRkOWNjZDYxNjJmODI0ODhhYzZmYzUwYzIxZDM2
OWYyYTAwHhcNMjUwMTAyMDc0OTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjU3OTY4MjY1NjhmZTY3YjY5MDZkMDI5MWViNjU2YzkyZjE1NWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA46A1DM2ZE6zN/VANULuQWQwkhTZC
ghnunXPrsew2KoDe+0wb/Z1UA6LGYsIRW6XEbW12rz2GeT0RY3OUsANQEwZvjocE
2NkjJR0QXBpm8uyoew++qq1A5SrUB7/S6V0B/7UpeRZKzolwvIRcW3SiRFXq+WsV
BZ7RMkZ6KjZZc/mcgb+yuZVXvwRTkMJFjkABm7gguIqlQ+VR4tOkzA+H7CKNSj6N
1YKzbw02fv4BVa+diUxG3RKzCsAbaoa5DYnSFxN1CvmB7FRALi43WeW3p1cBAD8Z
yDmuELgVGGF3yC1uX7ra2L6FWf4sZg4pDXk8NU7xjQLBrLAv0DiNsK3+JwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJtXloJlaP5ntpBtApHrZWyS8VXEMB8GA1UdIwQY
MBaAFMzEeN2czWFi+CSIrG/FDCHTafKgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek1SNDNaek5ZV0w0Sklpc2I4VU1JZE5wOHFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9lZTNlM2YtM2E0NS00M2ViLWE1ZGUt
NDI4NTk5ODM5MmQzLzEvbTFlV2dtVm9fbWUya0cwQ2tldGxiSkx4VmNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9lZTNlM2YtM2E0NS00M2ViLWE1ZGUtNDI4NTk5ODM5MmQz
LzEvek1SNDNaek5ZV0w0Sklpc2I4VU1JZE5wOHFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUAKgFk4AMF
AyoGpkADBQMqBtqAAwUDKgkvwAMFAyoNyUADBQMqDdsAMA0GCSqGSIb3DQEBCwUA
A4IBAQB3Eu9vxN73nB9DFjRczdWPqzi5FQaPmL2RGGPqcqrep5ytgfUVY7msde6/
fBf0PFXBxX8DaNED4hp+dFVwdzk1frhyM5l9H1LgxMMCpAOAA8ghqWPWQxpsbPhk
eIO8G9gxhrfqYu5poN3lFIqBMbSYQc5BJ/I7RQh+H8Gb9XMdADjXOl7Y+w15oPpP
aksC95JVUyLOpw53iboQcwW7ruu/vObv8u8eSiNV9vD7OiA5t9Biu2iWfz1kZ2Ui
PUUe73gfOH++wjs8bBMShQL0wascsX6A+xk+YNjt6ZpCWELMncGpxVjbRYmT4EB7
+bdVVn118KRqtTeYgzelM5E2Gim+
-----END CERTIFICATE-----
Generated at Sat Apr 12 20:17:15 2025 by rpki-client