Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/bOR3J9mNjrpGZ1HNhO9UumnCfxI.roa
File: bOR3J9mNjrpGZ1HNhO9UumnCfxI.roa (raw, json)
Hash identifier: tl58JZ9hCtJWe2P25+S+phMvzVYNkIY092QyOAPltA8=
Subject key identifier: 6C:E4:77:27:D9:8D:8E:BA:46:67:51:CD:84:EF:54:BA:69:C2:7F:12
Certificate issuer: /CN=70fee176f51ce8fd81424ff73a5417341279c0f1
Certificate serial: 01941F8C4260D529F082AD2E930F83231950
Authority key identifier: 70:FE:E1:76:F5:1C:E8:FD:81:42:4F:F7:3A:54:17:34:12:79:C0:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/bOR3J9mNjrpGZ1HNhO9UumnCfxI.roa
Signing time: Wed 01 Jan 2025 01:47:53 +0000
ROA not before: Wed 01 Jan 2025 01:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 2a05:b100:1000::/36 maxlen: 36
2a05:b100:1000::/46 maxlen: 46
2a05:b100:1004::/46 maxlen: 46
2a05:b100:1008::/46 maxlen: 46
2a05:b100:100c::/46 maxlen: 46
2a05:b100:1010::/46 maxlen: 46
2a05:b100:1014::/46 maxlen: 46
2a05:b100:1018::/46 maxlen: 46
2a05:b100:101c::/46 maxlen: 46
2a05:b100:1020::/46 maxlen: 46
2a05:b100:1024::/46 maxlen: 46
2a05:b100:1028::/46 maxlen: 46
2a05:b100:102c::/46 maxlen: 46
2a05:b100:1030::/46 maxlen: 46
2a05:b100:1034::/46 maxlen: 46
2a05:b100:1038::/46 maxlen: 46
2a05:b100:103c::/46 maxlen: 46
2a05:b100:1200::/41 maxlen: 41
2a05:b100:1280::/41 maxlen: 41
2a05:b100:1300::/41 maxlen: 41
2a05:b100:1380::/41 maxlen: 41
2a05:b100:1400::/41 maxlen: 41
2a05:b100:1480::/41 maxlen: 41
2a05:b100:1500::/41 maxlen: 41
2a05:b100:1580::/41 maxlen: 41
2a05:b100:1600::/41 maxlen: 41
2a05:b100:1680::/41 maxlen: 41
2a05:b100:1700::/41 maxlen: 41
2a05:b100:1780::/41 maxlen: 41
2a05:b100:1800::/39 maxlen: 39
2a05:b100:1800::/41 maxlen: 41
2a05:b100:1880::/41 maxlen: 41
2a05:b100:1900::/41 maxlen: 41
2a05:b100:1980::/41 maxlen: 41
2a05:b100:1a00::/39 maxlen: 39
2a05:b100:1c00::/39 maxlen: 39
2a05:b100:1e00::/39 maxlen: 39
Validation: Failed, certificate revoked on Mon 13 Jan 2025 15:56:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:42:60:d5:29:f0:82:ad:2e:93:0f:83:23:19:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70fee176f51ce8fd81424ff73a5417341279c0f1
Validity
Not Before: Jan 1 01:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ce47727d98d8eba466751cd84ef54ba69c27f12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8c:d4:33:ab:31:ab:1e:24:51:ed:75:81:ef:
fb:1e:a6:21:2f:ea:7b:15:72:83:ce:47:40:51:14:
55:cf:6e:6d:3e:e2:54:48:81:fe:6f:00:fa:59:93:
ac:39:ed:9d:fc:5c:ee:a1:fe:e9:65:b9:c6:c1:67:
bc:ff:df:d4:d5:6f:f5:7b:cf:a1:99:c7:1c:9e:48:
67:15:be:ca:f5:4c:2d:dc:9b:ca:8c:42:a4:1e:4e:
a1:ee:73:fe:23:28:80:21:f3:5d:79:75:67:a6:42:
8a:6a:40:0a:28:96:38:ff:fb:eb:00:6a:b6:b5:4a:
27:8d:41:60:71:e1:1f:4c:22:50:70:32:f0:ea:ac:
5f:cf:84:3a:b5:7c:0f:e4:2e:43:49:ce:33:50:5d:
9a:8d:94:9f:8f:dd:cd:5a:1a:e5:d2:11:a3:87:f3:
7d:3a:ed:5f:17:56:9a:5e:56:9d:15:d5:7f:22:b8:
5f:49:40:af:1c:dc:a2:1e:00:15:2f:7a:4c:cb:f3:
74:b3:fa:3d:55:ad:78:f9:d9:6d:96:d9:37:81:94:
61:52:98:e5:5f:7e:2d:68:86:ce:a6:67:b9:a1:b6:
27:66:fb:c5:c5:00:17:63:88:6f:e3:27:ac:7b:b1:
61:1d:b3:db:c0:2d:87:d1:64:b2:7e:b7:cf:34:a9:
22:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:E4:77:27:D9:8D:8E:BA:46:67:51:CD:84:EF:54:BA:69:C2:7F:12
X509v3 Authority Key Identifier:
keyid:70:FE:E1:76:F5:1C:E8:FD:81:42:4F:F7:3A:54:17:34:12:79:C0:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/bOR3J9mNjrpGZ1HNhO9UumnCfxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b100:1000::/36
Signature Algorithm: sha256WithRSAEncryption
69:11:69:b1:74:10:5c:eb:c9:d3:34:c7:ae:ae:50:48:4a:e2:
72:89:50:c7:97:71:43:19:09:f2:c4:50:ac:6c:38:51:49:16:
5e:6e:1f:d8:7c:ec:7e:55:96:0f:77:53:d7:74:22:6c:9b:3d:
ab:5c:dd:90:82:fe:5c:90:7e:8b:c1:55:64:e7:c9:d3:8c:9b:
4f:dd:62:2b:a9:6c:0d:7b:ba:9a:14:02:5e:47:b9:c2:ba:87:
7f:d6:8c:28:64:3e:34:c6:12:94:77:47:87:29:1c:a8:09:6d:
2a:2b:ab:8b:98:29:6b:3c:e7:2a:49:36:e2:da:09:e6:b9:5c:
a0:12:19:cd:23:5e:91:8f:31:ff:01:6a:a4:2b:42:e7:7b:96:
9d:37:d3:e4:17:5b:08:dc:82:90:5c:71:f7:13:ec:7b:f8:15:
34:79:7b:1f:80:2e:25:21:ac:16:02:47:d1:7e:9a:65:2b:a7:
89:94:0b:6e:61:cc:1e:70:41:2b:9d:ba:69:9c:3c:e5:32:22:
41:50:76:ab:cb:5d:af:03:49:9c:96:99:aa:d3:a8:1c:46:57:
14:5d:46:7c:95:d1:47:ed:19:7f:57:97:63:31:58:f0:0b:e5:
01:dc:f1:8e:76:c5:bc:97:31:73:3c:de:c0:62:02:d6:f5:14:
5f:66:0a:77
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQfjEJg1Snwgq0ukw+DIxlQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZmVlMTc2ZjUxY2U4ZmQ4MTQyNGZmNzNhNTQxNzM0MTI3
OWMwZjEwHhcNMjUwMTAxMDE0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2U0NzcyN2Q5OGQ4ZWJhNDY2NzUxY2Q4NGVmNTRiYTY5YzI3ZjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIzUM6sxqx4kUe11ge/7HqYhL+p7
FXKDzkdAURRVz25tPuJUSIH+bwD6WZOsOe2d/Fzuof7pZbnGwWe8/9/U1W/1e8+h
mcccnkhnFb7K9Uwt3JvKjEKkHk6h7nP+IyiAIfNdeXVnpkKKakAKKJY4//vrAGq2
tUonjUFgceEfTCJQcDLw6qxfz4Q6tXwP5C5DSc4zUF2ajZSfj93NWhrl0hGjh/N9
Ou1fF1aaXladFdV/IrhfSUCvHNyiHgAVL3pMy/N0s/o9Va14+dltltk3gZRhUpjl
X34taIbOpme5obYnZvvFxQAXY4hv4yese7FhHbPbwC2H0WSyfrfPNKkiawIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGzkdyfZjY66RmdRzYTvVLppwn8SMB8GA1UdIwQY
MBaAFHD+4Xb1HOj9gUJP9zpUFzQSecDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1A3aGR2VWM2UDJCUWtfM09sUVhOQko1d1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS80YmUyMjItNjQ4Mi00ZGI5LTlhNWYt
NzUyZTliOGIwNzU2LzEvYk9SM0o5bU5qcnBHWjFITmhPOVV1bW5DZnhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS80YmUyMjItNjQ4Mi00ZGI5LTlhNWYtNzUyZTliOGIwNzU2
LzEvY1A3aGR2VWM2UDJCUWtfM09sUVhOQko1d1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgWxABAw
DQYJKoZIhvcNAQELBQADggEBAGkRabF0EFzrydM0x66uUEhK4nKJUMeXcUMZCfLE
UKxsOFFJFl5uH9h87H5Vlg93U9d0ImybPatc3ZCC/lyQfovBVWTnydOMm0/dYiup
bA17upoUAl5HucK6h3/WjChkPjTGEpR3R4cpHKgJbSorq4uYKWs85ypJNuLaCea5
XKASGc0jXpGPMf8BaqQrQud7lp030+QXWwjcgpBccfcT7Hv4FTR5ex+ALiUhrBYC
R9F+mmUrp4mUC25hzB5wQSudummcPOUyIkFQdqvLXa8DSZyWmarTqBxGVxRdRnyV
0UftGX9Xl2MxWPAL5QHc8Y52xbyXMXM83sBiAtb1FF9mCnc=
-----END CERTIFICATE-----
Generated at Fri Apr 18 12:40:56 2025 by rpki-client