Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/jU9aqRbYNhK7T5JqfTE929cKm8g.roa
File: jU9aqRbYNhK7T5JqfTE929cKm8g.roa (raw, json)
Hash identifier: IpfSh9+l4tYK0+SVxRLhPpOvoXypn0TyWR5tYVDikqc=
Subject key identifier: 8D:4F:5A:A9:16:D8:36:12:BB:4F:92:6A:7D:31:3D:DB:D7:0A:9B:C8
Certificate issuer: /CN=70fee176f51ce8fd81424ff73a5417341279c0f1
Certificate serial: 01946061372AD1B68ED464083F0BE7C7102E
Authority key identifier: 70:FE:E1:76:F5:1C:E8:FD:81:42:4F:F7:3A:54:17:34:12:79:C0:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/jU9aqRbYNhK7T5JqfTE929cKm8g.roa
Signing time: Mon 13 Jan 2025 15:56:11 +0000
ROA not before: Mon 13 Jan 2025 15:56:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 2a05:b100:1000::/36 maxlen: 36
2a05:b100:1000::/46 maxlen: 46
2a05:b100:1004::/46 maxlen: 46
2a05:b100:1008::/46 maxlen: 46
2a05:b100:100c::/46 maxlen: 46
2a05:b100:1010::/46 maxlen: 46
2a05:b100:1014::/46 maxlen: 46
2a05:b100:1018::/46 maxlen: 46
2a05:b100:101c::/46 maxlen: 46
2a05:b100:1020::/46 maxlen: 46
2a05:b100:1024::/46 maxlen: 46
2a05:b100:1028::/46 maxlen: 46
2a05:b100:102c::/46 maxlen: 46
2a05:b100:1030::/46 maxlen: 46
2a05:b100:1034::/46 maxlen: 46
2a05:b100:1038::/46 maxlen: 46
2a05:b100:103c::/46 maxlen: 46
2a05:b100:1200::/41 maxlen: 41
2a05:b100:1280::/41 maxlen: 41
2a05:b100:1300::/41 maxlen: 41
2a05:b100:1380::/41 maxlen: 41
2a05:b100:1400::/41 maxlen: 41
2a05:b100:1480::/41 maxlen: 41
2a05:b100:1500::/41 maxlen: 41
2a05:b100:1580::/41 maxlen: 41
2a05:b100:1600::/41 maxlen: 41
2a05:b100:1680::/41 maxlen: 41
2a05:b100:1700::/41 maxlen: 41
2a05:b100:1780::/41 maxlen: 41
2a05:b100:1800::/39 maxlen: 39
2a05:b100:1800::/41 maxlen: 41
2a05:b100:1880::/41 maxlen: 41
2a05:b100:1900::/41 maxlen: 41
2a05:b100:1980::/41 maxlen: 41
2a05:b100:1a00::/39 maxlen: 39
2a05:b100:1a00::/46 maxlen: 46
2a05:b100:1a04::/46 maxlen: 46
2a05:b100:1a08::/46 maxlen: 46
2a05:b100:1a0c::/46 maxlen: 46
2a05:b100:1a80::/41 maxlen: 41
2a05:b100:1b00::/41 maxlen: 41
2a05:b100:1b80::/41 maxlen: 41
2a05:b100:1c00::/39 maxlen: 39
2a05:b100:1c00::/41 maxlen: 41
2a05:b100:1e00::/39 maxlen: 39
Validation: Failed, certificate revoked on Fri 31 Jan 2025 16:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:60:61:37:2a:d1:b6:8e:d4:64:08:3f:0b:e7:c7:10:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70fee176f51ce8fd81424ff73a5417341279c0f1
Validity
Not Before: Jan 13 15:56:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8d4f5aa916d83612bb4f926a7d313ddbd70a9bc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:c7:2a:fd:3f:53:2d:b9:bd:8f:12:ea:99:2e:
4b:fc:86:7a:9a:38:97:c7:95:c7:04:c5:28:c2:4a:
45:58:51:27:a9:8b:76:15:de:1a:fd:da:65:11:94:
f4:ba:1e:86:c0:7e:a1:ea:bb:88:f4:f8:30:98:92:
1a:5c:4b:7c:51:87:73:86:36:82:2e:d3:0d:10:85:
37:f4:6b:bb:81:d3:87:f3:6f:7f:46:36:fd:7a:f6:
f9:cf:58:d2:f4:6d:b8:a9:16:27:d1:71:a7:5c:6e:
67:98:18:fb:b0:fa:ad:72:c1:e1:a6:a4:49:c5:6b:
d2:0d:52:d0:df:3e:56:31:4a:1c:f3:e7:84:1e:e0:
fb:68:f7:08:c9:8f:37:75:87:04:b5:7d:4b:d7:b7:
32:f0:ea:fc:f3:ed:21:b9:53:1a:c3:e3:5a:c3:a6:
94:80:c8:c8:54:27:dc:78:f3:d0:bb:9e:54:e8:39:
1c:c4:9e:fb:58:4e:d1:b0:e7:9e:dc:57:ef:a7:8e:
a8:48:a8:7e:08:9e:36:89:f7:0b:e4:02:c5:65:bf:
ca:c2:50:13:d1:73:49:94:7b:1a:a4:29:16:af:22:
ae:f4:c8:fe:bd:f0:51:9f:2a:9f:42:90:ba:59:e3:
68:f5:f5:4e:47:a5:ff:66:07:45:86:2c:6a:a5:ae:
4e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:4F:5A:A9:16:D8:36:12:BB:4F:92:6A:7D:31:3D:DB:D7:0A:9B:C8
X509v3 Authority Key Identifier:
keyid:70:FE:E1:76:F5:1C:E8:FD:81:42:4F:F7:3A:54:17:34:12:79:C0:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/jU9aqRbYNhK7T5JqfTE929cKm8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b100:1000::/36
Signature Algorithm: sha256WithRSAEncryption
5f:c2:a1:04:98:b4:9b:7a:eb:c8:37:f9:65:c3:26:11:aa:c7:
ea:7b:b2:9d:00:ea:20:96:57:59:58:2a:8f:7b:ba:f1:e4:5b:
9f:d8:6e:88:e1:ac:57:e8:c5:88:5b:bf:81:1c:ab:b9:d4:0b:
ca:9b:8b:cc:3a:f4:5a:87:fc:e5:e6:c9:81:43:83:be:95:fc:
8f:a4:5c:8c:c6:77:4b:24:6e:ed:51:5c:c6:c0:4f:c7:06:b6:
5b:73:07:fa:7b:35:a0:77:ae:89:55:05:58:39:db:85:cd:52:
c7:0c:63:fa:ca:69:8f:de:de:06:cc:9f:d4:d0:75:de:e0:8a:
b3:e1:1c:39:3a:16:9b:a6:7d:7a:c9:a6:24:92:32:db:6e:3b:
b8:8f:96:48:f1:c1:d6:59:e4:99:00:48:95:0e:8e:d8:0b:04:
34:c8:64:25:84:3f:0c:ec:74:8b:b1:68:1b:3d:9b:99:4c:c9:
ad:9c:35:e1:19:18:21:1d:c9:fc:fa:cd:8a:da:99:cf:cf:f3:
06:79:78:ad:82:01:c7:d8:32:06:70:89:7a:3f:d2:72:13:37:
a9:2c:66:da:ab:16:c1:49:8c:9f:b3:c7:7b:98:c6:c0:0e:84:
88:ef:83:68:10:85:87:b7:fa:cd:f3:4d:55:1e:36:b6:bf:7f:
cc:a2:66:5d
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZRgYTcq0baO1GQIPwvnxxAuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZmVlMTc2ZjUxY2U4ZmQ4MTQyNGZmNzNhNTQxNzM0MTI3
OWMwZjEwHhcNMjUwMTEzMTU1NjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDRmNWFhOTE2ZDgzNjEyYmI0ZjkyNmE3ZDMxM2RkYmQ3MGE5YmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmccq/T9TLbm9jxLqmS5L/IZ6mjiX
x5XHBMUowkpFWFEnqYt2Fd4a/dplEZT0uh6GwH6h6ruI9PgwmJIaXEt8UYdzhjaC
LtMNEIU39Gu7gdOH829/Rjb9evb5z1jS9G24qRYn0XGnXG5nmBj7sPqtcsHhpqRJ
xWvSDVLQ3z5WMUoc8+eEHuD7aPcIyY83dYcEtX1L17cy8Or88+0huVMaw+Naw6aU
gMjIVCfcePPQu55U6DkcxJ77WE7RsOee3Ffvp46oSKh+CJ42ifcL5ALFZb/KwlAT
0XNJlHsapCkWryKu9Mj+vfBRnyqfQpC6WeNo9fVOR6X/ZgdFhixqpa5OuwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFI1PWqkW2DYSu0+San0xPdvXCpvIMB8GA1UdIwQY
MBaAFHD+4Xb1HOj9gUJP9zpUFzQSecDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1A3aGR2VWM2UDJCUWtfM09sUVhOQko1d1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS80YmUyMjItNjQ4Mi00ZGI5LTlhNWYt
NzUyZTliOGIwNzU2LzEvalU5YXFSYllOaEs3VDVKcWZURTkyOWNLbThnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS80YmUyMjItNjQ4Mi00ZGI5LTlhNWYtNzUyZTliOGIwNzU2
LzEvY1A3aGR2VWM2UDJCUWtfM09sUVhOQko1d1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgWxABAw
DQYJKoZIhvcNAQELBQADggEBAF/CoQSYtJt668g3+WXDJhGqx+p7sp0A6iCWV1lY
Ko97uvHkW5/YbojhrFfoxYhbv4Ecq7nUC8qbi8w69FqH/OXmyYFDg76V/I+kXIzG
d0skbu1RXMbAT8cGtltzB/p7NaB3rolVBVg524XNUscMY/rKaY/e3gbMn9TQdd7g
irPhHDk6FpumfXrJpiSSMttuO7iPlkjxwdZZ5JkASJUOjtgLBDTIZCWEPwzsdIux
aBs9m5lMya2cNeEZGCEdyfz6zYramc/P8wZ5eK2CAcfYMgZwiXo/0nITN6ksZtqr
FsFJjJ+zx3uYxsAOhIjvg2gQhYe3+s3zTVUeNra/f8yiZl0=
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:50:51 2025 by rpki-client