Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/blAeTsgzvnXWzJGcIbpOuIA831c.roa
File: blAeTsgzvnXWzJGcIbpOuIA831c.roa (raw, json)
Hash identifier: UZdZQhTrYWuyboy/tiFF2aL/eCwbDovq+DqP0z6IHtw=
Subject key identifier: 6E:50:1E:4E:C8:33:BE:75:D6:CC:91:9C:21:BA:4E:B8:80:3C:DF:57
Certificate issuer: /CN=2c3b0ae5b7f781122c709a2650adf9729187e1e1
Certificate serial: 0194266BAC631975047B1F6646885EC9F7B0
Authority key identifier: 2C:3B:0A:E5:B7:F7:81:12:2C:70:9A:26:50:AD:F9:72:91:87:E1:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LDsK5bf3gRIscJomUK35cpGH4eE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/blAeTsgzvnXWzJGcIbpOuIA831c.roa
Signing time: Thu 02 Jan 2025 09:49:38 +0000
ROA not before: Thu 02 Jan 2025 09:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2134
IP address blocks: 62.164.0.0/17 maxlen: 24
193.127.0.0/16 maxlen: 24
193.201.108.0/24 maxlen: 24
195.234.166.0/24 maxlen: 24
2a00:dc80::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 24 Feb 2025 11:35:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:ac:63:19:75:04:7b:1f:66:46:88:5e:c9:f7:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c3b0ae5b7f781122c709a2650adf9729187e1e1
Validity
Not Before: Jan 2 09:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e501e4ec833be75d6cc919c21ba4eb8803cdf57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:14:d9:ce:5c:6b:67:f5:18:15:35:86:6c:01:
41:90:7e:9a:71:e1:3b:34:65:ff:07:37:e8:55:e6:
ed:e2:7c:24:dc:f3:75:cb:b6:56:24:31:24:60:47:
12:32:17:51:b0:76:02:72:e1:d0:8d:26:73:6c:86:
db:e5:f4:48:40:4a:ff:23:b5:ec:11:6b:3a:f1:3e:
46:90:d3:e4:b4:99:c0:d8:96:27:a2:ea:99:c9:56:
f0:b9:46:7a:c1:d9:5d:64:80:f5:46:02:d3:11:eb:
ff:18:f6:4e:26:0d:87:79:62:19:dc:33:cc:94:35:
d4:bf:42:1e:80:ba:1f:9e:65:2b:e9:7e:f7:71:d2:
06:47:b4:6a:a0:d3:d6:08:5c:ea:e9:0f:8a:27:ef:
ee:40:11:e4:d5:8a:a9:5e:e0:31:f9:53:f5:3c:05:
9c:25:6b:76:b1:79:da:ba:4a:22:94:db:0b:30:d0:
20:8b:92:99:c8:5b:69:29:c8:d7:31:cf:f5:f2:d0:
26:2f:e7:d2:7a:cf:b9:1d:a3:b6:c6:78:2e:2a:17:
b3:bf:4c:fa:76:7b:0a:31:9d:8b:01:4c:4a:7b:ae:
1f:6a:78:0a:25:99:84:6f:22:8b:63:82:45:fb:14:
8d:7f:2f:68:30:c8:47:de:5d:6a:be:68:3e:6e:7c:
5f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:50:1E:4E:C8:33:BE:75:D6:CC:91:9C:21:BA:4E:B8:80:3C:DF:57
X509v3 Authority Key Identifier:
keyid:2C:3B:0A:E5:B7:F7:81:12:2C:70:9A:26:50:AD:F9:72:91:87:E1:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LDsK5bf3gRIscJomUK35cpGH4eE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/blAeTsgzvnXWzJGcIbpOuIA831c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/LDsK5bf3gRIscJomUK35cpGH4eE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.0.0/17
193.127.0.0/16
193.201.108.0/24
195.234.166.0/24
IPv6:
2a00:dc80::/32
Signature Algorithm: sha256WithRSAEncryption
af:94:d1:07:ab:5d:c6:b7:f0:9d:b5:51:7d:81:9d:30:6a:f3:
7b:da:1a:7b:48:d7:0c:a0:4c:97:3d:be:7c:da:70:a9:15:81:
4e:63:af:1e:35:1b:06:85:94:70:e7:1c:ff:ed:d9:4a:f4:73:
08:df:c7:f1:be:46:27:42:0b:81:85:fa:18:ae:7d:aa:d0:99:
23:85:24:0e:16:88:05:1d:47:a1:4a:62:5c:7f:42:77:fe:86:
98:d7:58:b1:78:87:90:ae:d8:c2:6e:67:94:75:80:ed:ee:fc:
4f:80:56:0f:29:57:9d:e3:d9:ad:16:e7:c0:3c:7d:74:7b:de:
1a:43:f8:15:29:14:d1:5c:88:77:57:30:c5:3a:bf:4d:6b:55:
13:ab:92:7b:52:33:08:76:24:e6:dc:3a:41:9d:81:d7:3c:12:
3f:62:ec:50:d4:ef:5e:25:2b:6e:68:95:fc:19:45:b3:7f:3a:
d9:e0:eb:41:04:74:24:b6:01:b1:94:2a:3b:ef:66:7e:18:88:
70:42:e7:3e:8f:7f:88:dc:41:2b:f8:31:b4:71:27:3c:1d:76:
37:e7:2b:36:8f:dc:73:c0:ea:71:da:19:53:5a:2a:6a:3b:b7:
a2:41:d4:a6:b8:c0:b0:a5:6d:d7:10:d9:64:37:1d:cd:ab:fd:
48:18:5a:34
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQma6xjGXUEex9mRoheyfewMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjM2IwYWU1YjdmNzgxMTIyYzcwOWEyNjUwYWRmOTcyOTE4
N2UxZTEwHhcNMjUwMTAyMDk0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTUwMWU0ZWM4MzNiZTc1ZDZjYzkxOWMyMWJhNGViODgwM2NkZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxTZzlxrZ/UYFTWGbAFBkH6aceE7
NGX/BzfoVebt4nwk3PN1y7ZWJDEkYEcSMhdRsHYCcuHQjSZzbIbb5fRIQEr/I7Xs
EWs68T5GkNPktJnA2JYnouqZyVbwuUZ6wdldZID1RgLTEev/GPZOJg2HeWIZ3DPM
lDXUv0IegLofnmUr6X73cdIGR7RqoNPWCFzq6Q+KJ+/uQBHk1YqpXuAx+VP1PAWc
JWt2sXnaukoilNsLMNAgi5KZyFtpKcjXMc/18tAmL+fSes+5HaO2xnguKhezv0z6
dnsKMZ2LAUxKe64fangKJZmEbyKLY4JF+xSNfy9oMMhH3l1qvmg+bnxf8wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFG5QHk7IM7511syRnCG6TriAPN9XMB8GA1UdIwQY
MBaAFCw7CuW394ESLHCaJlCt+XKRh+HhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTERzSzViZjNnUklzY0pvbVVLMzVjcEdINGVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi81M2UyNmItZTdlZS00NzNlLWE1NGEt
ZmZjY2EzZTFmMTdmLzEvYmxBZVRzZ3p2blhXekpHY0licE91SUE4MzFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi81M2UyNmItZTdlZS00NzNlLWE1NGEtZmZjY2EzZTFmMTdm
LzEvTERzSzViZjNnUklzY0pvbVVLMzVjcEdINGVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwQHPqQAAwMA
wX8DBADByWwDBADD6qYwDQQCAAIwBwMFACoA3IAwDQYJKoZIhvcNAQELBQADggEB
AK+U0QerXca38J21UX2BnTBq83vaGntI1wygTJc9vnzacKkVgU5jrx41GwaFlHDn
HP/t2Ur0cwjfx/G+RidCC4GF+hiufarQmSOFJA4WiAUdR6FKYlx/Qnf+hpjXWLF4
h5Cu2MJuZ5R1gO3u/E+AVg8pV53j2a0W58A8fXR73hpD+BUpFNFciHdXMMU6v01r
VROrkntSMwh2JObcOkGdgdc8Ej9i7FDU714lK25olfwZRbN/Otng60EEdCS2AbGU
KjvvZn4YiHBC5z6Pf4jcQSv4MbRxJzwddjfnKzaP3HPA6nHaGVNaKmo7t6JB1Ka4
wLClbdcQ2WQ3Hc2r/UgYWjQ=
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:15:03 2025 by rpki-client