Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XrNSTv81nzS1hL9u_qrcT0GHBhE.roa
File: XrNSTv81nzS1hL9u_qrcT0GHBhE.roa (raw, json)
Hash identifier: d3aVYfMijrM4aPuSgEFk9yYZtFRcQmketyz3QICTMbU=
Subject key identifier: 5E:B3:52:4E:FF:35:9F:34:B5:84:BF:6E:FE:AA:DC:4F:41:87:06:11
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 0194B32E8C290800B3AC03C9B0F8BE85259B
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XrNSTv81nzS1hL9u_qrcT0GHBhE.roa
Signing time: Wed 29 Jan 2025 17:49:19 +0000
ROA not before: Wed 29 Jan 2025 17:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a0e:5387::/32 maxlen: 32
2a0e:5641::/32 maxlen: 32
2a0e:5643::/32 maxlen: 32
2a0e:5645::/32 maxlen: 32
2a0e:5647::/32 maxlen: 32
2a0e:5900::/32 maxlen: 32
2a0e:5905::/32 maxlen: 32
2a0e:8084::/32 maxlen: 32
2a0e:8087::/32 maxlen: 32
2a0e:ccc0::/32 maxlen: 32
2a0e:ccc4::/32 maxlen: 32
2a0f:6fc1::/32 maxlen: 32
2a0f:6fc3::/32 maxlen: 32
2a0f:6fc7::/32 maxlen: 32
2a0f:b4c2::/32 maxlen: 32
2a0f:b4c6::/32 maxlen: 32
2a0f:c085::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 06 Feb 2025 17:45:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b3:2e:8c:29:08:00:b3:ac:03:c9:b0:f8:be:85:25:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jan 29 17:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5eb3524eff359f34b584bf6efeaadc4f41870611
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:19:bf:d4:cd:38:9f:61:b9:a0:38:03:28:3f:
49:9a:bd:04:8d:2d:d9:4c:dc:59:81:9e:09:87:af:
4e:b0:6b:4d:0d:e5:1f:63:c3:6c:73:55:a3:d5:59:
05:75:3e:71:3c:f3:b1:47:a7:1a:3c:7d:98:a4:8e:
23:08:cd:29:6a:6b:f7:c8:24:c6:0f:3b:6c:68:05:
3a:3d:24:ec:db:33:ee:fe:96:2e:ee:05:c6:a9:4a:
f3:3c:a4:28:04:15:5c:21:a6:50:2d:2d:ef:f2:f5:
7a:0d:a5:be:b1:9c:4c:5f:a0:6d:cf:a0:42:7c:20:
8e:19:06:67:0e:56:70:13:a3:0e:16:5e:fc:26:40:
57:6d:18:14:71:48:02:e8:4e:2d:d0:cf:d0:74:81:
0b:a6:5a:08:a2:2f:c9:23:08:fd:32:41:bf:1f:59:
b4:af:03:05:d9:f2:95:17:b2:21:fb:56:71:1d:4c:
8f:9f:fb:03:a8:c2:aa:d1:c0:5d:94:ff:42:59:22:
af:86:44:1a:43:76:6f:84:0e:43:7c:33:77:bc:8e:
ca:33:7d:81:bc:a6:ac:4e:f6:e2:06:1f:87:06:92:
c1:65:6c:68:6b:93:fe:e1:79:c4:54:1b:df:b8:bc:
b8:a6:c7:8a:eb:54:f6:a5:1f:b7:af:ed:1f:7d:db:
7e:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:B3:52:4E:FF:35:9F:34:B5:84:BF:6E:FE:AA:DC:4F:41:87:06:11
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XrNSTv81nzS1hL9u_qrcT0GHBhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:5387::/32
2a0e:5641::/32
2a0e:5643::/32
2a0e:5645::/32
2a0e:5647::/32
2a0e:5900::/32
2a0e:5905::/32
2a0e:8084::/32
2a0e:8087::/32
2a0e:ccc0::/32
2a0e:ccc4::/32
2a0f:6fc1::/32
2a0f:6fc3::/32
2a0f:6fc7::/32
2a0f:b4c2::/32
2a0f:b4c6::/32
2a0f:c085::/32
Signature Algorithm: sha256WithRSAEncryption
52:ee:8e:cd:87:3b:70:ed:74:47:7f:04:8e:6c:6f:d1:35:95:
91:6d:fd:01:90:cf:fb:97:6c:62:77:ca:34:d6:57:d4:77:ef:
5c:62:1a:ac:c5:28:38:dc:13:5e:8d:c2:ff:65:41:80:b7:52:
40:a8:90:88:25:26:1f:70:3a:83:c6:08:3a:f0:6b:8a:55:d5:
05:12:e4:79:1d:0e:1c:f1:75:96:02:10:c3:22:43:67:44:6a:
a6:72:86:68:e1:85:49:a9:c5:fa:d9:b0:cb:54:b8:d5:fa:6b:
20:1d:9a:3f:fe:16:6b:e0:92:0c:29:5f:b5:ef:66:38:50:05:
10:b9:2a:00:3c:bb:db:76:66:8c:d3:cb:24:9e:d7:72:4d:e7:
21:db:af:c4:5b:b0:9e:af:4b:4c:7d:60:42:5f:b7:c3:4a:44:
33:b5:fe:bd:48:cc:d4:6b:31:9e:44:7d:e2:72:3e:e5:f7:aa:
4a:07:44:c7:bd:b6:0d:18:58:97:c6:cc:c1:70:0f:82:be:5a:
a6:58:da:e5:ec:1f:31:bd:5c:41:c8:55:c1:f3:98:02:88:b7:
2c:05:38:07:1d:3d:84:90:e2:7b:f5:f3:51:59:0a:75:52:87:
a6:f5:55:56:20:29:d3:ef:14:63:dc:f1:bb:7b:85:d7:96:1b:
96:5f:aa:57
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgISAZSzLowpCACzrAPJsPi+hSWbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjUwMTI5MTc0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWIzNTI0ZWZmMzU5ZjM0YjU4NGJmNmVmZWFhZGM0ZjQxODcwNjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxm/1M04n2G5oDgDKD9Jmr0EjS3Z
TNxZgZ4Jh69OsGtNDeUfY8Nsc1Wj1VkFdT5xPPOxR6caPH2YpI4jCM0pamv3yCTG
DztsaAU6PSTs2zPu/pYu7gXGqUrzPKQoBBVcIaZQLS3v8vV6DaW+sZxMX6Btz6BC
fCCOGQZnDlZwE6MOFl78JkBXbRgUcUgC6E4t0M/QdIELploIoi/JIwj9MkG/H1m0
rwMF2fKVF7Ih+1ZxHUyPn/sDqMKq0cBdlP9CWSKvhkQaQ3ZvhA5DfDN3vI7KM32B
vKasTvbiBh+HBpLBZWxoa5P+4XnEVBvfuLy4pseK61T2pR+3r+0ffdt+vQIDAQAB
o4ICfDCCAngwHQYDVR0OBBYEFF6zUk7/NZ80tYS/bv6q3E9BhwYRMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvWHJOU1R2ODFuelMxaEw5dV9xcmNUMEdIQmhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGRBggrBgEFBQcBBwEB/wSBgTB/MH0EAgACMHcDBQAqDlOH
AwUAKg5WQQMFACoOVkMDBQAqDlZFAwUAKg5WRwMFACoOWQADBQAqDlkFAwUAKg6A
hAMFACoOgIcDBQAqDszAAwUAKg7MxAMFACoPb8EDBQAqD2/DAwUAKg9vxwMFACoP
tMIDBQAqD7TGAwUAKg/AhTANBgkqhkiG9w0BAQsFAAOCAQEAUu6OzYc7cO10R38E
jmxv0TWVkW39AZDP+5dsYnfKNNZX1HfvXGIarMUoONwTXo3C/2VBgLdSQKiQiCUm
H3A6g8YIOvBrilXVBRLkeR0OHPF1lgIQwyJDZ0RqpnKGaOGFSanF+tmwy1S41fpr
IB2aP/4Wa+CSDClfte9mOFAFELkqADy723ZmjNPLJJ7Xck3nIduvxFuwnq9LTH1g
Ql+3w0pEM7X+vUjM1GsxnkR94nI+5feqSgdEx722DRhYl8bMwXAPgr5aplja5ewf
Mb1cQchVwfOYAoi3LAU4Bx09hJDie/XzUVkKdVKHpvVVViAp0+8UY9zxu3uF15Yb
ll+qVw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:45:34 2025 by rpki-client