Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/fG1gmlY7S_P3aQw-1R1hPLLAzXI.roa
File: fG1gmlY7S_P3aQw-1R1hPLLAzXI.roa (raw, json)
Hash identifier: LARd1teyTJ0/YOLlCwH1TOsFHJ+O3kYqC2c0YX1SpNo=
Subject key identifier: 7C:6D:60:9A:56:3B:4B:F3:F7:69:0C:3E:D5:1D:61:3C:B2:C0:CD:72
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 0193ACDCA9262491620263797155DB8EE1ED
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/fG1gmlY7S_P3aQw-1R1hPLLAzXI.roa
Signing time: Mon 09 Dec 2024 19:19:22 +0000
ROA not before: Mon 09 Dec 2024 19:19:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213220
IP address blocks: 2a0e:5384::/32 maxlen: 32
2a0e:5386::/32 maxlen: 32
2a0e:5642::/32 maxlen: 32
2a0e:5907::/32 maxlen: 32
2a0e:ccc6::/32 maxlen: 32
2a0e:ccc7::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ac:dc:a9:26:24:91:62:02:63:79:71:55:db:8e:e1:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Dec 9 19:19:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c6d609a563b4bf3f7690c3ed51d613cb2c0cd72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:7b:61:b5:b8:c8:f1:2a:40:67:b9:3f:d6:d5:
ea:93:fa:d0:4f:ab:6e:a0:60:c0:1b:1b:32:ac:8c:
70:bc:5d:26:8f:0e:1e:a9:e2:ff:be:6f:b7:ca:ed:
99:2e:bf:98:24:55:07:fd:3e:f5:d9:67:d7:c2:40:
3d:9a:d3:89:6f:7a:15:46:08:b6:da:88:d1:55:21:
4a:14:a3:b5:f3:42:cc:c7:c3:21:aa:53:29:f0:ab:
53:52:c8:68:cc:9c:f9:87:ae:55:37:46:fe:70:5d:
49:75:32:d9:51:9a:5d:e1:20:34:f6:29:1c:c0:53:
ce:ee:6a:f2:4a:f7:49:b2:b4:e9:16:f9:ff:23:79:
18:ea:1d:90:2d:79:55:a9:b2:59:8f:63:eb:42:f5:
ae:4b:52:66:77:6e:91:35:83:b1:86:91:39:46:65:
7d:de:bb:32:3f:a4:ee:6f:a5:40:ec:6d:d3:54:5b:
98:45:62:1e:d5:58:df:fc:09:b7:4a:68:40:b9:0e:
ea:54:dd:cf:e6:7c:eb:cb:0e:11:d8:48:4b:47:4f:
81:40:7e:bb:59:0d:2a:bf:98:80:1c:fc:44:9f:db:
0a:76:a5:f1:40:79:78:08:ef:8c:c1:8a:6d:bf:1f:
95:4c:46:02:39:26:1e:b7:f7:3a:be:b5:86:c2:88:
1a:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:6D:60:9A:56:3B:4B:F3:F7:69:0C:3E:D5:1D:61:3C:B2:C0:CD:72
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/fG1gmlY7S_P3aQw-1R1hPLLAzXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:5384::/32
2a0e:5386::/32
2a0e:5642::/32
2a0e:5907::/32
2a0e:ccc6::/31
Signature Algorithm: sha256WithRSAEncryption
62:12:9e:79:2c:6e:d5:56:1c:be:e2:fc:24:89:d1:fb:ce:24:
00:90:ea:7a:6a:7e:c2:07:c1:7c:cc:40:38:b7:11:60:06:6c:
2a:2a:82:01:94:a6:c5:bf:39:f1:cb:39:2c:18:69:74:b6:6c:
f5:24:5c:a2:39:1f:ef:4d:60:a3:08:8c:96:84:19:85:e8:b7:
ef:cd:93:82:ca:95:54:a4:0b:37:f9:59:a3:71:84:1b:de:e2:
1c:2c:ff:ab:a9:ee:52:7a:6b:5d:86:ea:33:47:7c:cc:b8:36:
ab:43:74:c3:bd:5f:18:23:9a:d2:54:ad:cc:c9:88:95:a6:e1:
2d:0e:c4:b7:69:b4:93:f8:7c:ec:ba:57:d8:fa:89:9a:5c:c4:
8f:8d:b5:03:23:e3:17:c7:7a:af:3c:bd:49:05:9d:05:db:c8:
17:21:d4:09:93:e0:dd:c6:d7:9e:25:4f:fb:26:3b:c0:1c:f1:
f2:74:c4:f3:45:fe:31:81:c7:96:0e:bb:38:82:4a:5b:5f:ea:
cc:e8:4c:7d:85:4d:c1:f5:1c:23:04:e8:f3:2d:0f:94:c5:cd:
c6:55:02:56:27:88:37:5e:7e:64:32:73:df:54:a1:d9:58:dc:
76:a4:08:0d:33:1d:62:64:fd:14:e8:28:7b:07:b8:9b:0e:1f:
5d:a3:34:af
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZOs3KkmJJFiAmN5cVXbjuHtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjQxMjA5MTkxOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzZkNjA5YTU2M2I0YmYzZjc2OTBjM2VkNTFkNjEzY2IyYzBjZDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXthtbjI8SpAZ7k/1tXqk/rQT6tu
oGDAGxsyrIxwvF0mjw4eqeL/vm+3yu2ZLr+YJFUH/T712WfXwkA9mtOJb3oVRgi2
2ojRVSFKFKO180LMx8MhqlMp8KtTUshozJz5h65VN0b+cF1JdTLZUZpd4SA09ikc
wFPO7mrySvdJsrTpFvn/I3kY6h2QLXlVqbJZj2PrQvWuS1Jmd26RNYOxhpE5RmV9
3rsyP6Tub6VA7G3TVFuYRWIe1Vjf/Am3SmhAuQ7qVN3P5nzryw4R2EhLR0+BQH67
WQ0qv5iAHPxEn9sKdqXxQHl4CO+MwYptvx+VTEYCOSYet/c6vrWGwogabwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFHxtYJpWO0vz92kMPtUdYTyywM1yMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvZkcxZ21sWTdTX1AzYVF3LTFSMWhQTExBelhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUAKg5ThAMF
ACoOU4YDBQAqDlZCAwUAKg5ZBwMFASoOzMYwDQYJKoZIhvcNAQELBQADggEBAGIS
nnksbtVWHL7i/CSJ0fvOJACQ6npqfsIHwXzMQDi3EWAGbCoqggGUpsW/OfHLOSwY
aXS2bPUkXKI5H+9NYKMIjJaEGYXot+/Nk4LKlVSkCzf5WaNxhBve4hws/6up7lJ6
a12G6jNHfMy4NqtDdMO9XxgjmtJUrczJiJWm4S0OxLdptJP4fOy6V9j6iZpcxI+N
tQMj4xfHeq88vUkFnQXbyBch1AmT4N3G154lT/smO8Ac8fJ0xPNF/jGBx5YOuziC
Sltf6szoTH2FTcH1HCME6PMtD5TFzcZVAlYniDdefmQyc99UodlY3HakCA0zHWJk
/RToKHsHuJsOH12jNK8=
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:28:32 2025 by rpki-client