Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/twZ51R3E0KkPz39J4ayFrVJmJm8.roa
File: twZ51R3E0KkPz39J4ayFrVJmJm8.roa (raw, json)
Hash identifier: IqIrvhi/efvfch8yWPb5FEmYY5xUEstP5PL5zLgh+Ik=
Subject key identifier: B7:06:79:D5:1D:C4:D0:A9:0F:CF:7F:49:E1:AC:85:AD:52:66:26:6F
Certificate issuer: /CN=1d43a2484569d20e3f53c17be7b9fb29c34ee5be
Certificate serial: 0194FF6257ECC63D7FBF737CFF209FE8AED6
Authority key identifier: 1D:43:A2:48:45:69:D2:0E:3F:53:C1:7B:E7:B9:FB:29:C3:4E:E5:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/twZ51R3E0KkPz39J4ayFrVJmJm8.roa
Signing time: Thu 13 Feb 2025 12:57:02 +0000
ROA not before: Thu 13 Feb 2025 12:57:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207957
IP address blocks: 2a01:ecc0:340::/42 maxlen: 42
2a01:ecc0:380::/42 maxlen: 42
2a01:ecc0:3c0::/42 maxlen: 42
2a01:ecc0:400::/42 maxlen: 42
2a01:ecc0:440::/42 maxlen: 42
2a01:ecc0:480::/42 maxlen: 42
2a01:ecc0:4c0::/42 maxlen: 42
2a01:ecc0:500::/42 maxlen: 42
2a01:ecc0:540::/42 maxlen: 42
Validation: Failed, certificate revoked on Sun 02 Mar 2025 15:45:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ff:62:57:ec:c6:3d:7f:bf:73:7c:ff:20:9f:e8:ae:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d43a2484569d20e3f53c17be7b9fb29c34ee5be
Validity
Not Before: Feb 13 12:57:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b70679d51dc4d0a90fcf7f49e1ac85ad5266266f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:df:b2:af:12:7b:a8:df:66:5b:47:7c:cd:83:
ba:13:30:68:45:17:b6:1b:70:f7:e2:ce:34:75:3d:
2d:89:0c:fa:49:28:40:86:d9:14:2d:9e:76:f2:5b:
7a:3e:73:83:24:a5:7b:8e:ea:05:4c:b7:4b:77:f9:
6b:99:a4:5f:ac:2b:ca:4d:b3:f4:4a:e3:8f:f7:da:
4d:a2:a4:bc:40:1f:58:e1:f5:1f:25:86:93:2f:46:
07:6d:6f:e1:24:ec:f4:80:63:d2:46:26:a2:36:92:
67:4e:11:74:9d:1b:b3:41:9a:4f:ba:16:ce:8b:d4:
f5:d4:1a:ae:1c:63:0c:46:0c:b7:26:9f:c3:59:86:
01:8f:88:b2:9a:b5:5d:b7:1f:ab:f8:bd:5f:a7:71:
94:59:fd:57:70:15:44:99:dc:90:d9:77:48:3e:78:
5c:17:2e:43:a6:19:1b:d3:4b:70:10:ec:68:c6:30:
7f:c9:d0:6c:09:1d:ec:7d:ac:15:2d:5b:a6:15:ee:
24:4b:d6:3e:68:bd:8f:d8:71:d1:90:34:2c:c7:c9:
46:d5:56:ee:40:1d:5a:ef:58:f6:b8:54:76:9c:fb:
58:17:75:16:ae:e1:06:34:64:ea:6d:04:e8:42:c0:
dc:f3:66:ca:07:4f:d0:82:a2:e1:79:79:27:f7:3b:
73:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:06:79:D5:1D:C4:D0:A9:0F:CF:7F:49:E1:AC:85:AD:52:66:26:6F
X509v3 Authority Key Identifier:
keyid:1D:43:A2:48:45:69:D2:0E:3F:53:C1:7B:E7:B9:FB:29:C3:4E:E5:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/twZ51R3E0KkPz39J4ayFrVJmJm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:ecc0:340::-2a01:ecc0:57f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a7:57:8d:bd:96:df:ac:bd:20:a5:4b:43:9e:0b:a7:54:7b:f6:
67:12:a9:16:91:b8:06:03:b6:03:6f:a5:b0:5c:cf:2e:58:6c:
d6:01:3f:5f:1f:86:8f:68:21:5b:b8:c5:4a:85:8e:5d:cf:5a:
a3:a9:6d:00:92:cd:d5:0d:4f:a2:d7:6c:b6:d4:39:9d:45:7c:
a8:4f:0e:de:9f:b1:5b:48:d3:e2:a1:b0:0c:58:cf:00:43:1a:
40:b5:b7:e1:54:6d:5d:6f:37:55:1c:bb:4c:b0:3c:90:94:5c:
3a:45:c1:47:a3:35:5d:b9:42:93:43:d8:2f:73:0a:96:9c:df:
7f:21:09:96:33:0d:bb:a1:64:a8:0a:da:54:4c:02:ba:11:cd:
c7:e5:2f:ee:9e:ca:45:d1:38:4a:03:74:a1:62:30:be:ac:2a:
88:78:64:3c:3c:16:cc:60:72:16:39:4d:26:5f:a2:0a:89:4c:
87:ff:be:b9:f3:59:f5:b1:13:c9:17:62:18:09:50:fb:81:2f:
17:63:38:2f:f7:d3:fb:a3:ed:c9:c3:c0:eb:77:da:a0:e6:cb:
f4:11:63:7d:65:50:ce:a1:21:58:7c:0b:1a:42:9d:b9:da:3f:
ea:79:29:c1:35:b9:ac:ae:75:79:c0:13:be:9a:5a:fb:e2:5f:
a4:0e:e9:bc
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZT/Ylfsxj1/v3N8/yCf6K7WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNDNhMjQ4NDU2OWQyMGUzZjUzYzE3YmU3YjlmYjI5YzM0
ZWU1YmUwHhcNMjUwMjEzMTI1NzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzA2NzlkNTFkYzRkMGE5MGZjZjdmNDllMWFjODVhZDUyNjYyNjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApd+yrxJ7qN9mW0d8zYO6EzBoRRe2
G3D34s40dT0tiQz6SShAhtkULZ528lt6PnODJKV7juoFTLdLd/lrmaRfrCvKTbP0
SuOP99pNoqS8QB9Y4fUfJYaTL0YHbW/hJOz0gGPSRiaiNpJnThF0nRuzQZpPuhbO
i9T11BquHGMMRgy3Jp/DWYYBj4iymrVdtx+r+L1fp3GUWf1XcBVEmdyQ2XdIPnhc
Fy5Dphkb00twEOxoxjB/ydBsCR3sfawVLVumFe4kS9Y+aL2P2HHRkDQsx8lG1Vbu
QB1a71j2uFR2nPtYF3UWruEGNGTqbQToQsDc82bKB0/QgqLheXkn9ztzxwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLcGedUdxNCpD89/SeGsha1SZiZvMB8GA1UdIwQY
MBaAFB1DokhFadIOP1PBe+e5+ynDTuW+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFVPaVNFVnAwZzRfVThGNzU3bjdLY05PNWI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9jOTNkODctMzJlMC00NmYxLTlmYjkt
NjM0NTE1NDg5NzlkLzEvdHdaNTFSM0UwS2tQejM5SjRheUZyVkptSm04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9jOTNkODctMzJlMC00NmYxLTlmYjktNjM0NTE1NDg5Nzlk
LzEvSFVPaVNFVnAwZzRfVThGNzU3bjdLY05PNWI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwYqAezA
A0ADBwcqAezABQAwDQYJKoZIhvcNAQELBQADggEBAKdXjb2W36y9IKVLQ54Lp1R7
9mcSqRaRuAYDtgNvpbBczy5YbNYBP18fho9oIVu4xUqFjl3PWqOpbQCSzdUNT6LX
bLbUOZ1FfKhPDt6fsVtI0+KhsAxYzwBDGkC1t+FUbV1vN1Ucu0ywPJCUXDpFwUej
NV25QpND2C9zCpac338hCZYzDbuhZKgK2lRMAroRzcflL+6eykXROEoDdKFiML6s
Koh4ZDw8FsxgchY5TSZfogqJTIf/vrnzWfWxE8kXYhgJUPuBLxdjOC/30/uj7cnD
wOt32qDmy/QRY31lUM6hIVh8CxpCnbnaP+p5KcE1uayudXnAE76aWvviX6QO6bw=
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:42:48 2025 by rpki-client