Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/lELNZVtO2XXD4AYZZisAi-KQDos.roa
File: lELNZVtO2XXD4AYZZisAi-KQDos.roa (raw, json)
Hash identifier: shoG+AAnt0G4FnVFB2sYPTsncyriBGs+g8B4aWUPWMY=
Subject key identifier: 94:42:CD:65:5B:4E:D9:75:C3:E0:06:19:66:2B:00:8B:E2:90:0E:8B
Certificate issuer: /CN=8aab4c0cf21c1a3d6ea41068cbe908be388e450a
Certificate serial: 0192103025C256E624B9A7DCD790EDFE9234
Authority key identifier: 8A:AB:4C:0C:F2:1C:1A:3D:6E:A4:10:68:CB:E9:08:BE:38:8E:45:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iqtMDPIcGj1upBBoy-kIvjiORQo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/lELNZVtO2XXD4AYZZisAi-KQDos.roa
Signing time: Fri 20 Sep 2024 16:07:23 +0000
ROA not before: Fri 20 Sep 2024 16:07:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211691
IP address blocks: 2a07:7940:42::/48 maxlen: 48
2a07:7940:44::/48 maxlen: 48
2a07:7940:fffd::/48 maxlen: 48
2a07:7940:fffe::/48 maxlen: 48
2a07:7947:ff00::/44 maxlen: 44
2a07:7947:ff80::/44 maxlen: 44
2a07:7947:ffc0::/44 maxlen: 44
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:10:30:25:c2:56:e6:24:b9:a7:dc:d7:90:ed:fe:92:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8aab4c0cf21c1a3d6ea41068cbe908be388e450a
Validity
Not Before: Sep 20 16:07:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9442cd655b4ed975c3e00619662b008be2900e8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:86:bf:48:87:2c:97:2e:77:e2:61:99:d2:5e:
0f:6d:92:27:6c:d7:09:37:97:80:ec:24:59:30:14:
2c:fa:49:58:26:bf:91:a7:ab:5f:67:3c:04:df:84:
f2:a2:f9:d1:ee:46:70:bb:47:4f:52:14:71:b2:be:
86:f0:49:8e:44:3b:9b:85:ff:7b:47:d1:e5:56:75:
c7:bd:3f:03:db:88:b8:ee:25:bc:ab:c8:7c:c6:b5:
b6:76:5f:7b:4e:ca:ab:4b:a3:2c:c6:3c:9d:c7:8c:
f8:8b:33:69:5c:bf:91:c5:95:c5:82:77:f5:eb:db:
9d:2b:d1:e2:eb:af:52:eb:2f:74:a0:5c:07:24:da:
9f:7b:61:8b:f6:31:d4:2c:7a:da:1f:47:7f:9b:51:
8f:69:c6:7e:f6:54:30:da:27:fd:59:7b:2a:e0:e6:
a1:45:12:70:83:a8:26:fd:99:9a:f6:43:d1:05:21:
64:c6:9e:68:fb:96:2d:74:f8:9b:97:bd:40:36:52:
ac:5e:c4:1f:f7:a7:85:44:5e:e3:31:fa:69:6e:40:
da:7e:40:7a:05:84:ad:03:71:5b:66:af:ce:f7:3b:
a5:0c:89:b5:45:e3:8d:1e:ce:6a:ab:5c:e4:cf:ae:
59:2b:9e:f7:90:9f:7d:94:66:0d:74:c2:b6:1c:31:
39:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:42:CD:65:5B:4E:D9:75:C3:E0:06:19:66:2B:00:8B:E2:90:0E:8B
X509v3 Authority Key Identifier:
keyid:8A:AB:4C:0C:F2:1C:1A:3D:6E:A4:10:68:CB:E9:08:BE:38:8E:45:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqtMDPIcGj1upBBoy-kIvjiORQo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/lELNZVtO2XXD4AYZZisAi-KQDos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/iqtMDPIcGj1upBBoy-kIvjiORQo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:7940:42::/48
2a07:7940:44::/48
2a07:7940:fffd::-2a07:7940:fffe:ffff:ffff:ffff:ffff:ffff
2a07:7947:ff00::/44
2a07:7947:ff80::/44
2a07:7947:ffc0::/44
Signature Algorithm: sha256WithRSAEncryption
aa:83:af:ef:29:5f:92:4b:77:38:b4:f2:5c:53:84:b8:53:dd:
94:4c:9a:72:30:30:cd:78:6a:8f:15:0f:8b:5f:21:c0:66:6e:
66:88:8f:bb:aa:3a:c3:d4:2b:d6:28:3a:5f:7c:49:6d:f7:7b:
a9:17:00:80:40:34:7c:85:ba:48:cb:4f:98:c4:c9:46:bf:f7:
fc:03:e6:9f:1f:9f:83:25:6b:fb:ee:eb:04:c2:38:57:d4:88:
9e:f8:90:a4:a9:01:74:93:44:6f:5d:ae:8b:a9:91:2f:b5:6f:
a6:dc:b8:02:95:f8:94:44:91:7e:4d:30:b5:b6:eb:b0:e6:01:
0e:45:a5:65:6a:fd:e5:4b:31:c3:94:c4:1d:f5:b2:e1:27:fd:
3c:e8:34:32:0f:24:53:c9:9f:c3:d2:31:6c:b5:07:f9:c6:30:
4f:0c:e5:f6:ca:d2:2a:f6:de:da:e7:99:e7:4c:fa:ea:cc:c5:
e0:5f:b2:b9:e6:97:b4:a8:f3:5e:04:64:94:d7:35:28:81:9e:
d0:6e:8f:e6:11:6e:9e:74:b9:1c:78:32:2c:64:87:c2:7c:ef:
1f:11:33:e3:ac:6d:8f:bc:5a:82:98:e5:9a:25:44:45:69:2a:
aa:b0:a5:5f:6a:c0:76:7e:19:03:73:c5:af:d8:36:e4:76:1f:
c2:04:16:08
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZIQMCXCVuYkuafc15Dt/pI0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYWI0YzBjZjIxYzFhM2Q2ZWE0MTA2OGNiZTkwOGJlMzg4
ZTQ1MGEwHhcNMjQwOTIwMTYwNzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDQyY2Q2NTViNGVkOTc1YzNlMDA2MTk2NjJiMDA4YmUyOTAwZThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIa/SIcsly534mGZ0l4PbZInbNcJ
N5eA7CRZMBQs+klYJr+Rp6tfZzwE34TyovnR7kZwu0dPUhRxsr6G8EmORDubhf97
R9HlVnXHvT8D24i47iW8q8h8xrW2dl97TsqrS6Msxjydx4z4izNpXL+RxZXFgnf1
69udK9Hi669S6y90oFwHJNqfe2GL9jHULHraH0d/m1GPacZ+9lQw2if9WXsq4Oah
RRJwg6gm/Zma9kPRBSFkxp5o+5YtdPibl71ANlKsXsQf96eFRF7jMfppbkDafkB6
BYStA3FbZq/O9zulDIm1ReONHs5qq1zkz65ZK573kJ99lGYNdMK2HDE5LwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFJRCzWVbTtl1w+AGGWYrAIvikA6LMB8GA1UdIwQY
MBaAFIqrTAzyHBo9bqQQaMvpCL44jkUKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXF0TURQSWNHajF1cEJCb3kta0l2amlPUlFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NDBjMWUtMWE0Yy00Y2EyLWJkNTMt
NTM3YjFiNDlkZmU3LzEvbEVMTlpWdE8yWFhENEFZWlppc0FpLUtRRG9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NDBjMWUtMWE0Yy00Y2EyLWJkNTMtNTM3YjFiNDlkZmU3
LzEvaXF0TURQSWNHajF1cEJCb3kta0l2amlPUlFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTBHBAIAAjBBAwcAKgd5QABC
AwcAKgd5QABEMBIDBwAqB3lA//0DBwAqB3lA//4DBwQqB3lH/wADBwQqB3lH/4AD
BwQqB3lH/8AwDQYJKoZIhvcNAQELBQADggEBAKqDr+8pX5JLdzi08lxThLhT3ZRM
mnIwMM14ao8VD4tfIcBmbmaIj7uqOsPUK9YoOl98SW33e6kXAIBANHyFukjLT5jE
yUa/9/wD5p8fn4Mla/vu6wTCOFfUiJ74kKSpAXSTRG9droupkS+1b6bcuAKV+JRE
kX5NMLW267DmAQ5FpWVq/eVLMcOUxB31suEn/TzoNDIPJFPJn8PSMWy1B/nGME8M
5fbK0ir23trnmedM+urMxeBfsrnml7So814EZJTXNSiBntBuj+YRbp50uRx4Mixk
h8J87x8RM+OsbY+8WoKY5ZolREVpKqqwpV9qwHZ+GQNzxa/YNuR2H8IEFgg=
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:09:52 2025 by rpki-client