Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/060f32-a48b-4657-a58b-41b730327c78/1/IENDnQK3IFo9cqKd9wdauCxruOw.roa
File: IENDnQK3IFo9cqKd9wdauCxruOw.roa (raw, json)
Hash identifier: cgnWJ0KyvOgPo0lBMglVcpzMvWF9he+bdZ68CaouAls=
Subject key identifier: 20:43:43:9D:02:B7:20:5A:3D:72:A2:9D:F7:07:5A:B8:2C:6B:B8:EC
Certificate issuer: /CN=da7d5fca1e469929d4a8b6f57af3cbcdc639a35e
Certificate serial: 019585C25709D6AA50B8A48B8033EDDB0B29
Authority key identifier: DA:7D:5F:CA:1E:46:99:29:D4:A8:B6:F5:7A:F3:CB:CD:C6:39:A3:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2n1fyh5GmSnUqLb1evPLzcY5o14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/060f32-a48b-4657-a58b-41b730327c78/1/IENDnQK3IFo9cqKd9wdauCxruOw.roa
Signing time: Tue 11 Mar 2025 15:11:00 +0000
ROA not before: Tue 11 Mar 2025 15:11:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 2a01:e5c0:2000::/36 maxlen: 36
2a01:e5c0:3000::/36 maxlen: 36
2a01:e5c0:4000::/36 maxlen: 36
2a01:e5c0:5000::/36 maxlen: 36
2a01:e5c0:6000::/36 maxlen: 36
2a01:e5c0:7000::/36 maxlen: 36
2a01:e5c0:8003::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 14 Mar 2025 09:19:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:85:c2:57:09:d6:aa:50:b8:a4:8b:80:33:ed:db:0b:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da7d5fca1e469929d4a8b6f57af3cbcdc639a35e
Validity
Not Before: Mar 11 15:11:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2043439d02b7205a3d72a29df7075ab82c6bb8ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:57:40:bb:7f:65:7b:85:1b:99:95:1e:82:82:
e2:f2:6f:2d:e9:bf:e5:70:bd:c5:8f:4d:24:a2:67:
0e:55:e1:58:f0:bb:98:71:99:b7:51:b3:e9:96:50:
cb:6b:24:5c:58:e3:d6:69:d5:fd:1f:bd:03:29:4e:
8f:f0:7a:8b:21:ad:69:d3:3d:8b:a2:f9:cc:e1:76:
24:c2:03:b3:43:00:be:84:e3:4c:17:0e:29:69:69:
ac:7a:8a:64:47:74:4a:03:0c:e0:34:79:42:2d:98:
b4:39:8d:fb:fb:21:3f:8c:01:46:e7:63:bc:d9:45:
68:59:4c:65:18:df:a8:44:14:d8:8d:14:30:68:9f:
65:30:88:06:c2:05:c7:c3:a4:5c:57:e2:a2:ff:90:
94:da:c6:58:91:0d:ac:43:c6:79:0e:56:82:85:e4:
d6:d9:2d:19:22:4f:7d:a2:50:e6:97:47:68:78:d4:
dc:1c:69:d5:29:cf:ec:4c:45:fa:e2:2e:8e:b5:91:
ff:f1:59:8d:de:17:ac:c0:11:6e:46:6c:25:35:3b:
89:ae:cc:54:6d:db:e4:23:f8:81:2b:4a:01:d4:81:
2c:5c:f9:18:7a:ab:4f:fb:06:4c:00:32:4b:ce:c7:
d8:da:d3:de:d2:71:18:72:c4:51:de:4a:be:d9:2c:
aa:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:43:43:9D:02:B7:20:5A:3D:72:A2:9D:F7:07:5A:B8:2C:6B:B8:EC
X509v3 Authority Key Identifier:
keyid:DA:7D:5F:CA:1E:46:99:29:D4:A8:B6:F5:7A:F3:CB:CD:C6:39:A3:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2n1fyh5GmSnUqLb1evPLzcY5o14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/060f32-a48b-4657-a58b-41b730327c78/1/IENDnQK3IFo9cqKd9wdauCxruOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/060f32-a48b-4657-a58b-41b730327c78/1/2n1fyh5GmSnUqLb1evPLzcY5o14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e5c0:2000::-2a01:e5c0:7fff:ffff:ffff:ffff:ffff:ffff
2a01:e5c0:8003::/48
Signature Algorithm: sha256WithRSAEncryption
8b:9d:06:5b:30:3b:11:81:46:5a:6b:bc:27:a4:fa:4d:49:0c:
30:cc:21:98:7c:e6:23:17:fb:b2:a2:77:58:96:9b:89:1e:e5:
91:4a:14:cd:89:aa:62:d7:42:07:96:fb:c7:3d:24:38:1b:2a:
b6:da:06:32:f6:f0:44:0d:42:0e:a9:a3:a3:ac:db:60:c3:5b:
fe:37:a1:77:04:2a:db:3a:58:b0:c2:88:d5:09:08:bf:e0:c1:
9f:f7:91:89:e5:33:4d:46:7e:a3:50:f1:e3:fa:e1:40:b9:14:
70:96:5d:47:e0:b7:8b:18:31:78:bf:0c:6b:f1:d9:87:b5:3f:
34:36:51:09:91:bd:8b:fa:5d:c4:7a:a0:7e:b3:ef:f7:10:3f:
0a:70:7b:84:97:54:30:22:a6:94:18:3f:b0:8d:be:cb:b8:b6:
6c:f8:c4:2a:3c:79:aa:ee:d7:1d:49:53:7b:7c:45:b4:00:e9:
50:69:7c:d6:7f:32:e9:f3:bb:ec:08:0c:7c:ac:48:7c:c6:8f:
74:81:89:54:26:b9:01:9a:ee:49:d4:0d:d6:a0:f4:a7:50:3f:
47:f6:18:28:e6:52:d3:41:f3:8f:d2:e4:7c:32:04:f9:6c:f4:
49:c3:2b:bf:b2:9f:8d:c0:1b:f8:e0:04:8c:31:a9:10:b9:8f:
26:c8:cd:b5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZWFwlcJ1qpQuKSLgDPt2wspMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhN2Q1ZmNhMWU0Njk5MjlkNGE4YjZmNTdhZjNjYmNkYzYz
OWEzNWUwHhcNMjUwMzExMTUxMTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDQzNDM5ZDAyYjcyMDVhM2Q3MmEyOWRmNzA3NWFiODJjNmJiOGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFdAu39le4UbmZUegoLi8m8t6b/l
cL3Fj00komcOVeFY8LuYcZm3UbPpllDLayRcWOPWadX9H70DKU6P8HqLIa1p0z2L
ovnM4XYkwgOzQwC+hONMFw4paWmseopkR3RKAwzgNHlCLZi0OY37+yE/jAFG52O8
2UVoWUxlGN+oRBTYjRQwaJ9lMIgGwgXHw6RcV+Ki/5CU2sZYkQ2sQ8Z5DlaCheTW
2S0ZIk99olDml0doeNTcHGnVKc/sTEX64i6OtZH/8VmN3heswBFuRmwlNTuJrsxU
bdvkI/iBK0oB1IEsXPkYeqtP+wZMADJLzsfY2tPe0nEYcsRR3kq+2SyqlQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCBDQ50CtyBaPXKinfcHWrgsa7jsMB8GA1UdIwQY
MBaAFNp9X8oeRpkp1Ki29Xrzy83GOaNeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm4xZnloNUdtU25VcUxiMWV2UEx6Y1k1bzE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8wNjBmMzItYTQ4Yi00NjU3LWE1OGIt
NDFiNzMwMzI3Yzc4LzEvSUVORG5RSzNJRm85Y3FLZDl3ZGF1Q3hydU93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8wNjBmMzItYTQ4Yi00NjU3LWE1OGItNDFiNzMwMzI3Yzc4
LzEvMm4xZnloNUdtU25VcUxiMWV2UEx6Y1k1bzE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbMBADBgUqAeXA
IAMGByoB5cAAAwcAKgHlwIADMA0GCSqGSIb3DQEBCwUAA4IBAQCLnQZbMDsRgUZa
a7wnpPpNSQwwzCGYfOYjF/uyondYlpuJHuWRShTNiapi10IHlvvHPSQ4Gyq22gYy
9vBEDUIOqaOjrNtgw1v+N6F3BCrbOliwwojVCQi/4MGf95GJ5TNNRn6jUPHj+uFA
uRRwll1H4LeLGDF4vwxr8dmHtT80NlEJkb2L+l3EeqB+s+/3ED8KcHuEl1QwIqaU
GD+wjb7LuLZs+MQqPHmq7tcdSVN7fEW0AOlQaXzWfzLp87vsCAx8rEh8xo90gYlU
JrkBmu5J1A3WoPSnUD9H9hgo5lLTQfOP0uR8MgT5bPRJwyu/sp+NwBv44ASMMakQ
uY8myM21
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:55:38 2025 by rpki-client