Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/eAyqW9G5aGb1lxeZQeErytlbvDY.roa
File: eAyqW9G5aGb1lxeZQeErytlbvDY.roa (raw, json)
Hash identifier: sBM6zBsQLVpI8WhgECE3pRRNONfvKuDrze64bqBZidg=
Subject key identifier: 78:0C:AA:5B:D1:B9:68:66:F5:97:17:99:41:E1:2B:CA:D9:5B:BC:36
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 018CC3B6B01269B189F34660ECCA1B3C3BCB
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/eAyqW9G5aGb1lxeZQeErytlbvDY.roa
Signing time: Mon 01 Jan 2024 06:29:38 +0000
ROA not before: Mon 01 Jan 2024 06:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38915
IP address blocks: 2a07:3502:11f0::/48 maxlen: 48
2a07:3502:1070::/48 maxlen: 48
2a07:3502:1040::/48 maxlen: 48
2a07:3502:1090::/48 maxlen: 48
2a07:3502:11e0::/48 maxlen: 48
2a07:3502:11d0::/48 maxlen: 48
2a07:3500:19f8::/48 maxlen: 48
2a07:3500:19d8::/48 maxlen: 48
2a07:3500:19a8::/48 maxlen: 48
2a07:3500:1998::/48 maxlen: 48
2a07:3500:19e8::/48 maxlen: 48
2a07:3500:19a0::/48 maxlen: 48
2a07:3500:19f0::/48 maxlen: 48
2a07:3500:1a00::/48 maxlen: 48
2a07:3500:1200::/48 maxlen: 48
2a07:3500:19e0::/48 maxlen: 48
2a07:3500:19b0::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:b0:12:69:b1:89:f3:46:60:ec:ca:1b:3c:3b:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Jan 1 06:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=780caa5bd1b96866f597179941e12bcad95bbc36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:14:0f:7f:81:60:7f:5d:b6:55:83:ef:b7:10:
1b:ba:ad:18:67:57:11:5b:f0:63:90:d1:4f:2a:1e:
98:db:c5:14:bc:54:c6:3c:f1:03:89:d1:32:2a:cd:
ce:71:47:96:24:83:fe:15:1a:33:87:e9:87:36:d9:
3b:d3:1c:7c:97:de:e3:aa:6a:43:03:86:04:f5:1f:
89:5a:45:cb:ca:cb:78:85:63:da:c5:4c:32:53:39:
8d:ef:7a:a8:cc:8a:2b:0a:e3:dc:9b:14:0a:2e:bc:
f5:31:56:ad:a2:55:70:89:56:f7:6b:dd:a5:48:1c:
38:89:c7:a9:10:8e:98:8d:6a:b5:69:14:63:78:f9:
a9:60:ee:8f:68:8d:3a:ad:a1:8d:0d:a5:e7:e5:38:
05:6c:e9:94:d3:e5:94:a2:06:32:36:23:8f:a0:78:
2a:34:bb:02:e8:ad:16:4f:1c:a4:f0:33:af:be:9e:
a2:62:49:72:43:62:83:26:a3:43:a8:3b:f5:e5:d8:
9d:63:9a:62:e8:38:3f:62:3f:9b:40:c4:04:16:89:
90:69:0c:f9:3b:f2:10:1a:19:ab:78:c8:7e:4b:85:
6d:6e:d3:08:17:eb:08:92:20:e3:66:e9:be:dc:48:
ca:82:ad:f7:fc:1a:ef:2e:31:8a:56:92:1b:55:7a:
5f:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:0C:AA:5B:D1:B9:68:66:F5:97:17:99:41:E1:2B:CA:D9:5B:BC:36
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/eAyqW9G5aGb1lxeZQeErytlbvDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:3500:1200::/48
2a07:3500:1998::/48
2a07:3500:19a0::/48
2a07:3500:19a8::/48
2a07:3500:19b0::/48
2a07:3500:19d8::/48
2a07:3500:19e0::/48
2a07:3500:19e8::/48
2a07:3500:19f0::/48
2a07:3500:19f8::/48
2a07:3500:1a00::/48
2a07:3502:1040::/48
2a07:3502:1070::/48
2a07:3502:1090::/48
2a07:3502:11d0::/48
2a07:3502:11e0::/48
2a07:3502:11f0::/48
Signature Algorithm: sha256WithRSAEncryption
46:c3:96:6c:aa:51:ae:25:1c:a5:41:d6:d3:07:e0:2f:58:8b:
39:45:26:59:ff:fa:1c:8a:fc:1c:e2:4c:5d:b4:3d:25:a7:fd:
34:d0:ea:6f:40:93:11:3d:1c:a7:70:ff:4a:f0:6d:dc:a6:a6:
52:20:12:b7:93:d6:21:cd:84:f4:08:31:79:c2:ab:98:1c:6e:
29:5f:23:f4:7c:a1:57:89:03:e3:1d:0a:eb:e6:15:fd:12:8c:
e3:e8:8b:06:ce:35:9a:76:6b:bb:fa:fe:51:dc:00:12:63:16:
14:96:bd:8e:ab:f5:f2:55:66:e7:df:1e:22:d5:5f:9e:92:96:
a2:52:5d:83:9c:e9:ab:04:a9:bc:88:3f:e1:a0:f8:cf:8f:b8:
a4:aa:9a:d4:fb:d6:df:50:6a:fc:3c:bb:a5:70:d1:82:d7:b1:
96:e8:8e:8e:f3:f8:3d:58:a2:cf:ff:46:78:9d:bd:5e:86:67:
bc:d9:f0:9c:6d:6a:37:90:ac:53:3d:12:52:49:bc:93:76:28:
98:98:0a:d3:52:c3:04:8f:99:b0:01:64:97:60:5f:04:bf:d0:
ef:74:38:e7:1d:9c:4e:8b:7b:a1:2a:3a:60:41:32:2f:c3:21:
7a:07:69:cd:db:e8:3e:e8:0e:8a:45:cf:e9:3c:b4:9e:93:ce:
39:6f:5a:6d
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgISAYzDtrASabGJ80Zg7MobPDvLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjQwMTAxMDYyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODBjYWE1YmQxYjk2ODY2ZjU5NzE3OTk0MWUxMmJjYWQ5NWJiYzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhQPf4Fgf122VYPvtxAbuq0YZ1cR
W/BjkNFPKh6Y28UUvFTGPPEDidEyKs3OcUeWJIP+FRozh+mHNtk70xx8l97jqmpD
A4YE9R+JWkXLyst4hWPaxUwyUzmN73qozIorCuPcmxQKLrz1MVatolVwiVb3a92l
SBw4icepEI6YjWq1aRRjePmpYO6PaI06raGNDaXn5TgFbOmU0+WUogYyNiOPoHgq
NLsC6K0WTxyk8DOvvp6iYklyQ2KDJqNDqDv15didY5pi6Dg/Yj+bQMQEFomQaQz5
O/IQGhmreMh+S4VtbtMIF+sIkiDjZum+3EjKgq33/BrvLjGKVpIbVXpfBQIDAQAB
o4ICoTCCAp0wHQYDVR0OBBYEFHgMqlvRuWhm9ZcXmUHhK8rZW7w2MB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvZUF5cVc5RzVhR2IxbHhlWlFlRXJ5dGxidkRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG2BggrBgEFBQcBBwEB/wSBpjCBozCBoAQCAAIwgZkDBwAq
BzUAEgADBwAqBzUAGZgDBwAqBzUAGaADBwAqBzUAGagDBwAqBzUAGbADBwAqBzUA
GdgDBwAqBzUAGeADBwAqBzUAGegDBwAqBzUAGfADBwAqBzUAGfgDBwAqBzUAGgAD
BwAqBzUCEEADBwAqBzUCEHADBwAqBzUCEJADBwAqBzUCEdADBwAqBzUCEeADBwAq
BzUCEfAwDQYJKoZIhvcNAQELBQADggEBAEbDlmyqUa4lHKVB1tMH4C9YizlFJln/
+hyK/BziTF20PSWn/TTQ6m9AkxE9HKdw/0rwbdymplIgEreT1iHNhPQIMXnCq5gc
bilfI/R8oVeJA+MdCuvmFf0SjOPoiwbONZp2a7v6/lHcABJjFhSWvY6r9fJVZuff
HiLVX56SlqJSXYOc6asEqbyIP+Gg+M+PuKSqmtT71t9Qavw8u6Vw0YLXsZbojo7z
+D1Yos//RnidvV6GZ7zZ8JxtajeQrFM9ElJJvJN2KJiYCtNSwwSPmbABZJdgXwS/
0O90OOcdnE6Le6EqOmBBMi/DIXoHac3b6D7oDopFz+k8tJ6TzjlvWm0=
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:55:50 2025 by rpki-client