Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/8aa085-cadc-446e-bbe8-c9ec3a98f9a3/1/1-GF2rPv6OeFVHnXfrkDD7niMZaI.roa
File: 1-GF2rPv6OeFVHnXfrkDD7niMZaI.roa (raw, json)
Hash identifier: TbUEOtuyFcyZejoyD0qhA1HJYrrRUZclOBgGtlt5aNU=
Subject key identifier: F8:61:76:AC:FB:FA:39:E1:55:1E:75:DF:AE:40:C3:EE:78:8C:65:A2
Certificate issuer: /CN=a16512b8a262bad599a3b023358c5ceccac9e085
Certificate serial: 019420685D0E546FB93DE83FE4AE21F43464
Authority key identifier: A1:65:12:B8:A2:62:BA:D5:99:A3:B0:23:35:8C:5C:EC:CA:C9:E0:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oWUSuKJiutWZo7AjNYxc7MrJ4IU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/8aa085-cadc-446e-bbe8-c9ec3a98f9a3/1/1-GF2rPv6OeFVHnXfrkDD7niMZaI.roa
Signing time: Wed 01 Jan 2025 05:48:17 +0000
ROA not before: Wed 01 Jan 2025 05:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214145
IP address blocks: 2a01:e140::/44 maxlen: 48
2a01:e140::/48 maxlen: 48
2a01:e140:10::/44 maxlen: 48
2a01:e140:10::/48 maxlen: 48
2a01:e140:11::/48 maxlen: 48
2a01:e140:12::/48 maxlen: 48
2a01:e140:20::/44 maxlen: 48
2a01:e140:20::/48 maxlen: 48
2a01:e140:21::/48 maxlen: 48
2a01:e140:100::/44 maxlen: 48
Validation: Failed, certificate revoked on Sat 01 Mar 2025 21:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:5d:0e:54:6f:b9:3d:e8:3f:e4:ae:21:f4:34:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a16512b8a262bad599a3b023358c5ceccac9e085
Validity
Not Before: Jan 1 05:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f86176acfbfa39e1551e75dfae40c3ee788c65a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:8b:bb:ef:73:b9:d1:34:7d:6d:eb:4f:fc:d2:
76:27:97:32:9d:36:ac:82:3b:b5:93:a2:60:c9:77:
03:e5:ff:0f:3e:3e:47:72:ee:03:7c:d9:c7:e0:e9:
e7:82:0f:da:8f:76:8e:db:46:4a:82:06:5b:c8:94:
1d:e2:e6:7c:1e:9d:8e:d8:84:44:1b:7e:75:45:af:
4a:98:40:69:bf:db:b1:0b:de:b5:34:f8:10:e7:4c:
f4:9a:87:ed:74:62:03:fc:08:c9:9a:e8:46:b0:55:
39:38:50:36:6c:8c:26:dc:03:d1:77:7c:c7:67:d8:
af:af:7d:a2:ea:81:a3:90:0f:bd:4f:2a:da:ca:a8:
f7:76:33:b8:20:14:3d:5c:b1:e0:8f:e0:d6:34:05:
bd:08:7e:db:55:86:d3:18:72:5b:fe:83:8e:a8:e2:
c7:a0:9f:f9:87:68:a5:e6:57:af:4e:8d:4b:62:af:
b9:ac:70:ac:9e:0c:bf:b3:bf:ef:f6:62:62:7b:cb:
75:0e:c1:3d:93:50:e2:af:cc:77:09:4f:6f:b2:1b:
1a:ec:ec:53:14:ee:6d:37:76:e1:20:bb:d3:d4:0d:
df:3f:8e:a1:52:b7:69:b7:b7:c2:77:0a:4b:2c:63:
dd:43:4d:c6:c3:28:73:8b:09:f9:ca:4e:2e:80:29:
3e:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:61:76:AC:FB:FA:39:E1:55:1E:75:DF:AE:40:C3:EE:78:8C:65:A2
X509v3 Authority Key Identifier:
keyid:A1:65:12:B8:A2:62:BA:D5:99:A3:B0:23:35:8C:5C:EC:CA:C9:E0:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWUSuKJiutWZo7AjNYxc7MrJ4IU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/8aa085-cadc-446e-bbe8-c9ec3a98f9a3/1/1-GF2rPv6OeFVHnXfrkDD7niMZaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/8aa085-cadc-446e-bbe8-c9ec3a98f9a3/1/oWUSuKJiutWZo7AjNYxc7MrJ4IU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e140::-2a01:e140:2f:ffff:ffff:ffff:ffff:ffff
2a01:e140:100::/44
Signature Algorithm: sha256WithRSAEncryption
0e:31:81:31:7e:d9:ac:16:f4:10:1b:fa:61:52:23:5a:36:24:
89:dc:e6:02:b9:25:a6:09:e6:91:2f:69:ec:a2:1f:9c:d9:8c:
0a:11:a3:56:6d:63:09:34:ce:a2:46:b0:23:51:b1:9c:ef:0c:
6b:02:2b:e7:da:89:35:27:bf:3e:80:26:8c:e3:4e:51:6f:d2:
2e:db:15:90:40:7d:49:d0:b0:97:cc:08:cc:59:d8:5b:93:ca:
74:a1:11:47:bd:1e:00:6d:88:2d:db:69:d9:fc:93:8a:80:75:
8e:b9:ca:e0:17:ec:f2:7b:57:d6:84:38:54:cd:29:fb:dc:2b:
6b:d9:5d:32:ca:29:d6:7c:39:5a:3c:c6:b2:65:a9:de:36:03:
de:03:1f:66:be:1a:bb:cf:4b:91:15:2e:5a:9d:6a:47:75:d1:
b1:2f:67:c6:a6:19:42:72:dc:c8:8f:a0:d5:c5:7b:93:25:a5:
1a:3c:63:b1:70:65:a5:06:b9:f5:de:db:83:db:0b:37:27:eb:
59:e7:13:e2:b7:a3:8b:ca:a1:9f:51:92:64:a7:4a:18:93:43:
e7:40:80:a3:66:63:58:dc:6c:2f:41:e2:6a:87:02:f6:72:a6:
67:2d:b3:1c:d1:e3:34:c8:4e:44:d0:a4:75:e9:af:20:f6:3b:
f5:ec:fa:3d
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQgaF0OVG+5Peg/5K4h9DRkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNjUxMmI4YTI2MmJhZDU5OWEzYjAyMzM1OGM1Y2VjY2Fj
OWUwODUwHhcNMjUwMTAxMDU0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODYxNzZhY2ZiZmEzOWUxNTUxZTc1ZGZhZTQwYzNlZTc4OGM2NWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4u773O50TR9betP/NJ2J5cynTas
gju1k6JgyXcD5f8PPj5Hcu4DfNnH4Onngg/aj3aO20ZKggZbyJQd4uZ8Hp2O2IRE
G351Ra9KmEBpv9uxC961NPgQ50z0moftdGID/AjJmuhGsFU5OFA2bIwm3APRd3zH
Z9ivr32i6oGjkA+9Tyrayqj3djO4IBQ9XLHgj+DWNAW9CH7bVYbTGHJb/oOOqOLH
oJ/5h2il5levTo1LYq+5rHCsngy/s7/v9mJie8t1DsE9k1Dir8x3CU9vshsa7OxT
FO5tN3bhILvT1A3fP46hUrdpt7fCdwpLLGPdQ03Gwyhziwn5yk4ugCk+1QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPhhdqz7+jnhVR51365Aw+54jGWiMB8GA1UdIwQY
MBaAFKFlEriiYrrVmaOwIzWMXOzKyeCFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1dVU3VLSml1dFdabzdBak5ZeGM3TXJKNElVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84YWEwODUtY2FkYy00NDZlLWJiZTgt
YzllYzNhOThmOWEzLzEvMS1HRjJyUHY2T2VGVkhuWGZya0REN25pTVphSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDUvOGFhMDg1LWNhZGMtNDQ2ZS1iYmU4LWM5ZWMzYTk4Zjlh
My8xL29XVVN1S0ppdXRXWm83QWpOWXhjN01ySjRJVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMwIQQCAAIwGzAQAwUGKgHh
QAMHBCoB4UAAIAMHBCoB4UABADANBgkqhkiG9w0BAQsFAAOCAQEADjGBMX7ZrBb0
EBv6YVIjWjYkidzmArklpgnmkS9p7KIfnNmMChGjVm1jCTTOokawI1GxnO8MawIr
59qJNSe/PoAmjONOUW/SLtsVkEB9SdCwl8wIzFnYW5PKdKERR70eAG2ILdtp2fyT
ioB1jrnK4Bfs8ntX1oQ4VM0p+9wra9ldMsop1nw5WjzGsmWp3jYD3gMfZr4au89L
kRUuWp1qR3XRsS9nxqYZQnLcyI+g1cV7kyWlGjxjsXBlpQa59d7bg9sLNyfrWecT
4reji8qhn1GSZKdKGJND50CAo2ZjWNxsL0HiaocC9nKmZy2zHNHjNMhORNCkdemv
IPY79ez6PQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 05:03:41 2025 by rpki-client