Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/8aa085-cadc-446e-bbe8-c9ec3a98f9a3/1/Kge9YllglAG3MFpFY1D_VJxcUnE.roa
File: Kge9YllglAG3MFpFY1D_VJxcUnE.roa (raw, json)
Hash identifier: hzuJYm2GMFEwf0ZOlpmceaD2s7l9ZTCsvzFEWEACi4E=
Subject key identifier: 2A:07:BD:62:59:60:94:01:B7:30:5A:45:63:50:FF:54:9C:5C:52:71
Certificate issuer: /CN=a16512b8a262bad599a3b023358c5ceccac9e085
Certificate serial: 0193D618B0273DA28F1FB92ADEAD4F245218
Authority key identifier: A1:65:12:B8:A2:62:BA:D5:99:A3:B0:23:35:8C:5C:EC:CA:C9:E0:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oWUSuKJiutWZo7AjNYxc7MrJ4IU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/8aa085-cadc-446e-bbe8-c9ec3a98f9a3/1/Kge9YllglAG3MFpFY1D_VJxcUnE.roa
Signing time: Tue 17 Dec 2024 19:29:22 +0000
ROA not before: Tue 17 Dec 2024 19:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214145
IP address blocks: 2a01:e140::/44 maxlen: 48
2a01:e140::/48 maxlen: 48
2a01:e140:10::/44 maxlen: 48
2a01:e140:10::/48 maxlen: 48
2a01:e140:11::/48 maxlen: 48
2a01:e140:12::/48 maxlen: 48
2a01:e140:20::/44 maxlen: 48
2a01:e140:20::/48 maxlen: 48
2a01:e140:21::/48 maxlen: 48
2a01:e140:100::/44 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d6:18:b0:27:3d:a2:8f:1f:b9:2a:de:ad:4f:24:52:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a16512b8a262bad599a3b023358c5ceccac9e085
Validity
Not Before: Dec 17 19:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a07bd6259609401b7305a456350ff549c5c5271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7f:f2:61:a1:21:ce:1a:8c:22:d0:f4:18:b6:
9a:29:c8:02:d5:93:b2:f0:09:dd:d0:5c:9f:15:62:
94:36:61:9c:b6:e0:84:65:54:4d:61:83:5c:46:3a:
11:81:97:ff:83:9a:c3:40:62:32:ea:a1:63:c8:29:
0f:6e:96:d4:24:7a:02:91:8e:69:b1:c1:ad:15:27:
f1:ee:54:51:ff:d7:84:f8:21:9a:9e:0b:eb:57:42:
6d:5e:e3:c3:94:61:f2:10:07:6d:32:d7:c4:bc:67:
74:f8:cf:a7:b3:a5:c5:af:fd:70:4e:a3:8b:68:f1:
44:92:87:79:bd:57:25:62:0d:8f:df:a1:91:5f:c4:
d1:ae:7a:11:5c:b0:51:eb:43:6f:11:cd:73:18:e6:
19:ed:4c:49:e6:70:a6:79:c7:65:b3:5c:17:05:d7:
6b:ee:c1:70:69:de:27:1b:2c:1a:01:26:fb:1a:97:
88:78:fc:9f:91:78:d5:58:6e:84:f6:f6:9d:8c:38:
9f:b8:ab:3a:2f:dd:4c:3c:3a:d6:a4:9b:7c:e5:c0:
47:23:f1:bc:ea:b9:3a:42:18:d0:09:dd:ef:33:60:
c7:33:da:f8:28:5a:0c:b2:fc:a5:16:83:47:ae:b9:
de:39:e8:6a:b7:a4:51:fd:07:96:3f:55:cd:09:a4:
f4:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:07:BD:62:59:60:94:01:B7:30:5A:45:63:50:FF:54:9C:5C:52:71
X509v3 Authority Key Identifier:
keyid:A1:65:12:B8:A2:62:BA:D5:99:A3:B0:23:35:8C:5C:EC:CA:C9:E0:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWUSuKJiutWZo7AjNYxc7MrJ4IU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/8aa085-cadc-446e-bbe8-c9ec3a98f9a3/1/Kge9YllglAG3MFpFY1D_VJxcUnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/8aa085-cadc-446e-bbe8-c9ec3a98f9a3/1/oWUSuKJiutWZo7AjNYxc7MrJ4IU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e140::-2a01:e140:2f:ffff:ffff:ffff:ffff:ffff
2a01:e140:100::/44
Signature Algorithm: sha256WithRSAEncryption
97:be:1c:b8:c6:4e:64:b5:14:61:52:4a:12:16:b9:25:70:eb:
89:6e:89:38:55:49:86:ed:c4:22:31:ce:c5:55:be:58:5a:26:
64:5c:86:90:48:6d:4d:bc:0b:ea:75:b9:31:3a:2c:c5:91:4c:
bf:17:a6:8c:8a:77:fe:53:6c:4c:54:94:ad:3f:35:dd:71:e9:
00:32:9a:f5:b7:49:ec:d6:4e:6f:47:1e:04:6c:a6:60:80:76:
ff:bb:92:cb:30:8f:7d:7e:91:46:39:8b:19:93:00:e5:73:48:
ba:8a:74:b7:71:e5:27:7e:2b:bb:40:6f:fa:a3:a3:f6:e2:4a:
e6:d6:a7:0f:fa:f2:20:66:84:41:44:5f:0a:1e:22:f2:b9:4f:
d0:cb:8b:c0:68:1d:42:15:c8:e7:59:ad:8b:ea:03:78:49:b5:
56:aa:b9:00:29:4a:f7:65:fd:67:96:79:35:05:8d:94:1e:7b:
e0:89:c0:b2:26:97:ae:35:aa:27:c0:e4:f9:0f:29:9b:b0:bc:
14:4c:44:f2:75:4f:53:a9:f4:35:bd:eb:28:25:ff:12:48:35:
0e:4c:1b:3a:28:20:0d:55:24:6d:dc:84:eb:7c:d5:f5:00:01:
f4:79:6d:35:52:42:13:18:7f:7f:8a:e2:cc:62:66:e1:85:2f:
b3:7c:d2:29
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZPWGLAnPaKPH7kq3q1PJFIYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNjUxMmI4YTI2MmJhZDU5OWEzYjAyMzM1OGM1Y2VjY2Fj
OWUwODUwHhcNMjQxMjE3MTkyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTA3YmQ2MjU5NjA5NDAxYjczMDVhNDU2MzUwZmY1NDljNWM1MjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnH/yYaEhzhqMItD0GLaaKcgC1ZOy
8And0FyfFWKUNmGctuCEZVRNYYNcRjoRgZf/g5rDQGIy6qFjyCkPbpbUJHoCkY5p
scGtFSfx7lRR/9eE+CGangvrV0JtXuPDlGHyEAdtMtfEvGd0+M+ns6XFr/1wTqOL
aPFEkod5vVclYg2P36GRX8TRrnoRXLBR60NvEc1zGOYZ7UxJ5nCmecdls1wXBddr
7sFwad4nGywaASb7GpeIePyfkXjVWG6E9vadjDifuKs6L91MPDrWpJt85cBHI/G8
6rk6QhjQCd3vM2DHM9r4KFoMsvylFoNHrrneOehqt6RR/QeWP1XNCaT0bQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCoHvWJZYJQBtzBaRWNQ/1ScXFJxMB8GA1UdIwQY
MBaAFKFlEriiYrrVmaOwIzWMXOzKyeCFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1dVU3VLSml1dFdabzdBak5ZeGM3TXJKNElVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84YWEwODUtY2FkYy00NDZlLWJiZTgt
YzllYzNhOThmOWEzLzEvS2dlOVlsbGdsQUczTUZwRlkxRF9WSnhjVW5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS84YWEwODUtY2FkYy00NDZlLWJiZTgtYzllYzNhOThmOWEz
LzEvb1dVU3VLSml1dFdabzdBak5ZeGM3TXJKNElVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbMBADBQYqAeFA
AwcEKgHhQAAgAwcEKgHhQAEAMA0GCSqGSIb3DQEBCwUAA4IBAQCXvhy4xk5ktRRh
UkoSFrklcOuJbok4VUmG7cQiMc7FVb5YWiZkXIaQSG1NvAvqdbkxOizFkUy/F6aM
inf+U2xMVJStPzXdcekAMpr1t0ns1k5vRx4EbKZggHb/u5LLMI99fpFGOYsZkwDl
c0i6inS3ceUnfiu7QG/6o6P24krm1qcP+vIgZoRBRF8KHiLyuU/Qy4vAaB1CFcjn
Wa2L6gN4SbVWqrkAKUr3Zf1nlnk1BY2UHnvgicCyJpeuNaonwOT5DymbsLwUTETy
dU9TqfQ1vesoJf8SSDUOTBs6KCANVSRt3ITrfNX1AAH0eW01UkITGH9/iuLMYmbh
hS+zfNIp
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:12:56 2025 by rpki-client