Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/8aa085-cadc-446e-bbe8-c9ec3a98f9a3/1/PcTusjNg9z3fFVjIZlVipjwD7AI.roa
File: PcTusjNg9z3fFVjIZlVipjwD7AI.roa (raw, json)
Hash identifier: R5mx9IuIF+cJC7q/YlEKOF9NicNlGbe3B9/uJk36cl8=
Subject key identifier: 3D:C4:EE:B2:33:60:F7:3D:DF:15:58:C8:66:55:62:A6:3C:03:EC:02
Certificate issuer: /CN=a16512b8a262bad599a3b023358c5ceccac9e085
Certificate serial: 01938E2B6A2646A689D19BFC4800647A1BA3
Authority key identifier: A1:65:12:B8:A2:62:BA:D5:99:A3:B0:23:35:8C:5C:EC:CA:C9:E0:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oWUSuKJiutWZo7AjNYxc7MrJ4IU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/8aa085-cadc-446e-bbe8-c9ec3a98f9a3/1/PcTusjNg9z3fFVjIZlVipjwD7AI.roa
Signing time: Tue 03 Dec 2024 20:17:09 +0000
ROA not before: Tue 03 Dec 2024 20:17:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214145
IP address blocks: 2a01:e140::/44 maxlen: 48
2a01:e140::/48 maxlen: 48
2a01:e140:10::/44 maxlen: 48
2a01:e140:10::/48 maxlen: 48
2a01:e140:11::/48 maxlen: 48
2a01:e140:12::/48 maxlen: 48
2a01:e140:20::/44 maxlen: 48
2a01:e140:20::/48 maxlen: 48
2a01:e140:21::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 17 Dec 2024 19:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8e:2b:6a:26:46:a6:89:d1:9b:fc:48:00:64:7a:1b:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a16512b8a262bad599a3b023358c5ceccac9e085
Validity
Not Before: Dec 3 20:17:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3dc4eeb23360f73ddf1558c8665562a63c03ec02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:59:42:68:27:90:3c:a9:52:1b:7c:d8:16:5e:
b0:23:14:93:ee:b9:f8:dd:ea:f0:5c:cd:50:9f:c6:
c4:56:5a:3a:d1:fb:e3:e1:7b:e0:7a:8a:33:6d:53:
83:5e:3f:a2:74:0c:e7:18:e4:be:2b:4a:d0:1c:41:
35:66:d0:06:d6:85:71:ef:63:d6:b2:67:5f:40:00:
83:8a:85:99:8f:8c:c8:f1:31:a2:55:2c:bc:0c:73:
4b:35:c0:6f:a1:39:7a:39:5b:25:3d:dd:ca:cb:0b:
a6:66:8f:dd:5f:7f:f2:73:29:3d:40:78:95:ed:17:
b0:8b:67:d4:90:af:50:cf:e0:93:2e:41:26:92:32:
85:6b:97:a5:74:70:1c:8c:78:fd:15:9e:99:eb:70:
f4:68:57:b1:e2:cd:3f:31:56:c0:c3:9e:b0:24:ef:
37:90:35:dd:60:34:d4:55:6e:d9:c7:1b:19:fb:e0:
07:78:07:ea:0a:42:f7:1f:b9:07:ff:df:56:57:51:
5e:c8:fc:35:1e:ab:de:4b:c9:86:0d:6c:0b:01:ee:
87:7b:c2:87:48:70:90:91:5f:cf:7d:30:06:48:c5:
fe:79:14:e0:09:76:57:8e:7c:cd:09:db:8c:3d:d9:
95:83:2a:5e:3f:1f:04:de:d9:7b:1f:6a:01:ad:ca:
8a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:C4:EE:B2:33:60:F7:3D:DF:15:58:C8:66:55:62:A6:3C:03:EC:02
X509v3 Authority Key Identifier:
keyid:A1:65:12:B8:A2:62:BA:D5:99:A3:B0:23:35:8C:5C:EC:CA:C9:E0:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWUSuKJiutWZo7AjNYxc7MrJ4IU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/8aa085-cadc-446e-bbe8-c9ec3a98f9a3/1/PcTusjNg9z3fFVjIZlVipjwD7AI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/8aa085-cadc-446e-bbe8-c9ec3a98f9a3/1/oWUSuKJiutWZo7AjNYxc7MrJ4IU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e140::-2a01:e140:2f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
79:f7:7f:90:d7:1e:3c:ce:ac:d2:e0:b4:92:38:80:1b:47:a9:
56:b6:95:07:59:b4:f2:e1:c9:27:84:47:ee:6e:ec:b4:bd:51:
ba:76:b9:d4:9a:0b:96:78:b8:3e:62:cc:5e:37:d6:a4:32:b7:
36:2b:93:2d:c8:45:a4:23:60:dc:20:a5:47:d4:75:1a:a0:b3:
85:1b:42:d0:11:46:8d:d8:c4:14:14:34:c2:e7:67:db:c7:b8:
1b:a1:32:65:c1:73:d3:44:c1:cd:47:67:81:5a:9f:49:f6:0b:
a0:1e:b1:90:dc:17:e7:52:5a:6d:25:b4:ac:87:8d:23:fb:68:
ab:4e:c7:a7:45:94:f9:7b:e9:e6:37:cc:97:db:70:2f:43:70:
db:4b:07:15:ba:a0:87:c3:12:15:15:7a:81:b2:55:56:f4:92:
d0:50:dc:95:f8:86:d3:b7:d0:4d:91:a8:58:51:39:9b:58:27:
8d:c6:33:43:5f:31:2f:e3:57:14:40:42:e1:e3:c0:8d:7c:8a:
43:5e:c8:0a:1b:41:46:d9:e3:b4:9f:81:60:37:27:95:7a:f4:
ee:ec:93:3b:ea:0a:16:84:1d:9d:ee:f5:3b:e0:2a:af:65:23:
45:dd:e9:cc:d8:30:e9:00:e1:01:16:9d:df:19:cb:b5:ad:18:
9b:14:49:f0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZOOK2omRqaJ0Zv8SABkehujMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNjUxMmI4YTI2MmJhZDU5OWEzYjAyMzM1OGM1Y2VjY2Fj
OWUwODUwHhcNMjQxMjAzMjAxNzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGM0ZWViMjMzNjBmNzNkZGYxNTU4Yzg2NjU1NjJhNjNjMDNlYzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFlCaCeQPKlSG3zYFl6wIxST7rn4
3erwXM1Qn8bEVlo60fvj4XvgeoozbVODXj+idAznGOS+K0rQHEE1ZtAG1oVx72PW
smdfQACDioWZj4zI8TGiVSy8DHNLNcBvoTl6OVslPd3KywumZo/dX3/ycyk9QHiV
7Rewi2fUkK9Qz+CTLkEmkjKFa5eldHAcjHj9FZ6Z63D0aFex4s0/MVbAw56wJO83
kDXdYDTUVW7ZxxsZ++AHeAfqCkL3H7kH/99WV1FeyPw1HqveS8mGDWwLAe6He8KH
SHCQkV/PfTAGSMX+eRTgCXZXjnzNCduMPdmVgypePx8E3tl7H2oBrcqKRwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD3E7rIzYPc93xVYyGZVYqY8A+wCMB8GA1UdIwQY
MBaAFKFlEriiYrrVmaOwIzWMXOzKyeCFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1dVU3VLSml1dFdabzdBak5ZeGM3TXJKNElVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84YWEwODUtY2FkYy00NDZlLWJiZTgt
YzllYzNhOThmOWEzLzEvUGNUdXNqTmc5ejNmRlZqSVpsVmlwandEN0FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS84YWEwODUtY2FkYy00NDZlLWJiZTgtYzllYzNhOThmOWEz
LzEvb1dVU3VLSml1dFdabzdBak5ZeGM3TXJKNElVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBQYqAeFA
AwcEKgHhQAAgMA0GCSqGSIb3DQEBCwUAA4IBAQB593+Q1x48zqzS4LSSOIAbR6lW
tpUHWbTy4cknhEfubuy0vVG6drnUmguWeLg+YsxeN9akMrc2K5MtyEWkI2DcIKVH
1HUaoLOFG0LQEUaN2MQUFDTC52fbx7gboTJlwXPTRMHNR2eBWp9J9gugHrGQ3Bfn
UlptJbSsh40j+2irTsenRZT5e+nmN8yX23AvQ3DbSwcVuqCHwxIVFXqBslVW9JLQ
UNyV+IbTt9BNkahYUTmbWCeNxjNDXzEv41cUQELh48CNfIpDXsgKG0FG2eO0n4Fg
NyeVevTu7JM76goWhB2d7vU74CqvZSNF3enM2DDpAOEBFp3fGcu1rRibFEnw
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:05:40 2025 by rpki-client