Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/8aa085-cadc-446e-bbe8-c9ec3a98f9a3/1/SI4Sf5X0vY91SCLLuS0T0HV1XAw.roa
File: SI4Sf5X0vY91SCLLuS0T0HV1XAw.roa (raw, json)
Hash identifier: vybBHiicO75CdA1yIdtc4ZMAICggAuSWP15Y1AU4oJc=
Subject key identifier: 48:8E:12:7F:95:F4:BD:8F:75:48:22:CB:B9:2D:13:D0:75:75:5C:0C
Certificate issuer: /CN=a16512b8a262bad599a3b023358c5ceccac9e085
Certificate serial: 01938280F62415A62A583AD312AD3049F99D
Authority key identifier: A1:65:12:B8:A2:62:BA:D5:99:A3:B0:23:35:8C:5C:EC:CA:C9:E0:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oWUSuKJiutWZo7AjNYxc7MrJ4IU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/8aa085-cadc-446e-bbe8-c9ec3a98f9a3/1/SI4Sf5X0vY91SCLLuS0T0HV1XAw.roa
Signing time: Sun 01 Dec 2024 13:55:09 +0000
ROA not before: Sun 01 Dec 2024 13:55:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214145
IP address blocks: 2a01:e140::/44 maxlen: 48
2a01:e140::/48 maxlen: 48
2a01:e140:10::/44 maxlen: 48
2a01:e140:10::/48 maxlen: 48
2a01:e140:11::/48 maxlen: 48
2a01:e140:20::/44 maxlen: 48
2a01:e140:20::/48 maxlen: 48
2a01:e140:21::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Dec 2024 20:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:82:80:f6:24:15:a6:2a:58:3a:d3:12:ad:30:49:f9:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a16512b8a262bad599a3b023358c5ceccac9e085
Validity
Not Before: Dec 1 13:55:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=488e127f95f4bd8f754822cbb92d13d075755c0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:04:86:22:18:56:bb:49:1a:45:8b:4e:7f:a9:
62:0c:c8:db:d4:38:1a:ed:a1:20:30:41:26:ab:69:
b4:52:07:c5:0b:95:69:e9:67:19:64:ad:19:6b:8e:
74:c1:90:8f:ae:f0:f2:ca:39:18:7c:c7:92:e7:87:
94:81:b1:56:6b:02:de:f5:11:bf:e3:02:33:43:4a:
de:e1:7c:45:d9:e4:6e:69:f7:55:5c:d2:f7:8d:16:
b0:f3:30:dc:31:0e:8e:67:21:4c:e3:d6:73:70:3a:
c8:b8:6a:b8:a8:0b:e1:ec:bb:4b:e7:39:30:11:cf:
09:01:27:78:46:b2:e8:3a:3f:f0:01:bf:fb:b2:86:
f2:bc:2c:4f:cd:f8:d5:7c:8c:e9:35:9d:42:55:e8:
3c:77:36:6a:10:75:74:06:b4:11:66:e5:4b:f2:3c:
a7:ca:30:a7:7c:6d:91:49:13:39:54:46:29:0f:87:
c9:03:60:b4:36:93:63:2d:9c:2e:1f:fe:79:e3:51:
b3:c7:a9:aa:6f:78:76:bb:16:02:08:3a:75:d0:2c:
58:5e:3a:34:09:17:ff:59:21:75:eb:2c:07:ef:69:
34:e6:f7:3d:36:7d:c8:53:bf:52:c4:83:69:25:8b:
59:2b:79:06:84:1b:09:7c:82:f5:45:4d:df:28:21:
b3:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:8E:12:7F:95:F4:BD:8F:75:48:22:CB:B9:2D:13:D0:75:75:5C:0C
X509v3 Authority Key Identifier:
keyid:A1:65:12:B8:A2:62:BA:D5:99:A3:B0:23:35:8C:5C:EC:CA:C9:E0:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWUSuKJiutWZo7AjNYxc7MrJ4IU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/8aa085-cadc-446e-bbe8-c9ec3a98f9a3/1/SI4Sf5X0vY91SCLLuS0T0HV1XAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/8aa085-cadc-446e-bbe8-c9ec3a98f9a3/1/oWUSuKJiutWZo7AjNYxc7MrJ4IU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e140::-2a01:e140:2f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a5:60:40:07:fe:a5:c4:df:13:73:52:ff:a3:00:90:71:c3:98:
f8:75:60:8d:13:df:d2:b4:e2:81:56:3d:74:94:ff:50:ca:9b:
38:04:5a:99:8f:6d:e8:de:d2:90:ce:fc:5e:aa:1d:6e:64:72:
65:d0:7c:6b:28:ea:f3:1c:78:f1:25:24:0b:15:a5:e7:70:4a:
90:27:a2:69:18:9a:65:fa:94:4b:60:32:f1:55:63:db:55:93:
f9:70:97:77:f1:67:2a:fe:c1:de:24:87:b0:5d:84:a2:0c:9e:
e3:b9:94:90:6d:2a:c3:70:a1:82:55:4d:50:a9:60:ff:21:b8:
33:a0:d5:9f:19:d4:8e:8c:41:af:f3:0f:f1:95:37:28:04:1a:
2f:c6:90:4e:ba:d2:e8:54:60:ee:e7:23:87:97:06:6c:0b:b3:
0e:47:b4:0e:8a:6b:ea:5b:12:b2:25:d0:e6:8f:b1:62:01:03:
a1:8d:0f:3c:d0:16:d0:28:91:c4:cc:f6:29:71:0d:8a:90:69:
c2:3f:93:f7:59:1d:0b:ec:ce:2e:0b:60:a2:2f:92:cc:56:b8:
e6:e5:aa:a1:99:6e:de:3e:f2:b1:6d:69:d6:6a:d1:2f:bc:4d:
e0:e4:5a:ea:72:40:ba:90:95:fc:e4:26:bb:8b:b9:1b:58:9b:
7e:69:d8:57
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZOCgPYkFaYqWDrTEq0wSfmdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNjUxMmI4YTI2MmJhZDU5OWEzYjAyMzM1OGM1Y2VjY2Fj
OWUwODUwHhcNMjQxMjAxMTM1NTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODhlMTI3Zjk1ZjRiZDhmNzU0ODIyY2JiOTJkMTNkMDc1NzU1YzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3QSGIhhWu0kaRYtOf6liDMjb1Dga
7aEgMEEmq2m0UgfFC5Vp6WcZZK0Za450wZCPrvDyyjkYfMeS54eUgbFWawLe9RG/
4wIzQ0re4XxF2eRuafdVXNL3jRaw8zDcMQ6OZyFM49ZzcDrIuGq4qAvh7LtL5zkw
Ec8JASd4RrLoOj/wAb/7sobyvCxPzfjVfIzpNZ1CVeg8dzZqEHV0BrQRZuVL8jyn
yjCnfG2RSRM5VEYpD4fJA2C0NpNjLZwuH/5541Gzx6mqb3h2uxYCCDp10CxYXjo0
CRf/WSF16ywH72k05vc9Nn3IU79SxINpJYtZK3kGhBsJfIL1RU3fKCGzEwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEiOEn+V9L2PdUgiy7ktE9B1dVwMMB8GA1UdIwQY
MBaAFKFlEriiYrrVmaOwIzWMXOzKyeCFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1dVU3VLSml1dFdabzdBak5ZeGM3TXJKNElVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84YWEwODUtY2FkYy00NDZlLWJiZTgt
YzllYzNhOThmOWEzLzEvU0k0U2Y1WDB2WTkxU0NMTHVTMFQwSFYxWEF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS84YWEwODUtY2FkYy00NDZlLWJiZTgtYzllYzNhOThmOWEz
LzEvb1dVU3VLSml1dFdabzdBak5ZeGM3TXJKNElVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBQYqAeFA
AwcEKgHhQAAgMA0GCSqGSIb3DQEBCwUAA4IBAQClYEAH/qXE3xNzUv+jAJBxw5j4
dWCNE9/StOKBVj10lP9Qyps4BFqZj23o3tKQzvxeqh1uZHJl0HxrKOrzHHjxJSQL
FaXncEqQJ6JpGJpl+pRLYDLxVWPbVZP5cJd38Wcq/sHeJIewXYSiDJ7juZSQbSrD
cKGCVU1QqWD/IbgzoNWfGdSOjEGv8w/xlTcoBBovxpBOutLoVGDu5yOHlwZsC7MO
R7QOimvqWxKyJdDmj7FiAQOhjQ880BbQKJHEzPYpcQ2KkGnCP5P3WR0L7M4uC2Ci
L5LMVrjm5aqhmW7ePvKxbWnWatEvvE3g5FrqckC6kJX85Ca7i7kbWJt+adhX
-----END CERTIFICATE-----
Generated at Sun Apr 20 01:57:38 2025 by rpki-client