Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/tLGEPtlSDOvtw2Y65VU5V9JgHbw.roa
File: tLGEPtlSDOvtw2Y65VU5V9JgHbw.roa (raw, json)
Hash identifier: HdRibEx2D2eocA4iLFIPU/B1ly0kMi/N9FZsjAw2AoA=
Subject key identifier: B4:B1:84:3E:D9:52:0C:EB:ED:C3:66:3A:E5:55:39:57:D2:60:1D:BC
Certificate issuer: /CN=217b7ab062bc828b348d05306e65354748b9d6d6
Certificate serial: 0194658DFC17FE3A9DC9167616053B85247C
Authority key identifier: 21:7B:7A:B0:62:BC:82:8B:34:8D:05:30:6E:65:35:47:48:B9:D6:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IXt6sGK8gos0jQUwbmU1R0i51tY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/tLGEPtlSDOvtw2Y65VU5V9JgHbw.roa
Signing time: Tue 14 Jan 2025 16:03:11 +0000
ROA not before: Tue 14 Jan 2025 16:03:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212128
IP address blocks: 2a10:cbc0::/32 maxlen: 32
2a10:cbc1::/32 maxlen: 32
2a10:cbc2::/32 maxlen: 32
2a10:cbc3::/32 maxlen: 32
2a10:cbc4::/32 maxlen: 32
2a10:cbc5::/32 maxlen: 32
2a10:cbc6::/32 maxlen: 32
2a10:cbc7::/32 maxlen: 32
2a11:e380::/32 maxlen: 32
2a11:e381::/32 maxlen: 32
2a11:e382::/32 maxlen: 32
2a11:e383::/32 maxlen: 32
2a11:e384::/32 maxlen: 32
2a11:e385::/32 maxlen: 32
2a11:e386::/32 maxlen: 32
2a11:e387::/32 maxlen: 32
2a12:70c0::/32 maxlen: 32
2a12:70c1::/32 maxlen: 32
2a12:70c2::/32 maxlen: 32
2a12:70c3::/32 maxlen: 32
2a12:70c4::/32 maxlen: 32
2a12:70c5::/32 maxlen: 32
2a12:70c6::/32 maxlen: 32
2a12:70c7::/32 maxlen: 32
2a13:7e00::/32 maxlen: 32
2a13:7e01::/32 maxlen: 32
2a13:7e02::/32 maxlen: 32
2a13:7e03::/32 maxlen: 32
2a13:7e04::/32 maxlen: 32
2a13:7e05::/32 maxlen: 32
2a13:7e06::/32 maxlen: 32
2a13:7e07::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 21 Jan 2025 12:25:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:65:8d:fc:17:fe:3a:9d:c9:16:76:16:05:3b:85:24:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=217b7ab062bc828b348d05306e65354748b9d6d6
Validity
Not Before: Jan 14 16:03:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4b1843ed9520cebedc3663ae5553957d2601dbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2c:d5:f1:c3:b8:3c:e1:5c:0d:8d:ea:ed:54:
90:db:35:ed:76:01:9d:12:9f:5e:b0:ec:26:20:a4:
1a:67:37:46:2f:f1:7b:d9:fe:60:8c:cd:c2:4d:72:
77:4d:7c:91:59:8e:45:79:eb:a9:04:0b:6e:6b:6e:
4d:2a:3c:cd:ba:05:9b:af:2e:2f:f6:36:ec:82:ba:
85:ec:7f:e0:9c:ac:de:9b:d3:ae:c1:e9:ab:4b:c4:
1f:ad:08:c4:1a:9d:cc:68:8f:15:ec:63:b7:c0:5a:
e1:f3:e2:5f:e4:c4:4e:0a:c1:f7:cc:cb:6d:23:1b:
0f:cb:41:6f:ef:5c:f6:aa:4a:5e:f1:72:b1:ed:76:
76:06:57:dd:b3:49:57:ac:0b:30:a6:c3:24:d1:dc:
19:fd:10:ad:ec:38:7d:d8:92:cd:af:51:25:55:ca:
c7:16:be:8a:4a:3d:b2:1f:c6:9d:e1:1a:b6:21:08:
ca:2d:f7:4e:6b:16:78:10:4d:14:26:ba:d6:ac:86:
7f:d9:83:8d:ee:3f:66:f7:ed:18:c8:56:f4:24:79:
22:87:24:93:6e:f7:93:25:29:1c:03:d6:2b:92:3e:
7b:1b:3e:a7:5c:7b:dc:e5:2a:1a:47:7c:e3:95:ab:
7d:b7:3e:b1:89:5a:3d:bf:90:2a:2b:62:b9:23:2d:
ca:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:B1:84:3E:D9:52:0C:EB:ED:C3:66:3A:E5:55:39:57:D2:60:1D:BC
X509v3 Authority Key Identifier:
keyid:21:7B:7A:B0:62:BC:82:8B:34:8D:05:30:6E:65:35:47:48:B9:D6:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IXt6sGK8gos0jQUwbmU1R0i51tY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/tLGEPtlSDOvtw2Y65VU5V9JgHbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/IXt6sGK8gos0jQUwbmU1R0i51tY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:cbc0::/29
2a11:e380::/29
2a12:70c0::/29
2a13:7e00::/29
Signature Algorithm: sha256WithRSAEncryption
5e:f2:00:f4:4d:de:60:bc:93:57:ce:fc:85:ee:48:39:b9:9e:
b9:19:a3:c9:1a:94:c5:ec:6b:52:81:75:fe:ad:dd:ac:f9:bc:
fd:1b:db:8b:48:20:e3:5c:79:3c:ef:80:1a:26:65:e9:9b:32:
f3:d2:94:6e:85:25:60:4b:4d:7a:c4:1f:16:ca:7d:63:25:52:
fa:a5:60:90:9f:5e:50:ec:75:7d:b3:22:17:2d:46:a3:07:56:
48:43:81:d9:dd:13:e2:c9:d1:27:0b:9f:9f:db:ff:04:7d:74:
b2:3a:c0:3f:6f:44:62:b4:21:31:5a:22:a0:f7:92:9d:09:6a:
dd:7c:59:6a:08:8d:9f:2b:a6:e5:bc:d9:09:51:19:59:c9:cd:
db:f5:63:75:14:cb:2e:9a:0a:04:09:cc:97:50:9e:fd:ed:ad:
5c:9e:c0:f3:92:02:da:9a:3a:2f:a3:88:c8:7a:83:d2:86:36:
a1:a2:cf:ed:9a:d1:40:32:43:be:85:f0:61:6a:a1:90:e2:41:
c7:ba:3b:38:53:22:6e:cb:26:36:d8:5a:df:f0:be:0d:02:68:
8c:57:d6:3c:38:48:26:88:e7:50:e2:20:88:0e:b1:47:f6:30:
fd:27:b1:b9:6a:cc:d8:25:c3:83:2d:8b:46:63:17:fe:93:32:
33:79:da:9b
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZRljfwX/jqdyRZ2FgU7hSR8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxN2I3YWIwNjJiYzgyOGIzNDhkMDUzMDZlNjUzNTQ3NDhi
OWQ2ZDYwHhcNMjUwMTE0MTYwMzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGIxODQzZWQ5NTIwY2ViZWRjMzY2M2FlNTU1Mzk1N2QyNjAxZGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCzV8cO4POFcDY3q7VSQ2zXtdgGd
Ep9esOwmIKQaZzdGL/F72f5gjM3CTXJ3TXyRWY5FeeupBAtua25NKjzNugWbry4v
9jbsgrqF7H/gnKzem9OuwemrS8QfrQjEGp3MaI8V7GO3wFrh8+Jf5MROCsH3zMtt
IxsPy0Fv71z2qkpe8XKx7XZ2Blfds0lXrAswpsMk0dwZ/RCt7Dh92JLNr1ElVcrH
Fr6KSj2yH8ad4Rq2IQjKLfdOaxZ4EE0UJrrWrIZ/2YON7j9m9+0YyFb0JHkihyST
bveTJSkcA9Yrkj57Gz6nXHvc5SoaR3zjlat9tz6xiVo9v5AqK2K5Iy3KHQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFLSxhD7ZUgzr7cNmOuVVOVfSYB28MB8GA1UdIwQY
MBaAFCF7erBivIKLNI0FMG5lNUdIudbWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVh0NnNHSzhnb3MwalFVd2JtVTFSMGk1MXRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9hOGRhZGMtNjExYi00MDYzLWFkYjYt
NTViNjU5Y2Q4MmJiLzEvdExHRVB0bFNET3Z0dzJZNjVWVTVWOUpnSGJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9hOGRhZGMtNjExYi00MDYzLWFkYjYtNTViNjU5Y2Q4MmJi
LzEvSVh0NnNHSzhnb3MwalFVd2JtVTFSMGk1MXRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKhDLwAMF
AyoR44ADBQMqEnDAAwUDKhN+ADANBgkqhkiG9w0BAQsFAAOCAQEAXvIA9E3eYLyT
V878he5IObmeuRmjyRqUxexrUoF1/q3drPm8/Rvbi0gg41x5PO+AGiZl6Zsy89KU
boUlYEtNesQfFsp9YyVS+qVgkJ9eUOx1fbMiFy1GowdWSEOB2d0T4snRJwufn9v/
BH10sjrAP29EYrQhMVoioPeSnQlq3XxZagiNnyum5bzZCVEZWcnN2/VjdRTLLpoK
BAnMl1Ce/e2tXJ7A85IC2po6L6OIyHqD0oY2oaLP7ZrRQDJDvoXwYWqhkOJBx7o7
OFMibssmNtha3/C+DQJojFfWPDhIJojnUOIgiA6xR/Yw/SexuWrM2CXDgy2LRmMX
/pMyM3namw==
-----END CERTIFICATE-----
Generated at Wed Apr 16 00:26:10 2025 by rpki-client