Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/1-08sbiz5XBu8ElEGGbjZn5QXPx4.roa
File: 1-08sbiz5XBu8ElEGGbjZn5QXPx4.roa (raw, json)
Hash identifier: 1TiTbpJHv3j2x8QNWKGMRk7Xv3ngatJThmXb5ONEYS0=
Subject key identifier: FB:4F:2C:6E:2C:F9:5C:1B:BC:12:51:06:19:B8:D9:9F:94:17:3F:1E
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 0195AAB393F39A9461F664AB5989F5FE9132
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/1-08sbiz5XBu8ElEGGbjZn5QXPx4.roa
Signing time: Tue 18 Mar 2025 19:20:50 +0000
ROA not before: Tue 18 Mar 2025 19:20:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a0e:4342::/32 maxlen: 32
2a0e:4345::/32 maxlen: 32
2a11:644::/32 maxlen: 32
2a11:b686::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 28 Mar 2025 20:04:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:aa:b3:93:f3:9a:94:61:f6:64:ab:59:89:f5:fe:91:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Mar 18 19:20:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fb4f2c6e2cf95c1bbc12510619b8d99f94173f1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d3:6d:7f:e1:9d:f4:43:64:1d:5e:a5:c2:59:
34:f5:c2:19:4a:2c:55:10:4b:0c:d1:e7:16:7f:a1:
1a:d4:7c:61:f3:67:31:13:d4:4b:42:39:4b:ae:4b:
b3:d5:8a:1a:75:f7:07:e9:62:54:d4:14:30:a2:b6:
4c:de:fb:27:22:1e:aa:ab:ec:70:8c:ff:8f:9f:93:
a2:4c:5c:d1:6d:ce:44:ff:70:ec:57:30:98:74:00:
bd:eb:f5:25:75:e4:80:ca:17:a8:31:ec:5a:0a:83:
20:91:d9:b2:48:65:fd:d0:a9:a1:13:99:5e:be:ee:
7e:9c:87:2f:d0:21:52:2e:8f:7d:a8:c4:6d:fe:21:
b8:41:a4:2d:fd:5a:c6:b4:c6:59:75:40:a5:94:57:
cf:3e:f1:e7:c9:39:9a:4e:66:19:4e:4a:29:da:e7:
92:d0:4e:31:0f:87:c4:ce:43:b6:60:36:8a:18:5b:
25:f0:a5:51:59:a1:2f:af:eb:d3:ed:e1:67:a8:93:
00:b2:d6:62:4c:ec:6a:61:6e:42:ad:5f:94:30:66:
5b:76:9a:22:f8:0b:80:1b:a2:88:68:2b:22:50:bc:
82:e2:8f:c9:ed:a8:d4:f9:c5:41:cd:38:e4:b7:cc:
c9:80:28:92:6a:24:65:78:e0:7b:46:74:63:be:0b:
df:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:4F:2C:6E:2C:F9:5C:1B:BC:12:51:06:19:B8:D9:9F:94:17:3F:1E
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/1-08sbiz5XBu8ElEGGbjZn5QXPx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:4342::/32
2a0e:4345::/32
2a11:644::/32
2a11:b686::/32
Signature Algorithm: sha256WithRSAEncryption
a7:6e:6e:31:1d:54:26:8e:4f:2f:cf:76:b6:a1:ba:72:38:ae:
cb:87:60:cb:a5:a7:ea:0a:d8:7f:35:45:76:78:ff:63:67:02:
d6:e7:d7:3b:51:50:df:b9:17:9c:78:6f:6d:9c:cd:a7:22:57:
f3:02:7c:64:e9:fa:55:8f:41:a3:b0:bb:ae:5b:77:99:ec:a0:
41:e0:b9:4c:46:91:5f:99:b2:33:4a:73:fe:4f:10:0a:f9:27:
fa:9b:fe:d8:fd:2f:78:df:2e:91:0e:e4:56:69:00:9a:7a:9a:
eb:02:89:1a:82:3b:99:ca:86:3f:61:ba:30:0f:f9:9c:75:56:
1f:56:14:59:e0:09:14:0f:bd:ef:87:c8:83:bf:ef:42:85:a9:
14:29:01:94:b5:a6:ab:5a:64:28:13:c9:05:c3:76:25:b7:76:
53:83:e9:a9:af:a8:10:ca:d7:e8:1f:51:20:74:29:0b:75:26:
62:b5:7a:61:14:87:f5:ac:f0:40:f6:b3:9f:f5:45:69:29:a6:
ca:33:53:fb:aa:4f:a7:2f:0a:78:44:46:4f:ba:97:2b:d4:1f:
88:ec:1c:4b:56:c6:da:8a:74:42:9c:5f:a2:3e:ab:5d:65:5c:
bf:b1:e2:68:14:11:66:a5:22:99:8d:aa:66:60:a7:23:33:7a:
85:78:60:0a
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZWqs5PzmpRh9mSrWYn1/pEyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwMzE4MTkyMDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjRmMmM2ZTJjZjk1YzFiYmMxMjUxMDYxOWI4ZDk5Zjk0MTczZjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstNtf+Gd9ENkHV6lwlk09cIZSixV
EEsM0ecWf6Ea1Hxh82cxE9RLQjlLrkuz1YoadfcH6WJU1BQworZM3vsnIh6qq+xw
jP+Pn5OiTFzRbc5E/3DsVzCYdAC96/UldeSAyheoMexaCoMgkdmySGX90KmhE5le
vu5+nIcv0CFSLo99qMRt/iG4QaQt/VrGtMZZdUCllFfPPvHnyTmaTmYZTkop2ueS
0E4xD4fEzkO2YDaKGFsl8KVRWaEvr+vT7eFnqJMAstZiTOxqYW5CrV+UMGZbdpoi
+AuAG6KIaCsiULyC4o/J7ajU+cVBzTjkt8zJgCiSaiRleOB7RnRjvgvfLQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFPtPLG4s+VwbvBJRBhm42Z+UFz8eMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvMS0wOHNiaXo1WEJ1OEVsRUdHYmpabjVRWFB4NC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjMvODk3NDQ5LWU5Y2YtNGE3OS04OWNmLTQxYmIyMWFjMjgw
MS8xL3c0S0F4VEFMZElpS3gtdEwtbVFYMmFMbnNMNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA1BggrBgEFBQcBBwEB/wQmMCQwIgQCAAIwHAMFACoOQ0ID
BQAqDkNFAwUAKhEGRAMFACoRtoYwDQYJKoZIhvcNAQELBQADggEBAKdubjEdVCaO
Ty/PdrahunI4rsuHYMulp+oK2H81RXZ4/2NnAtbn1ztRUN+5F5x4b22czaciV/MC
fGTp+lWPQaOwu65bd5nsoEHguUxGkV+ZsjNKc/5PEAr5J/qb/tj9L3jfLpEO5FZp
AJp6musCiRqCO5nKhj9hujAP+Zx1Vh9WFFngCRQPve+HyIO/70KFqRQpAZS1pqta
ZCgTyQXDdiW3dlOD6amvqBDK1+gfUSB0KQt1JmK1emEUh/Ws8ED2s5/1RWkppsoz
U/uqT6cvCnhERk+6lyvUH4jsHEtWxtqKdEKcX6I+q11lXL+x4mgUEWalIpmNqmZg
pyMzeoV4YAo=
-----END CERTIFICATE-----
Generated at Tue Apr 22 21:07:19 2025 by rpki-client