Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/A1HcUdVA2YZl11c4VMOwYxBYFec.roa
File: A1HcUdVA2YZl11c4VMOwYxBYFec.roa (raw, json)
Hash identifier: hzMWvK0fIGDttPI0bMAflMJsnQBzz3sLRKNlUtcrb1s=
Subject key identifier: 03:51:DC:51:D5:40:D9:86:65:D7:57:38:54:C3:B0:63:10:58:15:E7
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 019420683587C8AD0BC505EFE759F3B6E401
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/A1HcUdVA2YZl11c4VMOwYxBYFec.roa
Signing time: Wed 01 Jan 2025 05:48:07 +0000
ROA not before: Wed 01 Jan 2025 05:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30788
IP address blocks: 2a11:1340::/29 maxlen: 29
2a11:2c40::/29 maxlen: 29
2a11:3180::/29 maxlen: 29
2a11:4340::/29 maxlen: 29
2a11:4a00::/29 maxlen: 29
2a11:6340::/29 maxlen: 29
2a11:7880::/29 maxlen: 29
2a11:8500::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 07 Apr 2025 18:44:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:35:87:c8:ad:0b:c5:05:ef:e7:59:f3:b6:e4:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Jan 1 05:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0351dc51d540d98665d7573854c3b063105815e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:4b:33:62:7a:13:5a:d0:69:dd:4a:a8:92:a5:
49:90:4f:a9:c1:4e:8b:db:ff:7b:78:97:f2:04:0c:
17:2d:70:f4:eb:eb:9c:4e:ee:28:1e:d6:8b:b5:92:
ca:44:52:16:7b:75:5e:3b:0a:8a:38:da:fe:82:11:
7d:ee:ac:89:67:d6:a3:b0:8c:71:b5:58:5c:a0:e8:
1b:49:f8:9c:02:79:3a:71:13:e5:fb:53:84:ea:0f:
2b:c5:cb:24:34:8e:18:27:87:f2:a6:d2:44:f8:c4:
3b:0f:c9:57:14:78:96:8d:8f:d3:de:6c:85:02:b2:
71:62:62:40:fa:0d:70:8d:65:0d:55:7d:92:b5:34:
f5:73:ad:48:97:14:1d:ec:86:9b:56:fa:11:58:87:
4d:67:2f:16:7f:0f:3b:9e:5c:c0:c1:42:6a:24:28:
19:8d:c7:4f:c6:11:94:9c:b7:69:a1:5b:24:92:ae:
d3:0d:03:14:72:a6:17:53:2a:ca:6a:45:20:63:b7:
b7:e7:96:75:64:b4:71:3a:45:45:48:21:32:be:cb:
66:79:9a:98:b5:5f:33:29:ac:f5:51:0d:c1:eb:47:
4e:f1:ff:8b:3d:51:37:b9:23:36:44:de:f1:c0:0e:
be:93:be:77:74:55:7c:2e:0f:c9:c4:56:57:b1:50:
8c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:51:DC:51:D5:40:D9:86:65:D7:57:38:54:C3:B0:63:10:58:15:E7
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/A1HcUdVA2YZl11c4VMOwYxBYFec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:1340::/29
2a11:2c40::/29
2a11:3180::/29
2a11:4340::/29
2a11:4a00::/29
2a11:6340::/29
2a11:7880::/29
2a11:8500::/29
Signature Algorithm: sha256WithRSAEncryption
43:cf:2c:01:ec:81:b3:ef:ef:d3:97:e2:ea:de:a4:7f:8a:ac:
25:a1:99:81:36:e1:e6:d6:ea:14:31:23:4b:e9:a9:50:4c:a3:
f7:af:fd:28:c4:68:d8:82:4a:fa:04:c0:50:42:2b:08:47:bd:
94:df:e2:af:49:0d:db:3b:d6:30:f6:00:e6:ee:8f:51:5d:47:
63:fa:9b:8b:b1:4b:e6:e6:63:f8:d9:5d:00:5a:47:07:cb:b2:
90:54:e7:d2:12:af:15:f3:f0:fb:8b:a5:1a:e7:f3:4a:2d:48:
a3:de:00:ee:e6:8a:82:f1:d8:f0:0a:19:27:49:7e:12:7f:92:
43:43:bd:33:7a:c4:c6:f6:49:54:2b:63:06:9d:c0:f1:ad:eb:
ae:47:7a:6a:60:6a:09:37:9e:f8:a5:2d:ea:40:20:c3:41:46:
e5:04:af:8e:3c:b8:8b:37:5e:34:c5:3f:62:f4:5f:be:1f:ca:
24:c8:01:59:f0:f5:dc:05:49:41:0a:01:1f:0a:36:1f:10:7e:
f7:57:5d:93:b3:24:92:72:34:ae:fc:f0:7f:ae:ec:35:ed:f8:
b8:88:d7:c9:85:ef:65:67:02:e2:69:12:a6:1a:ce:25:43:97:
ae:e1:93:9e:75:62:aa:59:5e:c5:15:3c:2d:72:30:2b:67:df:
0b:82:0b:e8
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZQgaDWHyK0LxQXv51nztuQBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwMTAxMDU0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzUxZGM1MWQ1NDBkOTg2NjVkNzU3Mzg1NGMzYjA2MzEwNTgxNWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkszYnoTWtBp3UqokqVJkE+pwU6L
2/97eJfyBAwXLXD06+ucTu4oHtaLtZLKRFIWe3VeOwqKONr+ghF97qyJZ9ajsIxx
tVhcoOgbSficAnk6cRPl+1OE6g8rxcskNI4YJ4fyptJE+MQ7D8lXFHiWjY/T3myF
ArJxYmJA+g1wjWUNVX2StTT1c61IlxQd7IabVvoRWIdNZy8Wfw87nlzAwUJqJCgZ
jcdPxhGUnLdpoVskkq7TDQMUcqYXUyrKakUgY7e355Z1ZLRxOkVFSCEyvstmeZqY
tV8zKaz1UQ3B60dO8f+LPVE3uSM2RN7xwA6+k753dFV8Lg/JxFZXsVCMtwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFANR3FHVQNmGZddXOFTDsGMQWBXnMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvQTFIY1VkVkEyWVpsMTFjNFZNT3dZeEJZRmVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUDKhETQAMF
AyoRLEADBQMqETGAAwUDKhFDQAMFAyoRSgADBQMqEWNAAwUDKhF4gAMFAyoRhQAw
DQYJKoZIhvcNAQELBQADggEBAEPPLAHsgbPv79OX4urepH+KrCWhmYE24ebW6hQx
I0vpqVBMo/ev/SjEaNiCSvoEwFBCKwhHvZTf4q9JDds71jD2AObuj1FdR2P6m4ux
S+bmY/jZXQBaRwfLspBU59ISrxXz8PuLpRrn80otSKPeAO7mioLx2PAKGSdJfhJ/
kkNDvTN6xMb2SVQrYwadwPGt665Hempgagk3nvilLepAIMNBRuUEr448uIs3XjTF
P2L0X74fyiTIAVnw9dwFSUEKAR8KNh8QfvdXXZOzJJJyNK788H+u7DXt+LiI18mF
72VnAuJpEqYaziVDl67hk551YqpZXsUVPC1yMCtn3wuCC+g=
-----END CERTIFICATE-----
Generated at Sun Apr 13 06:48:10 2025 by rpki-client