Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/elaTUzEDpPexzz0W0qd5FlXKMYI.roa
File: elaTUzEDpPexzz0W0qd5FlXKMYI.roa (raw, json)
Hash identifier: c7IfYxlr83FO4M/9cjrfkO9O00EcR1SHkFfsXYp9glg=
Subject key identifier: 7A:56:93:53:31:03:A4:F7:B1:CF:3D:16:D2:A7:79:16:55:CA:31:82
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 0193ACDCAA9656BC5FF8B530A7FAA4018C45
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/elaTUzEDpPexzz0W0qd5FlXKMYI.roa
Signing time: Mon 09 Dec 2024 19:19:22 +0000
ROA not before: Mon 09 Dec 2024 19:19:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213220
IP address blocks: 2a11:645::/32 maxlen: 32
2a11:b683::/32 maxlen: 32
2a11:b684::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ac:dc:aa:96:56:bc:5f:f8:b5:30:a7:fa:a4:01:8c:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Dec 9 19:19:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a5693533103a4f7b1cf3d16d2a7791655ca3182
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:99:2d:a1:2b:e5:b1:75:77:be:33:8c:47:1d:
27:ae:5b:db:f7:b3:51:d0:54:a4:af:49:d2:a7:69:
c6:ff:5e:a5:31:74:52:2a:d7:8b:33:8f:45:76:28:
fe:84:ac:30:5e:09:5d:f3:c7:72:aa:4b:0c:a1:3a:
77:73:5e:82:0f:db:3e:a0:2b:e6:ad:f6:70:55:5d:
23:73:64:11:f3:65:ec:04:78:2f:b0:74:bb:0d:6e:
b5:2f:c7:57:e2:7e:12:a4:98:cb:8a:51:ce:de:56:
c5:8d:28:41:4d:fe:c2:ff:1d:ea:5d:77:30:a4:06:
de:b6:86:74:d2:2f:7f:24:a6:d6:d9:33:d8:61:ee:
8c:44:db:00:d9:9a:13:6d:95:80:64:95:24:fd:28:
91:27:83:76:62:c6:20:3e:81:ea:61:31:fe:67:80:
80:ea:fb:bd:23:85:80:67:1a:b3:ae:a7:7d:93:19:
bd:66:6d:c4:f2:79:05:b7:14:65:67:e8:17:04:c8:
03:c7:9e:d8:9c:94:51:46:26:c6:71:b8:ca:ea:91:
7c:a7:6e:bb:2a:f4:6f:fd:fa:64:16:ea:9a:56:8b:
4d:22:04:2d:fb:72:66:97:02:94:ab:47:19:f2:99:
11:06:3c:73:32:9f:da:fa:0f:32:72:95:ed:82:03:
43:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:56:93:53:31:03:A4:F7:B1:CF:3D:16:D2:A7:79:16:55:CA:31:82
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/elaTUzEDpPexzz0W0qd5FlXKMYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:645::/32
2a11:b683::-2a11:b684:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
33:4e:2f:e6:b5:b6:57:3a:2a:ea:1a:d4:e4:7d:4c:35:49:42:
92:e4:49:cb:2b:97:f4:44:e7:ca:db:0a:b3:b6:7b:5e:1c:97:
fd:66:f5:19:6f:d4:6a:1e:28:c2:4d:93:d6:ec:45:6c:e2:d5:
ff:da:56:7c:30:3e:40:44:e2:7e:43:a0:d5:95:64:c7:5f:a7:
d2:ca:04:27:ca:86:d1:2e:d1:8f:ca:4e:01:0e:a6:71:53:76:
b3:1e:d6:6e:a2:58:6e:46:b1:7e:39:e2:28:5c:aa:ee:9e:2e:
a2:82:48:a6:39:a2:d1:0b:fb:bc:77:d5:62:05:a5:58:cf:46:
22:06:9d:ce:5f:dc:16:c2:c8:24:b9:b4:3e:03:18:a1:a2:41:
2d:64:5d:83:f3:24:eb:10:5e:8a:ad:ac:05:47:d9:fe:14:86:
ba:78:14:ce:48:19:55:37:de:33:fe:f2:af:ad:0d:0d:8b:48:
c9:58:b9:0a:32:ea:a9:df:f3:63:7d:16:08:70:e4:0e:03:ca:
ad:10:49:04:01:31:62:12:20:07:de:f2:0e:5f:5b:7e:e0:0e:
8b:48:7d:b0:f2:bf:51:0d:52:92:a7:64:f4:c3:9b:fa:36:ef:
c4:7c:a6:bd:ef:f9:ac:56:06:a2:f2:74:56:3f:06:d2:ed:18:
e4:e8:f6:36
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZOs3KqWVrxf+LUwp/qkAYxFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjQxMjA5MTkxOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTU2OTM1MzMxMDNhNGY3YjFjZjNkMTZkMmE3NzkxNjU1Y2EzMTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpktoSvlsXV3vjOMRx0nrlvb97NR
0FSkr0nSp2nG/16lMXRSKteLM49Fdij+hKwwXgld88dyqksMoTp3c16CD9s+oCvm
rfZwVV0jc2QR82XsBHgvsHS7DW61L8dX4n4SpJjLilHO3lbFjShBTf7C/x3qXXcw
pAbetoZ00i9/JKbW2TPYYe6MRNsA2ZoTbZWAZJUk/SiRJ4N2YsYgPoHqYTH+Z4CA
6vu9I4WAZxqzrqd9kxm9Zm3E8nkFtxRlZ+gXBMgDx57YnJRRRibGcbjK6pF8p267
KvRv/fpkFuqaVotNIgQt+3JmlwKUq0cZ8pkRBjxzMp/a+g8ycpXtggNDJwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHpWk1MxA6T3sc89FtKneRZVyjGCMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvZWxhVFV6RURwUGV4enowVzBxZDVGbFhLTVlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwUAKhEGRTAO
AwUAKhG2gwMFACoRtoQwDQYJKoZIhvcNAQELBQADggEBADNOL+a1tlc6Kuoa1OR9
TDVJQpLkScsrl/RE58rbCrO2e14cl/1m9Rlv1GoeKMJNk9bsRWzi1f/aVnwwPkBE
4n5DoNWVZMdfp9LKBCfKhtEu0Y/KTgEOpnFTdrMe1m6iWG5GsX454ihcqu6eLqKC
SKY5otEL+7x31WIFpVjPRiIGnc5f3BbCyCS5tD4DGKGiQS1kXYPzJOsQXoqtrAVH
2f4Uhrp4FM5IGVU33jP+8q+tDQ2LSMlYuQoy6qnf82N9Fghw5A4Dyq0QSQQBMWIS
IAfe8g5fW37gDotIfbDyv1ENUpKnZPTDm/o278R8pr3v+axWBqLydFY/BtLtGOTo
9jY=
-----END CERTIFICATE-----
Generated at Fri Apr 18 20:10:13 2025 by rpki-client