Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/03u0t5peOw-qEH286IuvTgaBc7M.roa
File: 03u0t5peOw-qEH286IuvTgaBc7M.roa (raw, json)
Hash identifier: SIYJ4Pqt/T/mIyqfwxIC63ABGqsNuBrMBZevVgdCpfU=
Subject key identifier: D3:7B:B4:B7:9A:5E:3B:0F:AA:10:7D:BC:E8:8B:AF:4E:06:81:73:B3
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 0193FD34D7B235E40FF29BE1F17F94A940DA
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/03u0t5peOw-qEH286IuvTgaBc7M.roa
Signing time: Wed 25 Dec 2024 09:45:18 +0000
ROA not before: Wed 25 Dec 2024 09:45:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34665
IP address blocks: 2a11:4b41::/32 maxlen: 32
2a12:a340::/32 maxlen: 32
2a12:c304::/30 maxlen: 30
2a13:8580::/29 maxlen: 29
2a13:8580::/32 maxlen: 32
2a13:93c1::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:fd:34:d7:b2:35:e4:0f:f2:9b:e1:f1:7f:94:a9:40:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Dec 25 09:45:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d37bb4b79a5e3b0faa107dbce88baf4e068173b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:13:50:c1:de:a1:7f:f0:9d:05:94:5e:59:23:
34:06:d2:44:8f:67:ba:b6:c8:4e:7b:bf:9c:ff:87:
ac:2e:d5:86:ae:15:56:c9:03:32:5f:0b:ad:72:7a:
42:bc:c2:6d:5b:69:32:b8:8f:f4:6e:70:3c:85:6c:
04:da:27:48:c1:ec:58:a2:0c:8e:07:d3:dc:a6:4b:
4f:5c:98:7a:c9:7e:36:95:97:47:4f:0d:1b:ef:34:
61:d9:f3:03:ee:32:4b:59:47:96:fe:f1:8c:ff:e1:
19:ac:43:ad:2d:78:74:1b:67:68:f7:cb:2e:bf:e4:
e3:67:ce:38:cc:78:08:e1:26:d7:a1:c1:a8:4e:35:
6b:2c:14:89:b3:93:19:d8:17:12:de:14:0d:15:44:
fd:61:92:01:0b:1e:a4:18:2c:a3:88:72:d5:d4:e1:
ef:a0:c6:12:e8:f0:f2:a7:37:1b:85:68:ab:87:b7:
d8:a4:2a:64:6c:c1:10:f2:15:b1:a7:c5:92:7b:80:
32:9a:0f:ab:b0:5c:ee:6e:31:92:95:bf:74:18:d3:
4b:1e:b6:66:fd:11:f9:f7:fe:17:31:4d:b4:bf:40:
05:f0:1c:d0:a3:36:3d:06:2a:1a:16:f0:e7:29:cf:
a6:68:3f:a2:fc:a2:1c:cf:4d:e5:fe:e0:9b:0a:33:
43:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:7B:B4:B7:9A:5E:3B:0F:AA:10:7D:BC:E8:8B:AF:4E:06:81:73:B3
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/03u0t5peOw-qEH286IuvTgaBc7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:4b41::/32
2a12:a340::/32
2a12:c304::/30
2a13:8580::/29
2a13:93c1::/32
Signature Algorithm: sha256WithRSAEncryption
56:b5:30:0a:36:4f:51:90:9c:92:5f:c6:ed:f7:49:e2:34:39:
95:99:1e:7e:df:31:e7:9c:86:1b:9c:87:d7:95:41:c3:28:4b:
82:4c:b1:d2:d3:a0:e2:e4:68:9e:d4:7b:c9:d5:37:99:e5:2e:
dc:b7:8d:76:28:1a:cd:30:59:56:c2:d2:30:8c:b5:3a:76:f4:
5d:73:92:5b:be:dd:50:51:06:9d:be:86:16:e9:83:db:49:cd:
86:da:17:5c:01:bd:a2:d5:22:8c:c3:af:39:5a:71:4a:e1:56:
58:47:15:ee:8c:5b:dc:19:45:eb:bf:c4:c2:dd:28:fe:c7:d1:
4e:35:4b:c1:b1:3d:04:91:2e:c3:40:af:08:3e:b5:95:f4:f4:
d0:42:b1:d1:98:ef:e1:db:65:18:7b:e1:6e:2c:f9:75:df:14:
1b:fe:1e:8b:8d:80:aa:58:31:c4:fb:2d:4a:d9:5f:34:72:52:
af:08:e0:99:c5:68:00:10:64:03:6f:ea:84:bd:c1:7c:d5:6a:
0e:bc:e2:bf:5a:80:d4:7f:be:e3:59:c5:d0:18:9f:1c:d0:8e:
84:c4:24:79:ed:48:7d:62:11:29:d7:52:03:a0:88:85:82:7a:
85:40:b9:bf:d2:27:6b:a6:e9:8e:a0:b9:14:3a:07:57:ee:35:
40:3a:89:cc
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZP9NNeyNeQP8pvh8X+UqUDaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQxMjI1MDk0NTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzdiYjRiNzlhNWUzYjBmYWExMDdkYmNlODhiYWY0ZTA2ODE3M2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2xNQwd6hf/CdBZReWSM0BtJEj2e6
tshOe7+c/4esLtWGrhVWyQMyXwutcnpCvMJtW2kyuI/0bnA8hWwE2idIwexYogyO
B9PcpktPXJh6yX42lZdHTw0b7zRh2fMD7jJLWUeW/vGM/+EZrEOtLXh0G2do98su
v+TjZ844zHgI4SbXocGoTjVrLBSJs5MZ2BcS3hQNFUT9YZIBCx6kGCyjiHLV1OHv
oMYS6PDypzcbhWirh7fYpCpkbMEQ8hWxp8WSe4Aymg+rsFzubjGSlb90GNNLHrZm
/RH59/4XMU20v0AF8BzQozY9BioaFvDnKc+maD+i/KIcz03l/uCbCjNDPQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFNN7tLeaXjsPqhB9vOiLr04GgXOzMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvMDN1MHQ1cGVPdy1xRUgyODZJdXZUZ2FCYzdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUAKhFLQQMF
ACoSo0ADBQIqEsMEAwUDKhOFgAMFACoTk8EwDQYJKoZIhvcNAQELBQADggEBAFa1
MAo2T1GQnJJfxu33SeI0OZWZHn7fMeechhuch9eVQcMoS4JMsdLToOLkaJ7Ue8nV
N5nlLty3jXYoGs0wWVbC0jCMtTp29F1zklu+3VBRBp2+hhbpg9tJzYbaF1wBvaLV
IozDrzlacUrhVlhHFe6MW9wZReu/xMLdKP7H0U41S8GxPQSRLsNArwg+tZX09NBC
sdGY7+HbZRh74W4s+XXfFBv+HouNgKpYMcT7LUrZXzRyUq8I4JnFaAAQZANv6oS9
wXzVag684r9agNR/vuNZxdAYnxzQjoTEJHntSH1iESnXUgOgiIWCeoVAub/SJ2um
6Y6guRQ6B1fuNUA6icw=
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:24:21 2025 by rpki-client