Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/4IPCYkYTlOwyORy9f6xolbJ9UKM.roa
File: 4IPCYkYTlOwyORy9f6xolbJ9UKM.roa (raw, json)
Hash identifier: +HBqKIfV4bxydpeRd5986Tla7T2eDK7csvtCm2Fs08k=
Subject key identifier: E0:83:C2:62:46:13:94:EC:32:39:1C:BD:7F:AC:68:95:B2:7D:50:A3
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019209BB1645AD7F891D318A4C3EDD5F6210
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/4IPCYkYTlOwyORy9f6xolbJ9UKM.roa
Signing time: Thu 19 Sep 2024 10:01:48 +0000
ROA not before: Thu 19 Sep 2024 10:01:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49505
IP address blocks: 2a04:a5c0::/32 maxlen: 32
2a04:a5c1::/32 maxlen: 32
2a04:a5c2::/32 maxlen: 32
2a04:a5c3::/32 maxlen: 32
2a04:a5c4::/32 maxlen: 32
2a04:a5c5::/32 maxlen: 32
2a04:a5c6::/32 maxlen: 32
2a04:a5c7::/32 maxlen: 32
2a0e:d00::/32 maxlen: 32
2a0e:d01::/32 maxlen: 32
2a0e:d02::/32 maxlen: 32
2a0e:d03::/32 maxlen: 32
2a0e:d04::/32 maxlen: 32
2a0e:d05::/32 maxlen: 32
2a0e:d06::/32 maxlen: 32
2a0e:d07::/32 maxlen: 32
2a0e:b140::/32 maxlen: 32
2a0e:b141::/32 maxlen: 32
2a0e:b142::/32 maxlen: 32
2a0e:b143::/32 maxlen: 32
2a0e:b144::/32 maxlen: 32
2a0e:b145::/32 maxlen: 32
2a0e:b146::/32 maxlen: 32
2a0e:b147::/32 maxlen: 32
2a0f:db80::/32 maxlen: 32
2a0f:db81::/32 maxlen: 32
2a0f:db82::/32 maxlen: 32
2a0f:db83::/32 maxlen: 32
2a0f:db84::/32 maxlen: 32
2a0f:db85::/32 maxlen: 32
2a0f:db86::/32 maxlen: 32
2a0f:db87::/32 maxlen: 32
2a10:4700::/31 maxlen: 31
2a10:4702::/31 maxlen: 31
2a10:4704::/31 maxlen: 31
2a10:4706::/31 maxlen: 31
2a12:4300::/31 maxlen: 31
2a12:4302::/31 maxlen: 31
2a12:4304::/31 maxlen: 31
2a12:4306::/31 maxlen: 31
Validation: Failed, certificate revoked on Fri 27 Sep 2024 02:07:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:09:bb:16:45:ad:7f:89:1d:31:8a:4c:3e:dd:5f:62:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Sep 19 10:01:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e083c262461394ec32391cbd7fac6895b27d50a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:5a:86:70:72:c4:e5:e1:fd:e7:98:d7:09:45:
10:a9:0e:13:be:09:a7:dd:98:db:3e:87:ae:98:a0:
f6:11:c3:32:98:66:18:a7:28:28:5f:17:3d:79:30:
78:b4:2e:b0:1f:7a:02:e5:1c:9b:80:24:94:a6:a8:
d6:f5:1a:ef:5b:38:18:b0:82:46:8e:7a:29:2a:41:
9c:24:12:83:50:3d:c5:2b:a2:93:15:2e:84:9a:bf:
e8:e6:36:c6:48:ce:23:3b:f9:2b:79:79:36:ac:f4:
1d:57:e9:d4:38:92:15:5e:74:a9:f2:30:10:6c:bd:
65:22:a4:b4:b2:58:5c:ee:a0:71:35:a7:43:8e:74:
6d:0d:25:b3:33:a6:a9:02:bb:0b:1a:c7:48:ed:5c:
47:e6:69:b3:27:28:1d:17:ee:d5:db:32:58:fb:3a:
b2:9e:52:1d:6c:86:68:39:96:67:0d:e5:c4:20:ee:
8d:64:ba:51:af:68:b5:48:44:a4:63:de:db:f5:4a:
a6:9c:91:38:23:8c:4c:8e:5b:42:01:39:72:f3:dd:
53:53:e2:0a:c9:4a:49:8a:1f:ee:ea:86:93:0f:40:
70:32:81:36:05:2a:3a:51:9e:86:b5:59:7d:ea:d3:
f2:05:ac:8f:4f:c3:c1:1f:6e:ef:d1:af:d7:9a:14:
08:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:83:C2:62:46:13:94:EC:32:39:1C:BD:7F:AC:68:95:B2:7D:50:A3
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/4IPCYkYTlOwyORy9f6xolbJ9UKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:a5c0::/29
2a0e:d00::/29
2a0e:b140::/29
2a0f:db80::/29
2a10:4700::/29
2a12:4300::/29
Signature Algorithm: sha256WithRSAEncryption
d6:23:99:c0:41:64:5f:f8:3b:7f:2f:cc:bd:a8:fb:68:41:6a:
63:d5:89:14:6c:e5:20:94:58:7b:39:15:a0:91:f4:30:a7:9f:
a7:33:f1:92:5c:4a:87:cc:2d:8a:45:f4:12:eb:c0:d6:2c:fe:
0e:90:54:7d:35:62:53:6d:e9:af:7f:b0:cb:4c:7e:a5:e4:73:
19:59:aa:34:87:1d:e8:49:0a:e1:82:0b:72:67:aa:47:35:b1:
47:fa:65:6e:5c:3d:65:41:37:5b:20:22:c7:9d:50:5f:4b:e5:
17:4c:8c:88:38:71:85:b8:01:ea:63:84:f7:c0:19:eb:12:28:
88:f9:71:cf:e6:1a:94:52:08:7d:49:e9:ba:3a:b9:91:13:4e:
c2:ff:3b:07:4f:6e:65:52:2e:21:2e:06:71:65:55:46:7f:a4:
f7:4a:e2:f4:a5:75:68:dc:ad:5b:fd:a1:dc:f8:a7:fc:97:f3:
0c:07:ef:1d:77:a3:b8:e7:bc:32:14:d0:21:57:e8:0d:8e:dd:
29:c8:14:73:47:5d:56:bd:d6:b1:b2:2c:63:d4:aa:2e:cb:e6:
2c:94:c5:ac:fe:2e:d5:70:7b:e4:c4:c8:56:93:73:4e:c4:33:
ad:88:3e:4e:18:06:e7:4b:82:4b:da:7c:2e:53:73:bb:8b:36:
b3:f6:e7:d9
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZIJuxZFrX+JHTGKTD7dX2IQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwOTE5MTAwMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDgzYzI2MjQ2MTM5NGVjMzIzOTFjYmQ3ZmFjNjg5NWIyN2Q1MGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllqGcHLE5eH955jXCUUQqQ4Tvgmn
3ZjbPoeumKD2EcMymGYYpygoXxc9eTB4tC6wH3oC5RybgCSUpqjW9RrvWzgYsIJG
jnopKkGcJBKDUD3FK6KTFS6Emr/o5jbGSM4jO/kreXk2rPQdV+nUOJIVXnSp8jAQ
bL1lIqS0slhc7qBxNadDjnRtDSWzM6apArsLGsdI7VxH5mmzJygdF+7V2zJY+zqy
nlIdbIZoOZZnDeXEIO6NZLpRr2i1SESkY97b9UqmnJE4I4xMjltCATly891TU+IK
yUpJih/u6oaTD0BwMoE2BSo6UZ6GtVl96tPyBayPT8PBH27v0a/XmhQItwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOCDwmJGE5TsMjkcvX+saJWyfVCjMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvNElQQ1lrWVRsT3d5T1J5OWY2eG9sYko5VUtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKgSlwAMF
AyoODQADBQMqDrFAAwUDKg/bgAMFAyoQRwADBQMqEkMAMA0GCSqGSIb3DQEBCwUA
A4IBAQDWI5nAQWRf+Dt/L8y9qPtoQWpj1YkUbOUglFh7ORWgkfQwp5+nM/GSXEqH
zC2KRfQS68DWLP4OkFR9NWJTbemvf7DLTH6l5HMZWao0hx3oSQrhggtyZ6pHNbFH
+mVuXD1lQTdbICLHnVBfS+UXTIyIOHGFuAHqY4T3wBnrEiiI+XHP5hqUUgh9Sem6
OrmRE07C/zsHT25lUi4hLgZxZVVGf6T3SuL0pXVo3K1b/aHc+Kf8l/MMB+8dd6O4
57wyFNAhV+gNjt0pyBRzR11Wvdaxsixj1Kouy+YslMWs/i7VcHvkxMhWk3NOxDOt
iD5OGAbnS4JL2nwuU3O7izaz9ufZ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:32 2025 by rpki-client