Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Ie-eJdkZ6lFH7MAD6gdxnBfzvDs.roa
File: Ie-eJdkZ6lFH7MAD6gdxnBfzvDs.roa (raw, json)
Hash identifier: PuYLKMSR5XAtZ+yhO5iFm9/sau2G0/E7HmnZ33pK/hM=
Subject key identifier: 21:EF:9E:25:D9:19:EA:51:47:EC:C0:03:EA:07:71:9C:17:F3:BC:3B
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018E5B473B5FED7274CCE298B4B1546C71AC
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Ie-eJdkZ6lFH7MAD6gdxnBfzvDs.roa
Signing time: Wed 20 Mar 2024 09:52:58 +0000
ROA not before: Wed 20 Mar 2024 09:52:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25198
IP address blocks: 2a11:5780::/30 maxlen: 30
2a11:5784::/30 maxlen: 30
2a12:5a00::/30 maxlen: 30
2a12:5a04::/30 maxlen: 30
2a13:3880::/30 maxlen: 30
2a13:3884::/30 maxlen: 30
2a13:8c40::/30 maxlen: 30
2a13:8c44::/30 maxlen: 30
Validation: Failed, certificate revoked on Wed 20 Mar 2024 13:54:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5b:47:3b:5f:ed:72:74:cc:e2:98:b4:b1:54:6c:71:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Mar 20 09:52:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21ef9e25d919ea5147ecc003ea07719c17f3bc3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:52:79:38:25:f7:7d:8b:ca:39:55:6b:3b:af:
5e:4c:39:1c:df:e2:93:64:92:e4:25:04:68:7c:62:
83:3d:87:66:6b:ca:6a:c9:e8:21:21:9a:8c:ab:11:
5e:f3:11:c4:5b:b7:06:1e:b8:0c:d4:01:fd:98:9b:
a8:44:60:0e:74:01:f9:80:5c:ae:ea:b5:b4:be:9a:
bd:da:72:b5:2c:04:d7:03:ad:c3:c8:bb:7f:2b:b3:
57:5b:72:3d:ef:37:7b:31:15:ed:97:64:37:d9:78:
75:d8:8a:77:a1:bd:f7:3f:55:90:87:b0:9a:e7:86:
b3:6d:08:f7:79:e5:9d:13:36:95:ac:b2:5b:66:2e:
21:20:34:d3:eb:37:31:13:cc:0b:04:92:48:0c:7e:
97:0d:e8:ca:c4:e4:c0:7f:91:b5:4c:12:e5:c6:03:
23:6a:e0:c0:e5:66:32:63:52:04:ae:e4:f3:3a:49:
c3:db:53:dd:56:6f:09:c0:ad:33:77:7e:67:a5:09:
10:15:f4:f0:05:27:f7:be:3c:94:1c:25:d4:8b:5f:
c4:44:e2:ef:88:f3:b5:e6:b6:9f:d4:86:bc:7b:54:
90:15:28:fa:82:fe:e1:4d:6d:c9:75:d7:3f:c8:90:
69:52:33:2e:88:39:55:97:f5:d4:b3:d8:74:1e:db:
a6:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:EF:9E:25:D9:19:EA:51:47:EC:C0:03:EA:07:71:9C:17:F3:BC:3B
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Ie-eJdkZ6lFH7MAD6gdxnBfzvDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5780::/29
2a12:5a00::/29
2a13:3880::/29
2a13:8c40::/29
Signature Algorithm: sha256WithRSAEncryption
a8:ea:de:67:a2:f7:d1:98:d6:43:da:40:17:ec:72:70:94:7c:
db:91:6c:a2:6c:8b:0f:be:b8:dd:20:c5:b5:dc:98:d5:ae:b0:
21:eb:b4:a3:7f:2d:26:2c:1f:91:32:2d:9c:19:8f:95:fd:5a:
8f:7e:0a:00:28:e1:c7:7a:24:0d:e2:2a:47:b2:94:ca:22:03:
97:ed:91:4f:dd:1b:c2:16:1a:c4:6c:c4:92:40:7d:08:22:bd:
19:35:73:d3:9f:55:10:26:f6:dd:3b:91:87:fd:b7:d0:1f:40:
44:79:b6:00:97:b2:11:30:c0:5a:05:1b:53:f4:05:8f:08:44:
e3:da:9c:57:f5:1c:12:11:14:73:41:06:e2:db:a5:2b:14:e8:
c3:84:b6:70:6b:aa:b8:32:c1:ab:bc:1a:ec:af:5b:90:b6:76:
47:50:2d:65:41:c8:7b:8e:74:12:b1:6c:f3:bf:7d:7a:d3:0f:
78:1e:02:5a:32:a3:5a:b2:ed:a9:fd:70:58:2a:f5:de:de:b7:
86:44:c3:84:23:c0:cd:b5:0e:91:16:ad:45:95:00:9b:42:c0:
65:35:52:0a:41:40:8e:a6:18:df:8c:ea:46:39:31:74:9f:d7:
dd:5d:f2:09:17:38:9a:90:32:9e:00:68:25:99:44:df:4f:09:
b5:8e:75:85
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY5bRztf7XJ0zOKYtLFUbHGsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwMzIwMDk1MjU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWVmOWUyNWQ5MTllYTUxNDdlY2MwMDNlYTA3NzE5YzE3ZjNiYzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFJ5OCX3fYvKOVVrO69eTDkc3+KT
ZJLkJQRofGKDPYdma8pqyeghIZqMqxFe8xHEW7cGHrgM1AH9mJuoRGAOdAH5gFyu
6rW0vpq92nK1LATXA63DyLt/K7NXW3I97zd7MRXtl2Q32Xh12Ip3ob33P1WQh7Ca
54azbQj3eeWdEzaVrLJbZi4hIDTT6zcxE8wLBJJIDH6XDejKxOTAf5G1TBLlxgMj
auDA5WYyY1IEruTzOknD21PdVm8JwK0zd35npQkQFfTwBSf3vjyUHCXUi1/EROLv
iPO15raf1Ia8e1SQFSj6gv7hTW3Jddc/yJBpUjMuiDlVl/XUs9h0HtumJwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFCHvniXZGepRR+zAA+oHcZwX87w7MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvSWUtZUpka1o2bEZIN01BRDZnZHhuQmZ6dkRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKhFXgAMF
AyoSWgADBQMqEziAAwUDKhOMQDANBgkqhkiG9w0BAQsFAAOCAQEAqOreZ6L30ZjW
Q9pAF+xycJR825FsomyLD7643SDFtdyY1a6wIeu0o38tJiwfkTItnBmPlf1aj34K
ACjhx3okDeIqR7KUyiIDl+2RT90bwhYaxGzEkkB9CCK9GTVz059VECb23TuRh/23
0B9ARHm2AJeyETDAWgUbU/QFjwhE49qcV/UcEhEUc0EG4tulKxTow4S2cGuquDLB
q7wa7K9bkLZ2R1AtZUHIe450ErFs8799etMPeB4CWjKjWrLtqf1wWCr13t63hkTD
hCPAzbUOkRatRZUAm0LAZTVSCkFAjqYY34zqRjkxdJ/X3V3yCRc4mpAyngBoJZlE
308JtY51hQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:09:00 2025 by rpki-client