Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/0a4fdc-a869-43b7-bbd0-bf90d0151b53/1/hTli7_szM6ctGEC7C2kCVb3fCec.roa
File: hTli7_szM6ctGEC7C2kCVb3fCec.roa (raw, json)
Hash identifier: XA1kaDXE1WXUjjQYQRJlVfVbZ5jvU23ED6u6pBvHHW4=
Subject key identifier: 85:39:62:EF:FB:33:33:A7:2D:18:40:BB:0B:69:02:55:BD:DF:09:E7
Certificate issuer: /CN=2e210bd2c7cbef20f224a47b32a157318888ec85
Certificate serial: 01953C93043899B3303A194CEA51FE483FD9
Authority key identifier: 2E:21:0B:D2:C7:CB:EF:20:F2:24:A4:7B:32:A1:57:31:88:88:EC:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LiEL0sfL7yDyJKR7MqFXMYiI7IU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/0a4fdc-a869-43b7-bbd0-bf90d0151b53/1/hTli7_szM6ctGEC7C2kCVb3fCec.roa
Signing time: Tue 25 Feb 2025 10:07:02 +0000
ROA not before: Tue 25 Feb 2025 10:07:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 2a05:bd47::/48 maxlen: 48
2a05:bd47:5678::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 25 Feb 2025 10:13:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3c:93:04:38:99:b3:30:3a:19:4c:ea:51:fe:48:3f:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e210bd2c7cbef20f224a47b32a157318888ec85
Validity
Not Before: Feb 25 10:07:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=853962effb3333a72d1840bb0b690255bddf09e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:10:ea:04:3f:15:dd:47:26:89:81:e5:bb:61:
48:cd:96:41:6a:31:15:e8:6b:88:3f:8e:09:cd:8e:
48:23:59:01:f8:be:47:29:eb:81:0d:fb:b1:26:11:
1c:3a:94:b9:09:03:ee:4b:83:33:6e:48:99:19:42:
de:5c:44:a3:f3:f8:db:67:f9:8d:94:a7:31:7b:f4:
08:6e:80:d4:7c:b8:11:2c:ac:11:bf:14:c8:65:62:
cf:51:db:22:6b:39:0b:ba:6f:3b:3a:e4:ba:79:3e:
e7:b9:74:4c:6b:51:46:aa:88:3a:1e:71:57:56:de:
bc:3a:43:5b:99:e5:3a:80:8a:67:ae:6f:0d:b6:86:
80:1b:23:23:05:4f:52:04:22:39:6e:5b:45:f3:8e:
76:9e:35:8d:74:b9:5f:9a:68:65:f1:d0:e5:e5:66:
65:3f:24:51:65:dd:88:87:30:66:9c:9c:6f:8e:27:
96:51:b5:f6:54:45:4c:75:e8:0f:9d:74:1a:05:2e:
5b:d0:33:92:94:86:89:7a:f7:85:01:02:a2:c3:b2:
11:39:e0:61:17:28:74:d0:91:12:ea:b1:84:a8:e7:
78:6c:8b:f4:2c:c5:e4:11:aa:a1:b0:f0:ee:23:eb:
a5:d7:e3:ae:7f:69:f2:48:fc:e6:39:0d:05:16:90:
64:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:39:62:EF:FB:33:33:A7:2D:18:40:BB:0B:69:02:55:BD:DF:09:E7
X509v3 Authority Key Identifier:
keyid:2E:21:0B:D2:C7:CB:EF:20:F2:24:A4:7B:32:A1:57:31:88:88:EC:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LiEL0sfL7yDyJKR7MqFXMYiI7IU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/0a4fdc-a869-43b7-bbd0-bf90d0151b53/1/hTli7_szM6ctGEC7C2kCVb3fCec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/0a4fdc-a869-43b7-bbd0-bf90d0151b53/1/LiEL0sfL7yDyJKR7MqFXMYiI7IU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:bd47::/48
2a05:bd47:5678::/48
Signature Algorithm: sha256WithRSAEncryption
94:05:4a:41:aa:6b:ad:bc:5a:fb:5f:cd:76:46:18:7b:0e:14:
89:11:09:58:24:79:e8:f2:05:3e:25:bf:26:71:bb:1a:8c:67:
20:bc:54:df:8f:d3:88:8c:76:1a:16:21:6f:ff:ab:b7:a3:1d:
7b:ee:98:51:14:ea:68:ba:21:96:e7:96:ab:38:6d:45:e8:ff:
f1:84:47:71:6e:11:2b:3b:c2:a2:a7:3d:a7:cc:b2:24:29:ea:
fe:89:e7:44:e0:5b:ab:0b:ef:8c:1d:e1:22:ff:e4:72:c9:a3:
d0:67:9e:2a:84:c4:b9:13:2f:9d:25:24:0d:b8:9c:cf:3b:75:
8f:f2:f3:60:5d:3a:0b:6a:16:34:c0:32:9c:f8:e5:49:9f:91:
5e:8a:f4:8c:56:a7:16:59:e3:ed:2d:f5:41:ef:6c:e9:9b:39:
91:be:66:15:ad:a7:f9:31:09:46:29:c3:d2:da:09:e9:08:86:
99:f0:f3:3f:85:41:7c:33:f8:f6:70:60:e8:b7:0c:cb:a4:1c:
4c:ac:7c:26:0b:d1:a5:53:ca:7d:54:eb:2b:c9:55:8f:fd:e7:
59:a7:15:bb:bc:ae:81:a1:93:cd:90:86:8d:0c:80:ca:8c:ad:
2b:05:a1:58:e6:d8:a0:d4:08:cb:21:af:8b:44:6f:80:db:c0:
81:fc:d4:69
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZU8kwQ4mbMwOhlM6lH+SD/ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMjEwYmQyYzdjYmVmMjBmMjI0YTQ3YjMyYTE1NzMxODg4
OGVjODUwHhcNMjUwMjI1MTAwNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTM5NjJlZmZiMzMzM2E3MmQxODQwYmIwYjY5MDI1NWJkZGYwOWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRDqBD8V3UcmiYHlu2FIzZZBajEV
6GuIP44JzY5II1kB+L5HKeuBDfuxJhEcOpS5CQPuS4MzbkiZGULeXESj8/jbZ/mN
lKcxe/QIboDUfLgRLKwRvxTIZWLPUdsiazkLum87OuS6eT7nuXRMa1FGqog6HnFX
Vt68OkNbmeU6gIpnrm8NtoaAGyMjBU9SBCI5bltF8452njWNdLlfmmhl8dDl5WZl
PyRRZd2IhzBmnJxvjieWUbX2VEVMdegPnXQaBS5b0DOSlIaJeveFAQKiw7IROeBh
Fyh00JES6rGEqOd4bIv0LMXkEaqhsPDuI+ul1+Ouf2nySPzmOQ0FFpBkwQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIU5Yu/7MzOnLRhAuwtpAlW93wnnMB8GA1UdIwQY
MBaAFC4hC9LHy+8g8iSkezKhVzGIiOyFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGlFTDBzZkw3eUR5SktSN01xRlhNWWlJN0lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8wYTRmZGMtYTg2OS00M2I3LWJiZDAt
YmY5MGQwMTUxYjUzLzEvaFRsaTdfc3pNNmN0R0VDN0Mya0NWYjNmQ2VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8wYTRmZGMtYTg2OS00M2I3LWJiZDAtYmY5MGQwMTUxYjUz
LzEvTGlFTDBzZkw3eUR5SktSN01xRlhNWWlJN0lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgW9RwAA
AwcAKgW9R1Z4MA0GCSqGSIb3DQEBCwUAA4IBAQCUBUpBqmutvFr7X812Rhh7DhSJ
EQlYJHno8gU+Jb8mcbsajGcgvFTfj9OIjHYaFiFv/6u3ox177phRFOpouiGW55ar
OG1F6P/xhEdxbhErO8Kipz2nzLIkKer+iedE4FurC++MHeEi/+RyyaPQZ54qhMS5
Ey+dJSQNuJzPO3WP8vNgXToLahY0wDKc+OVJn5FeivSMVqcWWePtLfVB72zpmzmR
vmYVraf5MQlGKcPS2gnpCIaZ8PM/hUF8M/j2cGDotwzLpBxMrHwmC9GlU8p9VOsr
yVWP/edZpxW7vK6BoZPNkIaNDIDKjK0rBaFY5tig1AjLIa+LRG+A28CB/NRp
-----END CERTIFICATE-----
Generated at Tue May 6 00:34:18 2025 by rpki-client