Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/XlJi3ViK8yRhj0ZmNi7-CafkD6Q.roa
File: XlJi3ViK8yRhj0ZmNi7-CafkD6Q.roa (raw, json)
Hash identifier: GwZJEpffV5hQagnWiYogf25vF+sv/etB96eeHyzAhkY=
Subject key identifier: 5E:52:62:DD:58:8A:F3:24:61:8F:46:66:36:2E:FE:09:A7:E4:0F:A4
Certificate issuer: /CN=310b05251378994cfa8088d23b6eeed4e9e6ab08
Certificate serial: 019408742DB530D080F7AB98D7DDCD1EF7C5
Authority key identifier: 31:0B:05:25:13:78:99:4C:FA:80:88:D2:3B:6E:EE:D4:E9:E6:AB:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/XlJi3ViK8yRhj0ZmNi7-CafkD6Q.roa
Signing time: Fri 27 Dec 2024 14:10:19 +0000
ROA not before: Fri 27 Dec 2024 14:10:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42375
IP address blocks: 2a0b:7a80::/29 maxlen: 29
2a11:1380::/29 maxlen: 29
2a11:15c0::/29 maxlen: 29
2a11:34c0::/29 maxlen: 29
2a12:2740::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:08:74:2d:b5:30:d0:80:f7:ab:98:d7:dd:cd:1e:f7:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=310b05251378994cfa8088d23b6eeed4e9e6ab08
Validity
Not Before: Dec 27 14:10:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e5262dd588af324618f4666362efe09a7e40fa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:68:ff:16:04:58:3d:dd:71:2d:14:c8:58:6f:
6c:f5:d4:af:8f:62:4d:66:e5:d7:ed:4a:88:59:93:
1e:41:35:77:49:ab:74:cf:d5:50:2d:5b:9a:0e:5f:
ae:44:a7:60:90:7d:3f:02:22:bd:37:8e:cd:af:ea:
ff:b8:b3:c2:a9:e9:e6:84:af:6b:e2:af:35:a0:85:
c3:dd:d4:d8:80:e4:f0:9e:3f:f5:1c:e2:cd:11:17:
a5:5f:b7:71:99:3e:bd:c8:bd:15:97:9a:3d:39:19:
20:ad:04:b1:cf:ab:a6:9c:e2:09:39:8a:4a:8d:04:
62:8b:36:1c:06:63:e2:10:09:0b:3d:37:44:cc:dc:
24:4f:ed:0c:3a:31:89:2b:ab:46:ee:e9:cb:f8:82:
a7:6d:1a:cd:59:99:d5:b4:d1:31:c5:5c:3c:59:2d:
b9:91:aa:51:ab:a1:58:53:71:fc:15:47:6c:b4:fc:
9d:b3:ca:2d:78:13:2f:2a:14:d2:47:01:34:98:af:
50:20:d5:bd:23:39:bb:3d:3a:d3:f3:1b:43:8a:bc:
e1:aa:d2:51:02:54:03:34:ab:83:47:ac:e3:b4:10:
b2:8d:1d:ad:5d:57:51:27:94:e3:f4:e9:2d:f8:68:
a3:db:cb:c9:37:8b:d3:cf:1b:3d:ac:c5:0d:80:de:
3b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:52:62:DD:58:8A:F3:24:61:8F:46:66:36:2E:FE:09:A7:E4:0F:A4
X509v3 Authority Key Identifier:
keyid:31:0B:05:25:13:78:99:4C:FA:80:88:D2:3B:6E:EE:D4:E9:E6:AB:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/XlJi3ViK8yRhj0ZmNi7-CafkD6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/MQsFJRN4mUz6gIjSO27u1Onmqwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:7a80::/29
2a11:1380::/29
2a11:15c0::/29
2a11:34c0::/29
2a12:2740::/29
Signature Algorithm: sha256WithRSAEncryption
16:51:81:67:df:6a:16:ff:0b:f5:fa:3f:98:05:13:0d:e3:2c:
93:68:02:cf:84:3f:b7:20:96:b4:c6:21:9c:43:7c:4c:63:11:
83:31:6e:fb:36:aa:61:0f:42:b7:35:b0:bc:75:f6:cb:82:37:
39:80:df:f9:aa:da:27:3c:11:81:95:9d:af:7e:7b:9f:b9:6c:
ca:10:b0:c9:f5:42:26:ec:9a:55:2f:a2:cf:12:67:21:60:5b:
9b:71:5f:ff:67:f0:98:91:2d:dc:13:ed:5c:2a:b3:6b:cb:78:
7d:7b:7f:64:0f:88:df:67:4f:20:5c:be:77:cf:28:d4:db:6e:
84:a2:79:f0:45:ef:53:94:c6:d6:dd:e7:d5:b0:c2:c7:3f:65:
4c:dd:40:cb:e0:ab:d1:05:96:90:a8:12:0c:59:48:75:2d:fb:
e8:26:a9:b7:39:25:84:13:c8:2c:3b:be:58:e2:40:f9:b4:eb:
67:e1:03:56:8c:50:c5:e3:c9:b2:08:72:ba:24:af:de:38:5b:
e3:bf:82:cb:06:a1:55:e7:92:2e:6f:0e:a0:5e:04:e0:78:dc:
5c:3e:fb:84:0a:92:fc:56:73:37:45:40:ed:17:cf:5d:00:d1:
c8:1b:68:f7:9d:05:ab:e7:66:22:6e:da:93:1f:62:84:93:36:
f5:97:8b:4c
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQIdC21MNCA96uY193NHvfFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMGIwNTI1MTM3ODk5NGNmYTgwODhkMjNiNmVlZWQ0ZTll
NmFiMDgwHhcNMjQxMjI3MTQxMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTUyNjJkZDU4OGFmMzI0NjE4ZjQ2NjYzNjJlZmUwOWE3ZTQwZmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA92j/FgRYPd1xLRTIWG9s9dSvj2JN
ZuXX7UqIWZMeQTV3Sat0z9VQLVuaDl+uRKdgkH0/AiK9N47Nr+r/uLPCqenmhK9r
4q81oIXD3dTYgOTwnj/1HOLNERelX7dxmT69yL0Vl5o9ORkgrQSxz6umnOIJOYpK
jQRiizYcBmPiEAkLPTdEzNwkT+0MOjGJK6tG7unL+IKnbRrNWZnVtNExxVw8WS25
kapRq6FYU3H8FUdstPyds8oteBMvKhTSRwE0mK9QINW9Izm7PTrT8xtDirzhqtJR
AlQDNKuDR6zjtBCyjR2tXVdRJ5Tj9Okt+Gij28vJN4vTzxs9rMUNgN47CQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFF5SYt1YivMkYY9GZjYu/gmn5A+kMB8GA1UdIwQY
MBaAFDELBSUTeJlM+oCI0jtu7tTp5qsIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVFzRkpSTjRtVXo2Z0lqU08yN3UxT25tcXdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC83NzE0ODYtYmVlMy00MjRhLWIzNDEt
N2NmZGYyZGY2NjMyLzEvWGxKaTNWaUs4eVJoajBabU5pNy1DYWZrRDZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC83NzE0ODYtYmVlMy00MjRhLWIzNDEtN2NmZGYyZGY2NjMy
LzEvTVFzRkpSTjRtVXo2Z0lqU08yN3UxT25tcXdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKgt6gAMF
AyoRE4ADBQMqERXAAwUDKhE0wAMFAyoSJ0AwDQYJKoZIhvcNAQELBQADggEBABZR
gWffahb/C/X6P5gFEw3jLJNoAs+EP7cglrTGIZxDfExjEYMxbvs2qmEPQrc1sLx1
9suCNzmA3/mq2ic8EYGVna9+e5+5bMoQsMn1QibsmlUvos8SZyFgW5txX/9n8JiR
LdwT7Vwqs2vLeH17f2QPiN9nTyBcvnfPKNTbboSiefBF71OUxtbd59Wwwsc/ZUzd
QMvgq9EFlpCoEgxZSHUt++gmqbc5JYQTyCw7vljiQPm062fhA1aMUMXjybIIcrok
r944W+O/gssGoVXnki5vDqBeBOB43Fw++4QKkvxWczdFQO0Xz10A0cgbaPedBavn
ZiJu2pMfYoSTNvWXi0w=
-----END CERTIFICATE-----
Generated at Wed May 14 03:47:25 2025 by rpki-client