Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/1c7917-8aa6-4c43-92dd-7476f42f2d9c/1/JSOEZdB4oJqgiayh7ZHEhQhqRL8.roa
File: JSOEZdB4oJqgiayh7ZHEhQhqRL8.roa (raw, json)
Hash identifier: 487Pal73rqP1ZFGRzjkKSnvLCU9UEwA5u9Az4aG8Gr8=
Subject key identifier: 25:23:84:65:D0:78:A0:9A:A0:89:AC:A1:ED:91:C4:85:08:6A:44:BF
Certificate issuer: /CN=ce5bf5201f18b402b8e628bc77f2252f769e70f2
Certificate serial: 019425FD7F0571FA14112D8FC823D9DC3E7B
Authority key identifier: CE:5B:F5:20:1F:18:B4:02:B8:E6:28:BC:77:F2:25:2F:76:9E:70:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zlv1IB8YtAK45ii8d_IlL3aecPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/1c7917-8aa6-4c43-92dd-7476f42f2d9c/1/JSOEZdB4oJqgiayh7ZHEhQhqRL8.roa
Signing time: Thu 02 Jan 2025 07:49:17 +0000
ROA not before: Thu 02 Jan 2025 07:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12076
IP address blocks: 2a02:d21::/36 maxlen: 36
Validation: Failed, certificate revoked on Thu 09 Jan 2025 13:35:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:7f:05:71:fa:14:11:2d:8f:c8:23:d9:dc:3e:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce5bf5201f18b402b8e628bc77f2252f769e70f2
Validity
Not Before: Jan 2 07:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25238465d078a09aa089aca1ed91c485086a44bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:4b:da:77:eb:83:ee:d1:4f:cb:64:0a:60:07:
42:c9:98:11:a0:df:fa:9f:dd:d9:92:74:d5:d4:5b:
d5:be:3e:35:a6:e8:e6:cf:37:85:2a:37:1b:ac:8b:
f3:54:81:b8:53:7f:cc:d8:ae:af:d7:e9:f1:f3:b6:
b0:d8:70:79:f9:79:d9:f8:92:dd:79:7d:88:dc:74:
15:b0:15:97:6b:30:65:f7:5c:7c:6a:da:c0:a3:d7:
66:70:97:9d:7b:7c:80:3a:ef:c7:c3:d1:9b:1a:e0:
f4:b1:96:30:46:7f:9d:cc:51:c4:6d:37:75:55:1c:
23:2e:14:45:64:71:9e:88:72:fe:94:03:75:a1:1c:
25:2b:d6:01:0e:df:c2:e7:c4:6d:62:c7:4a:19:2d:
a7:ee:52:58:0a:1c:c2:f2:57:13:45:89:3c:db:a8:
02:b6:3d:8f:cf:98:2b:3f:61:35:14:05:72:2c:15:
eb:07:a2:ad:e4:4e:73:cc:97:7d:cd:82:c0:d4:13:
95:0c:83:8c:b7:bf:ca:fb:d6:41:58:70:cf:eb:50:
9d:21:ff:01:e4:29:84:0b:4a:e1:ea:35:9c:9c:97:
a9:dc:6d:f9:92:92:83:e6:09:e8:d6:f3:1e:22:d2:
b7:0c:60:fa:96:5e:75:52:dd:f4:83:ba:85:58:4e:
ab:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:23:84:65:D0:78:A0:9A:A0:89:AC:A1:ED:91:C4:85:08:6A:44:BF
X509v3 Authority Key Identifier:
keyid:CE:5B:F5:20:1F:18:B4:02:B8:E6:28:BC:77:F2:25:2F:76:9E:70:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zlv1IB8YtAK45ii8d_IlL3aecPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/1c7917-8aa6-4c43-92dd-7476f42f2d9c/1/JSOEZdB4oJqgiayh7ZHEhQhqRL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/1c7917-8aa6-4c43-92dd-7476f42f2d9c/1/zlv1IB8YtAK45ii8d_IlL3aecPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:d21::/36
Signature Algorithm: sha256WithRSAEncryption
ab:ae:8c:42:d4:b7:06:30:a1:4a:e7:63:9a:72:0a:12:e2:80:
a1:61:91:49:ff:00:2b:b5:61:3f:62:53:3f:15:04:4c:7e:b7:
07:49:c2:fe:78:f8:a8:b3:b0:01:e3:b7:42:1e:00:4c:38:24:
ab:d6:e4:b7:38:bb:af:de:59:e3:ee:bf:92:2f:65:77:1f:9b:
58:50:6c:4e:40:03:4d:19:59:2c:dd:4a:0f:61:59:25:87:87:
79:21:db:e4:6d:dd:a0:bc:59:bd:1a:83:ca:d4:02:5c:4d:91:
6d:4a:db:28:42:63:ac:d8:27:06:42:8c:a1:02:6e:17:c8:93:
cd:f2:1e:38:3b:da:f5:8b:bd:b2:f2:68:6a:15:e8:b5:ca:11:
4a:de:a2:6b:86:8e:5a:7d:e0:d2:28:ec:8c:d2:fd:bb:b6:f8:
b8:29:f2:be:55:44:fd:2a:04:57:4f:3c:10:d5:b2:62:b5:6b:
fa:ae:6c:c2:59:35:69:ef:e5:44:07:7e:86:0b:8e:a7:aa:0f:
03:1b:10:88:ea:82:99:d7:03:ff:b6:53:67:b9:7e:39:d0:ff:
9c:6a:2c:05:d5:ce:41:e3:51:28:14:67:f1:88:7b:b7:26:2a:
7c:fe:79:41:70:4c:e6:6d:51:66:d3:e8:28:41:97:b4:e6:2c:
fa:c0:c7:07
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQl/X8FcfoUES2PyCPZ3D57MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNWJmNTIwMWYxOGI0MDJiOGU2MjhiYzc3ZjIyNTJmNzY5
ZTcwZjIwHhcNMjUwMTAyMDc0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTIzODQ2NWQwNzhhMDlhYTA4OWFjYTFlZDkxYzQ4NTA4NmE0NGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkvad+uD7tFPy2QKYAdCyZgRoN/6
n93ZknTV1FvVvj41pujmzzeFKjcbrIvzVIG4U3/M2K6v1+nx87aw2HB5+XnZ+JLd
eX2I3HQVsBWXazBl91x8atrAo9dmcJede3yAOu/Hw9GbGuD0sZYwRn+dzFHEbTd1
VRwjLhRFZHGeiHL+lAN1oRwlK9YBDt/C58RtYsdKGS2n7lJYChzC8lcTRYk826gC
tj2Pz5grP2E1FAVyLBXrB6Kt5E5zzJd9zYLA1BOVDIOMt7/K+9ZBWHDP61CdIf8B
5CmEC0rh6jWcnJep3G35kpKD5gno1vMeItK3DGD6ll51Ut30g7qFWE6r3wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFCUjhGXQeKCaoImsoe2RxIUIakS/MB8GA1UdIwQY
MBaAFM5b9SAfGLQCuOYovHfyJS92nnDyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemx2MUlCOFl0QUs0NWlpOGRfSWxMM2FlY1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8xYzc5MTctOGFhNi00YzQzLTkyZGQt
NzQ3NmY0MmYyZDljLzEvSlNPRVpkQjRvSnFnaWF5aDdaSEVoUWhxUkw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8xYzc5MTctOGFhNi00YzQzLTkyZGQtNzQ3NmY0MmYyZDlj
LzEvemx2MUlCOFl0QUs0NWlpOGRfSWxMM2FlY1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgINIQAw
DQYJKoZIhvcNAQELBQADggEBAKuujELUtwYwoUrnY5pyChLigKFhkUn/ACu1YT9i
Uz8VBEx+twdJwv54+KizsAHjt0IeAEw4JKvW5Lc4u6/eWePuv5IvZXcfm1hQbE5A
A00ZWSzdSg9hWSWHh3kh2+Rt3aC8Wb0ag8rUAlxNkW1K2yhCY6zYJwZCjKECbhfI
k83yHjg72vWLvbLyaGoV6LXKEUreomuGjlp94NIo7IzS/bu2+Lgp8r5VRP0qBFdP
PBDVsmK1a/qubMJZNWnv5UQHfoYLjqeqDwMbEIjqgpnXA/+2U2e5fjnQ/5xqLAXV
zkHjUSgUZ/GIe7cmKnz+eUFwTOZtUWbT6ChBl7TmLPrAxwc=
-----END CERTIFICATE-----
Generated at Tue May 13 16:31:17 2025 by rpki-client