Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/0a97f1-7bf5-4368-8260-8d715ac217e2/1/xx-J1jlCRRbtgvRPiTLPc9KlIWI.roa
File: xx-J1jlCRRbtgvRPiTLPc9KlIWI.roa (raw, json)
Hash identifier: 1QpC3YDU3F4BsPq8gHRy1vORidbYrQxvums8q2yPvsc=
Subject key identifier: C7:1F:89:D6:39:42:45:16:ED:82:F4:4F:89:32:CF:73:D2:A5:21:62
Certificate issuer: /CN=cf5567122a88ca9889a1798b6c942dcc0cbc753b
Certificate serial: 0193C5BEE5BD10CE9F1A9E316A7301F00E0D
Authority key identifier: CF:55:67:12:2A:88:CA:98:89:A1:79:8B:6C:94:2D:CC:0C:BC:75:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z1VnEiqIypiJoXmLbJQtzAy8dTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/0a97f1-7bf5-4368-8260-8d715ac217e2/1/xx-J1jlCRRbtgvRPiTLPc9KlIWI.roa
Signing time: Sat 14 Dec 2024 15:17:22 +0000
ROA not before: Sat 14 Dec 2024 15:17:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44244
IP address blocks: 2.144.0.0/16 maxlen: 24
2.145.0.0/16 maxlen: 24
2.146.0.0/16 maxlen: 24
2.147.0.0/16 maxlen: 24
5.112.0.0/16 maxlen: 24
5.113.0.0/16 maxlen: 24
5.114.0.0/16 maxlen: 24
5.115.0.0/16 maxlen: 24
5.116.0.0/16 maxlen: 24
5.117.0.0/16 maxlen: 24
5.119.0.0/16 maxlen: 24
5.120.0.0/16 maxlen: 24
5.121.0.0/16 maxlen: 24
5.122.0.0/16 maxlen: 24
5.123.0.0/16 maxlen: 24
5.124.0.0/16 maxlen: 24
5.125.0.0/16 maxlen: 24
5.126.0.0/16 maxlen: 24
5.127.0.0/16 maxlen: 24
92.42.48.0/21 maxlen: 24
2a01:5ec0::/36 maxlen: 37
2a01:5ec0::/37 maxlen: 37
2a01:5ec0:1000::/36 maxlen: 37
2a01:5ec0:1000::/37 maxlen: 37
2a01:5ec0:1800::/37 maxlen: 37
2a01:5ec0:2000::/36 maxlen: 36
2a01:5ec0:2000::/37 maxlen: 37
2a01:5ec0:2800::/37 maxlen: 37
2a01:5ec0:3000::/36 maxlen: 36
2a01:5ec0:4000::/36 maxlen: 36
2a01:5ec0:5000::/36 maxlen: 36
2a01:5ec0:5000::/37 maxlen: 37
2a01:5ec0:5800::/37 maxlen: 37
2a01:5ec0:6000::/36 maxlen: 36
2a01:5ec0:7000::/36 maxlen: 36
2a01:5ec0:7000::/37 maxlen: 37
2a01:5ec0:7800::/37 maxlen: 37
2a01:5ec0:8000::/36 maxlen: 36
2a01:5ec0:9000::/36 maxlen: 36
2a01:5ec0:9000::/37 maxlen: 37
2a01:5ec0:9800::/37 maxlen: 37
2a01:5ec0:a000::/36 maxlen: 36
2a01:5ec0:b000::/36 maxlen: 36
2a01:5ec0:b000::/37 maxlen: 37
2a01:5ec0:b800::/37 maxlen: 37
2a01:5ec0:c000::/36 maxlen: 36
2a01:5ec0:d000::/36 maxlen: 36
2a01:5ec0:d000::/37 maxlen: 37
2a01:5ec0:d800::/37 maxlen: 37
2a01:5ec0:e000::/36 maxlen: 36
2a01:5ec0:e000::/37 maxlen: 37
2a01:5ec0:e800::/37 maxlen: 37
Validation: Failed, certificate revoked on Sat 14 Dec 2024 15:18:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c5:be:e5:bd:10:ce:9f:1a:9e:31:6a:73:01:f0:0e:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf5567122a88ca9889a1798b6c942dcc0cbc753b
Validity
Not Before: Dec 14 15:17:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c71f89d639424516ed82f44f8932cf73d2a52162
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:5d:4c:8e:ab:c5:cd:05:c5:12:84:49:9c:bf:
0a:36:62:60:34:9f:15:ec:13:63:a7:6a:85:61:a4:
a2:4c:e2:83:01:79:bb:4d:47:5e:18:00:4e:ea:03:
db:05:0f:dc:3a:ae:7c:d7:9a:99:15:de:dd:9a:8b:
26:04:0e:78:69:03:b1:7f:30:91:8f:21:56:0b:cf:
6a:11:0f:b5:29:34:2d:80:48:ac:a2:24:ea:c1:ee:
49:c8:0c:45:34:22:c3:f4:5f:d2:52:ce:57:a6:22:
93:01:4b:e4:fa:d7:2e:0a:a2:a3:7a:c8:73:a6:cc:
8c:0a:8d:01:90:71:74:d6:5b:e2:3f:80:16:e4:3d:
8a:3b:53:8c:06:73:92:c2:30:09:b9:60:b3:18:33:
c2:b7:75:ac:1c:d8:79:b9:d5:48:ff:33:38:2e:7f:
e9:65:15:57:74:9c:8d:b4:47:ac:88:a2:5e:56:50:
3a:89:0c:07:7d:da:17:de:a0:24:0f:c6:9d:c6:d0:
14:3f:2b:66:50:5c:e4:af:e9:ca:82:79:fa:25:50:
fb:84:c7:26:55:3a:e7:d5:f7:49:67:b7:67:24:e3:
d7:ff:37:9d:dd:a4:33:37:37:7b:8c:c9:d7:15:d7:
f4:b4:11:fc:90:92:e5:4c:70:3b:17:2e:b1:dd:5b:
6e:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:1F:89:D6:39:42:45:16:ED:82:F4:4F:89:32:CF:73:D2:A5:21:62
X509v3 Authority Key Identifier:
keyid:CF:55:67:12:2A:88:CA:98:89:A1:79:8B:6C:94:2D:CC:0C:BC:75:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z1VnEiqIypiJoXmLbJQtzAy8dTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/0a97f1-7bf5-4368-8260-8d715ac217e2/1/xx-J1jlCRRbtgvRPiTLPc9KlIWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/0a97f1-7bf5-4368-8260-8d715ac217e2/1/z1VnEiqIypiJoXmLbJQtzAy8dTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.144.0.0/14
5.112.0.0-5.117.255.255
5.119.0.0-5.127.255.255
92.42.48.0/21
IPv6:
2a01:5ec0::-2a01:5ec0:efff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
88:dd:2d:98:6e:ad:f0:cc:c3:2a:6b:fa:5e:75:a2:df:ee:80:
37:e1:a2:36:cc:4b:5c:40:1b:02:da:31:9b:7e:6b:5a:e9:9d:
d8:60:7e:c0:5f:06:17:d7:f1:13:44:e4:76:e7:c8:b5:61:1d:
70:79:a7:f0:61:2b:59:55:d0:7a:f9:e9:47:1b:48:ec:a5:fb:
dc:31:03:9f:e1:35:4d:3d:77:c4:bc:12:59:61:d5:01:dc:b2:
b7:67:d1:be:c7:cb:2a:38:71:71:4d:09:11:45:d8:26:d8:be:
b2:c3:e5:9e:17:a6:a4:f2:2b:3c:93:e6:64:6c:a9:4d:ad:84:
1e:ba:12:e3:1e:2b:ab:d6:27:fe:75:16:83:78:37:39:3c:c6:
ef:fd:0a:0d:9b:03:2f:3a:76:ad:11:c9:3f:ba:9b:a1:72:6e:
e7:5a:7f:45:6e:b2:cc:b4:1e:00:4a:65:a8:aa:1a:64:12:a4:
2a:09:1b:be:a2:66:f1:ca:95:a0:6b:71:57:94:18:50:8f:33:
6f:64:64:a6:7b:63:3d:5e:8e:e1:24:17:a2:9f:86:3e:d6:0c:
12:d5:b4:ff:5e:34:09:45:d0:c9:61:fe:93:b9:ee:a9:05:22:
95:d2:93:18:da:32:8d:12:88:3e:cd:bb:24:77:7e:9a:1e:be:
d4:b0:89:c3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZPFvuW9EM6fGp4xanMB8A4NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNTU2NzEyMmE4OGNhOTg4OWExNzk4YjZjOTQyZGNjMGNi
Yzc1M2IwHhcNMjQxMjE0MTUxNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzFmODlkNjM5NDI0NTE2ZWQ4MmY0NGY4OTMyY2Y3M2QyYTUyMTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwV1MjqvFzQXFEoRJnL8KNmJgNJ8V
7BNjp2qFYaSiTOKDAXm7TUdeGABO6gPbBQ/cOq5815qZFd7dmosmBA54aQOxfzCR
jyFWC89qEQ+1KTQtgEisoiTqwe5JyAxFNCLD9F/SUs5XpiKTAUvk+tcuCqKjeshz
psyMCo0BkHF01lviP4AW5D2KO1OMBnOSwjAJuWCzGDPCt3WsHNh5udVI/zM4Ln/p
ZRVXdJyNtEesiKJeVlA6iQwHfdoX3qAkD8adxtAUPytmUFzkr+nKgnn6JVD7hMcm
VTrn1fdJZ7dnJOPX/zed3aQzNzd7jMnXFdf0tBH8kJLlTHA7Fy6x3VtubwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFMcfidY5QkUW7YL0T4kyz3PSpSFiMB8GA1UdIwQY
MBaAFM9VZxIqiMqYiaF5i2yULcwMvHU7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejFWbkVpcUl5cGlKb1htTGJKUXR6QXk4ZFRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8wYTk3ZjEtN2JmNS00MzY4LTgyNjAt
OGQ3MTVhYzIxN2UyLzEveHgtSjFqbENSUmJ0Z3ZSUGlUTFBjOUtsSVdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8wYTk3ZjEtN2JmNS00MzY4LTgyNjAtOGQ3MTVhYzIxN2Uy
LzEvejFWbkVpcUl5cGlKb1htTGJKUXR6QXk4ZFRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDApBAIAATAjAwMCApAwCgMD
BAVwAwMBBXQwCgMDAAV3AwMHBQADBANcKjAwFwQCAAIwETAPAwUGKgFewAMGBCoB
XsDgMA0GCSqGSIb3DQEBCwUAA4IBAQCI3S2Ybq3wzMMqa/pedaLf7oA34aI2zEtc
QBsC2jGbfmta6Z3YYH7AXwYX1/ETROR258i1YR1weafwYStZVdB6+elHG0jspfvc
MQOf4TVNPXfEvBJZYdUB3LK3Z9G+x8sqOHFxTQkRRdgm2L6yw+WeF6ak8is8k+Zk
bKlNrYQeuhLjHiur1if+dRaDeDc5PMbv/QoNmwMvOnatEck/upuhcm7nWn9FbrLM
tB4ASmWoqhpkEqQqCRu+ombxypWga3FXlBhQjzNvZGSme2M9Xo7hJBein4Y+1gwS
1bT/XjQJRdDJYf6Tue6pBSKV0pMY2jKNEog+zbskd36aHr7UsInD
-----END CERTIFICATE-----
Generated at Wed May 14 18:34:02 2025 by rpki-client