Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/3jGpp6i_caE05EsItqmVZhnEkEw.roa
File: 3jGpp6i_caE05EsItqmVZhnEkEw.roa (raw, json)
Hash identifier: k9gXpCeye5M8Is9vBVasx4tUuIyDaOBkGzlU4orvg14=
Subject key identifier: DE:31:A9:A7:A8:BF:71:A1:34:E4:4B:08:B6:A9:95:66:19:C4:90:4C
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 019538C13C70127DF2CEA4BCE6E17F7226C0
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/3jGpp6i_caE05EsItqmVZhnEkEw.roa
Signing time: Mon 24 Feb 2025 16:19:02 +0000
ROA not before: Mon 24 Feb 2025 16:19:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42375
IP address blocks: 2a05:1e41::/32 maxlen: 32
2a09:a801::/32 maxlen: 32
2a09:af80::/32 maxlen: 32
2a09:bc02::/32 maxlen: 32
2a09:c700::/32 maxlen: 32
2a09:cf00::/32 maxlen: 32
2a09:d700::/32 maxlen: 32
2a09:dd00::/32 maxlen: 32
2a09:e700::/32 maxlen: 32
2a0d:fcc0::/32 maxlen: 32
2a0e:3f40::/32 maxlen: 32
2a0e:5880::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 24 Feb 2025 17:42:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:38:c1:3c:70:12:7d:f2:ce:a4:bc:e6:e1:7f:72:26:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Feb 24 16:19:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de31a9a7a8bf71a134e44b08b6a9956619c4904c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:21:70:02:52:18:76:7e:e1:b5:4d:0b:26:27:
2a:b4:c2:f7:c8:a2:a6:25:b3:33:f3:a6:e2:5a:3b:
e5:7b:91:5b:ea:8e:a6:10:a7:7e:90:af:8f:60:ca:
78:dd:7c:7c:cc:d4:33:55:fa:e5:8b:91:bc:a7:9a:
81:72:e4:88:e5:f4:ce:c6:06:fd:c5:7e:59:b2:9d:
cb:84:a2:fc:ac:3c:0d:c6:d1:07:88:ca:62:2a:35:
f2:24:ec:0a:f5:87:d0:ea:10:f6:92:71:e3:84:af:
2a:37:82:c7:a5:16:4f:0a:a1:19:c9:81:5c:15:7d:
bd:50:de:c3:a4:cd:ff:6c:63:01:2e:53:21:c8:45:
cb:48:46:a1:39:39:5d:72:2a:e6:69:f2:dd:00:bf:
3c:d2:93:4a:98:b0:e5:57:a2:18:4d:55:8e:0b:38:
97:90:42:bf:ce:d8:b7:df:6b:9e:3f:77:c4:ff:f2:
27:fd:b3:55:9b:36:7f:1e:0e:79:20:8c:03:a4:f7:
bf:04:44:25:18:47:b8:ea:d2:2d:22:e3:be:43:c6:
7c:c6:8f:05:54:94:ad:e1:27:ea:d3:5f:bb:b6:3c:
bb:26:df:f1:74:cd:81:ee:8e:12:b2:f1:84:c2:4f:
0d:6f:3f:fd:f7:27:7c:60:0d:48:bd:03:fe:86:56:
75:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:31:A9:A7:A8:BF:71:A1:34:E4:4B:08:B6:A9:95:66:19:C4:90:4C
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/3jGpp6i_caE05EsItqmVZhnEkEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:1e41::/32
2a09:a801::/32
2a09:af80::/32
2a09:bc02::/32
2a09:c700::/32
2a09:cf00::/32
2a09:d700::/32
2a09:dd00::/32
2a09:e700::/32
2a0d:fcc0::/32
2a0e:3f40::/32
2a0e:5880::/32
Signature Algorithm: sha256WithRSAEncryption
c6:1b:7d:f8:bb:21:19:fd:2c:50:46:8b:a3:16:d9:d1:48:37:
a0:56:93:55:b1:85:00:cd:69:eb:5d:90:78:14:6f:40:27:f2:
5c:2b:23:8d:ba:60:85:8b:ac:3f:be:8d:62:3d:15:5f:7f:e1:
50:e6:41:75:6f:2b:15:7c:20:6f:41:6b:33:c4:b4:6c:b8:d7:
96:94:fa:6a:02:36:c5:cf:d0:f4:66:24:f7:5a:6b:38:6c:3b:
a0:e6:ea:7d:67:40:7a:47:1c:d6:58:4d:b3:6b:1f:61:ce:38:
7b:c7:b0:a2:6d:38:40:38:bd:a1:22:77:28:80:48:b9:9a:63:
99:c9:a3:d1:c0:05:d5:2c:b9:f2:26:67:af:7f:9f:f0:00:22:
6b:32:39:91:ac:f4:4d:b5:43:f0:6d:56:19:41:be:bd:b1:1a:
00:4c:ff:a8:80:76:fd:6f:e3:65:3e:6b:0b:62:10:87:e7:3b:
a7:a2:2b:82:d3:5a:87:33:a5:92:ad:f4:f7:aa:b9:ca:0e:c5:
2a:8c:97:1c:87:76:6d:43:47:21:57:b7:b1:ed:2e:bb:97:8f:
dd:c0:27:a2:73:d6:5c:29:22:d9:b7:24:1a:42:e0:2b:70:4b:
95:9a:a3:aa:8a:28:c9:84:04:7a:06:37:10:f2:5b:2b:43:7a:
0a:a4:62:97
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZU4wTxwEn3yzqS85uF/cibAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjUwMjI0MTYxOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTMxYTlhN2E4YmY3MWExMzRlNDRiMDhiNmE5OTU2NjE5YzQ5MDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuiFwAlIYdn7htU0LJicqtML3yKKm
JbMz86biWjvle5Fb6o6mEKd+kK+PYMp43Xx8zNQzVfrli5G8p5qBcuSI5fTOxgb9
xX5Zsp3LhKL8rDwNxtEHiMpiKjXyJOwK9YfQ6hD2knHjhK8qN4LHpRZPCqEZyYFc
FX29UN7DpM3/bGMBLlMhyEXLSEahOTldcirmafLdAL880pNKmLDlV6IYTVWOCziX
kEK/zti332ueP3fE//In/bNVmzZ/Hg55IIwDpPe/BEQlGEe46tItIuO+Q8Z8xo8F
VJSt4Sfq01+7tjy7Jt/xdM2B7o4SsvGEwk8Nbz/99yd8YA1IvQP+hlZ1IQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFN4xqaeov3GhNORLCLaplWYZxJBMMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvM2pHcHA2aV9jYUUwNUVzSXRxbVZaaG5Fa0V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAAjBUAwUAKgUeQQMF
ACoJqAEDBQAqCa+AAwUAKgm8AgMFACoJxwADBQAqCc8AAwUAKgnXAAMFACoJ3QAD
BQAqCecAAwUAKg38wAMFACoOP0ADBQAqDliAMA0GCSqGSIb3DQEBCwUAA4IBAQDG
G334uyEZ/SxQRoujFtnRSDegVpNVsYUAzWnrXZB4FG9AJ/JcKyONumCFi6w/vo1i
PRVff+FQ5kF1bysVfCBvQWszxLRsuNeWlPpqAjbFz9D0ZiT3Wms4bDug5up9Z0B6
RxzWWE2zax9hzjh7x7CibThAOL2hIncogEi5mmOZyaPRwAXVLLnyJmevf5/wACJr
MjmRrPRNtUPwbVYZQb69sRoATP+ogHb9b+NlPmsLYhCH5zunoiuC01qHM6WSrfT3
qrnKDsUqjJcch3ZtQ0chV7ex7S67l4/dwCeic9ZcKSLZtyQaQuArcEuVmqOqiijJ
hAR6BjcQ8lsrQ3oKpGKX
-----END CERTIFICATE-----
Generated at Wed Apr 30 07:01:55 2025 by rpki-client