Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/0a4fdc-a869-43b7-bbd0-bf90d0151b53/1/bysQLwRzFolnn2G-dBciSsylPHo.roa
File: bysQLwRzFolnn2G-dBciSsylPHo.roa (raw, json)
Hash identifier: Nc/822sUa3if8pVvJymkbAKwbIg+9ttlVEcs0ggJaAY=
Subject key identifier: 6F:2B:10:2F:04:73:16:89:67:9F:61:BE:74:17:22:4A:CC:A5:3C:7A
Certificate issuer: /CN=2e210bd2c7cbef20f224a47b32a157318888ec85
Certificate serial: 01953DF469A6B417D25C391A10166394DFFC
Authority key identifier: 2E:21:0B:D2:C7:CB:EF:20:F2:24:A4:7B:32:A1:57:31:88:88:EC:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LiEL0sfL7yDyJKR7MqFXMYiI7IU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/0a4fdc-a869-43b7-bbd0-bf90d0151b53/1/bysQLwRzFolnn2G-dBciSsylPHo.roa
Signing time: Tue 25 Feb 2025 16:33:02 +0000
ROA not before: Tue 25 Feb 2025 16:33:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 2a05:bd47:1234::/48 maxlen: 48
2a05:bd47:aaaa::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 26 Feb 2025 15:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3d:f4:69:a6:b4:17:d2:5c:39:1a:10:16:63:94:df:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e210bd2c7cbef20f224a47b32a157318888ec85
Validity
Not Before: Feb 25 16:33:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f2b102f04731689679f61be7417224acca53c7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:50:50:51:b5:b3:cb:83:54:7f:18:48:68:78:
7e:df:50:60:b3:43:9c:00:87:33:80:9e:cd:c4:e9:
50:b9:fc:44:c3:5e:a0:3f:41:0b:69:52:b8:44:20:
18:a1:8a:69:8c:ae:15:a7:95:70:cd:87:58:80:1f:
ba:55:97:4a:37:c4:cd:dc:b9:f3:8e:be:9b:54:6a:
de:32:d0:05:b1:f9:98:c6:9a:4e:52:0f:fb:44:14:
dc:79:47:ea:37:83:1d:0b:0f:d4:4d:6f:49:af:40:
8a:67:8f:5e:93:88:cc:a8:22:25:5f:c0:97:66:9c:
73:29:d1:0d:62:87:41:9e:17:5a:07:e9:45:18:0d:
d6:29:ff:a0:66:db:89:0f:4c:d7:5e:cb:93:c9:c5:
9e:d2:f8:62:9c:4e:22:b7:08:87:8f:4e:aa:98:40:
c6:f0:e7:2a:da:43:a6:7f:0f:dd:40:63:9e:c9:ed:
ce:b7:62:b2:1e:8d:ea:1c:7a:af:3a:df:72:ce:36:
51:97:f1:b1:30:d7:1b:05:0e:cf:6e:7e:39:83:c8:
7e:ab:d3:33:b9:8c:50:6d:b2:99:28:c4:94:78:1c:
1e:1c:cc:b3:75:ec:bc:d2:3e:18:5f:4c:a8:c5:c5:
a8:c5:07:f1:bd:3d:23:7f:e5:a4:78:4e:1a:43:94:
2b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:2B:10:2F:04:73:16:89:67:9F:61:BE:74:17:22:4A:CC:A5:3C:7A
X509v3 Authority Key Identifier:
keyid:2E:21:0B:D2:C7:CB:EF:20:F2:24:A4:7B:32:A1:57:31:88:88:EC:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LiEL0sfL7yDyJKR7MqFXMYiI7IU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/0a4fdc-a869-43b7-bbd0-bf90d0151b53/1/bysQLwRzFolnn2G-dBciSsylPHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/0a4fdc-a869-43b7-bbd0-bf90d0151b53/1/LiEL0sfL7yDyJKR7MqFXMYiI7IU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:bd47:1234::/48
2a05:bd47:aaaa::/48
Signature Algorithm: sha256WithRSAEncryption
9d:d4:5e:74:e0:03:3e:f3:59:4b:a4:d6:2e:c4:3e:83:5d:36:
a3:db:0d:90:56:e0:0c:4d:1a:95:20:a9:22:55:2e:7c:e2:8e:
93:2b:87:bb:43:5f:b1:c9:a1:50:7a:66:f1:2b:2e:36:1c:6b:
97:fd:c0:70:81:54:46:18:c0:57:5d:2d:ce:83:16:12:72:5f:
a2:67:64:d4:dd:c1:24:9e:94:33:6e:06:f0:f3:7f:b0:76:68:
e3:08:7b:90:98:8b:ef:2d:1f:0b:4a:ed:74:9e:4c:74:a6:83:
61:aa:6a:99:66:a0:83:b7:8c:d4:44:36:ac:f0:6a:2b:64:3d:
5a:82:87:29:19:3a:fb:04:c4:8c:3e:b0:b7:3f:d5:29:07:12:
78:6a:e5:c0:a8:3e:1b:7e:7d:67:9e:d5:b2:8f:ce:76:a2:b6:
c5:30:0c:e1:e5:36:af:2c:b3:02:06:df:24:6d:42:d9:b2:c3:
a3:8a:14:f5:ce:9b:14:53:a8:97:5f:e5:ce:c2:f6:b5:1a:bb:
69:0c:e2:db:a1:fa:7a:19:4f:0a:0e:f0:95:74:13:33:7a:30:
03:da:cf:33:d4:77:37:e2:1f:85:03:e2:f2:e4:bd:d9:17:01:
ad:a4:2f:4b:fb:65:df:70:41:06:d4:b5:ed:b8:16:c5:7d:9f:
64:1c:76:53
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZU99GmmtBfSXDkaEBZjlN/8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMjEwYmQyYzdjYmVmMjBmMjI0YTQ3YjMyYTE1NzMxODg4
OGVjODUwHhcNMjUwMjI1MTYzMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjJiMTAyZjA0NzMxNjg5Njc5ZjYxYmU3NDE3MjI0YWNjYTUzYzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFBQUbWzy4NUfxhIaHh+31Bgs0Oc
AIczgJ7NxOlQufxEw16gP0ELaVK4RCAYoYppjK4Vp5VwzYdYgB+6VZdKN8TN3Lnz
jr6bVGreMtAFsfmYxppOUg/7RBTceUfqN4MdCw/UTW9Jr0CKZ49ek4jMqCIlX8CX
ZpxzKdENYodBnhdaB+lFGA3WKf+gZtuJD0zXXsuTycWe0vhinE4itwiHj06qmEDG
8Ocq2kOmfw/dQGOeye3Ot2KyHo3qHHqvOt9yzjZRl/GxMNcbBQ7Pbn45g8h+q9Mz
uYxQbbKZKMSUeBweHMyzdey80j4YX0yoxcWoxQfxvT0jf+WkeE4aQ5Qr4QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG8rEC8EcxaJZ59hvnQXIkrMpTx6MB8GA1UdIwQY
MBaAFC4hC9LHy+8g8iSkezKhVzGIiOyFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGlFTDBzZkw3eUR5SktSN01xRlhNWWlJN0lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8wYTRmZGMtYTg2OS00M2I3LWJiZDAt
YmY5MGQwMTUxYjUzLzEvYnlzUUx3UnpGb2xubjJHLWRCY2lTc3lsUEhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8wYTRmZGMtYTg2OS00M2I3LWJiZDAtYmY5MGQwMTUxYjUz
LzEvTGlFTDBzZkw3eUR5SktSN01xRlhNWWlJN0lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgW9RxI0
AwcAKgW9R6qqMA0GCSqGSIb3DQEBCwUAA4IBAQCd1F504AM+81lLpNYuxD6DXTaj
2w2QVuAMTRqVIKkiVS584o6TK4e7Q1+xyaFQembxKy42HGuX/cBwgVRGGMBXXS3O
gxYScl+iZ2TU3cEknpQzbgbw83+wdmjjCHuQmIvvLR8LSu10nkx0poNhqmqZZqCD
t4zURDas8GorZD1agocpGTr7BMSMPrC3P9UpBxJ4auXAqD4bfn1nntWyj852orbF
MAzh5TavLLMCBt8kbULZssOjihT1zpsUU6iXX+XOwva1GrtpDOLbofp6GU8KDvCV
dBMzejAD2s8z1Hc34h+FA+Ly5L3ZFwGtpC9L+2XfcEEG1LXtuBbFfZ9kHHZT
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:47:27 2025 by rpki-client