Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/0a4fdc-a869-43b7-bbd0-bf90d0151b53/1/poUTMqH4akK_IUtqag7yTsBGe7s.roa
File: poUTMqH4akK_IUtqag7yTsBGe7s.roa (raw, json)
Hash identifier: YYw3GYkgINiuhHYwP9T1bTLdGJ8DUmJA7KrhXAg9dEY=
Subject key identifier: A6:85:13:32:A1:F8:6A:42:BF:21:4B:6A:6A:0E:F2:4E:C0:46:7B:BB
Certificate issuer: /CN=2e210bd2c7cbef20f224a47b32a157318888ec85
Certificate serial: 01953C996CF646CC40064793957D03D3C1E9
Authority key identifier: 2E:21:0B:D2:C7:CB:EF:20:F2:24:A4:7B:32:A1:57:31:88:88:EC:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LiEL0sfL7yDyJKR7MqFXMYiI7IU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/0a4fdc-a869-43b7-bbd0-bf90d0151b53/1/poUTMqH4akK_IUtqag7yTsBGe7s.roa
Signing time: Tue 25 Feb 2025 10:14:02 +0000
ROA not before: Tue 25 Feb 2025 10:14:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 2a05:bd47::/48 maxlen: 48
2a05:bd47:5678::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 25 Feb 2025 10:23:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3c:99:6c:f6:46:cc:40:06:47:93:95:7d:03:d3:c1:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e210bd2c7cbef20f224a47b32a157318888ec85
Validity
Not Before: Feb 25 10:14:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6851332a1f86a42bf214b6a6a0ef24ec0467bbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e0:6f:54:a3:41:53:43:c9:64:30:7d:8a:cd:
dc:c7:06:67:68:72:0a:7c:cf:50:30:ce:9b:80:bf:
55:16:45:89:a4:38:f6:05:24:ae:71:9c:2b:c8:68:
d1:62:8a:ea:61:cd:32:c0:c8:45:f3:fb:7e:d1:d9:
f7:89:5f:57:17:14:1d:f5:b6:ee:af:84:de:cb:5b:
d3:42:26:ac:b5:a0:af:bd:3d:24:f2:97:6b:2f:78:
ad:5d:a1:a4:55:2c:80:a5:63:dc:6f:94:20:24:9c:
1b:d4:7d:9b:1d:76:40:ed:cc:27:2a:00:79:0d:4a:
10:b7:c3:47:75:df:0f:e1:e7:0d:0f:4d:15:5d:41:
b7:e2:9a:69:f0:29:4a:2f:fe:bc:13:a9:6d:4a:47:
b2:e4:fa:9c:ae:60:7d:df:43:5f:78:4b:59:16:02:
4e:35:23:07:d2:85:77:69:44:18:5b:ab:06:13:4b:
44:fb:19:3a:64:d9:e7:f4:60:00:23:77:56:73:27:
7e:81:df:fb:c4:57:6f:da:65:ee:c5:46:41:51:a1:
5c:56:1e:db:9f:c7:05:8d:c8:93:8a:1b:11:c4:9b:
6b:0e:52:b3:8a:b0:ed:07:2e:65:1a:28:3a:8d:6e:
bd:30:d1:63:d8:3d:3b:e9:53:16:97:a0:e4:34:5b:
0c:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:85:13:32:A1:F8:6A:42:BF:21:4B:6A:6A:0E:F2:4E:C0:46:7B:BB
X509v3 Authority Key Identifier:
keyid:2E:21:0B:D2:C7:CB:EF:20:F2:24:A4:7B:32:A1:57:31:88:88:EC:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LiEL0sfL7yDyJKR7MqFXMYiI7IU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/0a4fdc-a869-43b7-bbd0-bf90d0151b53/1/poUTMqH4akK_IUtqag7yTsBGe7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/0a4fdc-a869-43b7-bbd0-bf90d0151b53/1/LiEL0sfL7yDyJKR7MqFXMYiI7IU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:bd47::/48
2a05:bd47:5678::/48
Signature Algorithm: sha256WithRSAEncryption
8a:8b:14:52:c2:e7:32:99:b5:ca:de:98:5d:d1:a9:3e:69:c2:
f5:5f:d2:73:a8:a1:7b:e7:bc:7a:b6:b3:cd:bf:f5:50:e0:71:
d0:b8:8b:f7:76:00:9e:84:aa:1a:d8:11:bf:d0:0e:c3:d6:25:
ed:f7:ea:b0:18:9e:43:40:8d:26:fa:86:24:10:6d:17:20:3f:
23:7f:1c:e5:eb:bf:9c:cb:d6:3b:c7:5f:a0:97:20:25:1f:cd:
22:7c:02:f2:94:56:d4:27:e9:a9:a3:70:80:6f:a8:a2:e8:07:
a7:77:ad:83:e1:a3:d3:30:6b:bc:d7:21:85:7e:aa:67:f4:ba:
d4:1d:2a:2f:dd:1c:24:3c:1c:ec:87:70:f0:37:b5:6a:a0:75:
36:a2:44:8a:fb:19:27:0f:30:ee:e6:c2:19:83:2c:c3:fc:86:
79:d4:b5:d8:48:4c:af:35:50:63:68:fe:ff:39:3a:b4:36:58:
fb:00:46:d9:d4:fb:25:3d:0b:0f:67:30:c1:3d:3f:ee:c8:74:
30:13:16:d9:fd:fe:aa:c3:02:34:8d:42:47:69:15:1f:c7:58:
70:14:24:27:da:61:43:c9:37:85:9c:f2:0d:e8:51:09:73:dd:
61:0e:1d:43:f9:0c:25:95:04:9a:23:9b:c0:c6:06:b2:48:48:
ac:2e:c8:8d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZU8mWz2RsxABkeTlX0D08HpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMjEwYmQyYzdjYmVmMjBmMjI0YTQ3YjMyYTE1NzMxODg4
OGVjODUwHhcNMjUwMjI1MTAxNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjg1MTMzMmExZjg2YTQyYmYyMTRiNmE2YTBlZjI0ZWMwNDY3YmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleBvVKNBU0PJZDB9is3cxwZnaHIK
fM9QMM6bgL9VFkWJpDj2BSSucZwryGjRYorqYc0ywMhF8/t+0dn3iV9XFxQd9bbu
r4Tey1vTQiastaCvvT0k8pdrL3itXaGkVSyApWPcb5QgJJwb1H2bHXZA7cwnKgB5
DUoQt8NHdd8P4ecND00VXUG34ppp8ClKL/68E6ltSkey5PqcrmB930NfeEtZFgJO
NSMH0oV3aUQYW6sGE0tE+xk6ZNnn9GAAI3dWcyd+gd/7xFdv2mXuxUZBUaFcVh7b
n8cFjciTihsRxJtrDlKzirDtBy5lGig6jW69MNFj2D076VMWl6DkNFsM8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKaFEzKh+GpCvyFLamoO8k7ARnu7MB8GA1UdIwQY
MBaAFC4hC9LHy+8g8iSkezKhVzGIiOyFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGlFTDBzZkw3eUR5SktSN01xRlhNWWlJN0lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8wYTRmZGMtYTg2OS00M2I3LWJiZDAt
YmY5MGQwMTUxYjUzLzEvcG9VVE1xSDRha0tfSVV0cWFnN3lUc0JHZTdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8wYTRmZGMtYTg2OS00M2I3LWJiZDAtYmY5MGQwMTUxYjUz
LzEvTGlFTDBzZkw3eUR5SktSN01xRlhNWWlJN0lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgW9RwAA
AwcAKgW9R1Z4MA0GCSqGSIb3DQEBCwUAA4IBAQCKixRSwucymbXK3phd0ak+acL1
X9JzqKF757x6trPNv/VQ4HHQuIv3dgCehKoa2BG/0A7D1iXt9+qwGJ5DQI0m+oYk
EG0XID8jfxzl67+cy9Y7x1+glyAlH80ifALylFbUJ+mpo3CAb6ii6Aend62D4aPT
MGu81yGFfqpn9LrUHSov3RwkPBzsh3DwN7VqoHU2okSK+xknDzDu5sIZgyzD/IZ5
1LXYSEyvNVBjaP7/OTq0Nlj7AEbZ1PslPQsPZzDBPT/uyHQwExbZ/f6qwwI0jUJH
aRUfx1hwFCQn2mFDyTeFnPIN6FEJc91hDh1D+QwllQSaI5vAxgaySEisLsiN
-----END CERTIFICATE-----
Generated at Wed Apr 30 03:36:23 2025 by rpki-client