Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/JexOlEHxpN2fPjBfpH7zO_YhHoE.roa
File: JexOlEHxpN2fPjBfpH7zO_YhHoE.roa (raw, json)
Hash identifier: ZAlO81JWV3IlumBc23bjhb5sBO0bj909xQO2mfFndNQ=
Subject key identifier: 25:EC:4E:94:41:F1:A4:DD:9F:3E:30:5F:A4:7E:F3:3B:F6:21:1E:81
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 019413553743A1BFF494C30017D12ADF3939
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/JexOlEHxpN2fPjBfpH7zO_YhHoE.roa
Signing time: Sun 29 Dec 2024 16:52:19 +0000
ROA not before: Sun 29 Dec 2024 16:52:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207108
IP address blocks: 2a0b:8440::/29 maxlen: 29
2a0b:a4c0::/29 maxlen: 29
2a13:cdc0::/29 maxlen: 29
2a13:d140::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:53:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:13:55:37:43:a1:bf:f4:94:c3:00:17:d1:2a:df:39:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Dec 29 16:52:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25ec4e9441f1a4dd9f3e305fa47ef33bf6211e81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:9e:c4:ad:7d:df:e1:a1:8a:9d:0b:12:91:96:
f7:fb:6a:78:5d:da:3b:fe:70:64:20:a6:a9:77:e9:
38:b0:bf:a1:00:65:c9:61:3c:07:c7:42:47:29:81:
58:7f:ba:17:5f:0f:9d:79:a2:ee:10:f9:18:f3:03:
1f:0d:b4:f4:44:de:1d:77:20:be:42:e8:c8:fe:98:
e7:9d:b7:25:4d:6d:ea:cd:6f:3f:b8:1a:d4:93:e5:
07:dd:d1:24:08:81:b8:1d:7f:06:87:90:a9:c7:34:
7c:25:27:50:91:59:4d:71:d0:ee:2a:78:f2:fa:00:
ae:d1:a0:6f:59:08:61:3f:69:1b:40:b5:f0:59:bc:
d7:be:b7:07:bf:cd:d4:b7:a0:2f:44:72:a6:dd:07:
37:36:99:48:a1:fe:fe:12:38:f8:77:b8:97:a1:d4:
51:6b:6d:09:98:df:ae:39:8c:19:82:83:be:c9:9c:
bb:26:b2:59:9e:5f:ce:87:10:10:98:59:e5:ce:4f:
c7:45:48:a0:66:b6:0e:3e:01:66:7d:41:86:2a:25:
e0:10:5a:9a:ae:0f:b0:78:0c:5f:8a:6a:8f:a0:dd:
67:bf:dc:e1:e3:1d:68:83:3a:c5:2b:31:bb:a5:92:
dc:e1:d3:48:d7:1f:d2:49:23:25:ab:e2:89:d8:d2:
79:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:EC:4E:94:41:F1:A4:DD:9F:3E:30:5F:A4:7E:F3:3B:F6:21:1E:81
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/JexOlEHxpN2fPjBfpH7zO_YhHoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:8440::/29
2a0b:a4c0::/29
2a13:cdc0::/29
2a13:d140::/29
Signature Algorithm: sha256WithRSAEncryption
80:df:2b:0c:ec:88:6e:c5:03:c4:b6:0d:dd:d6:c9:ea:51:82:
70:d1:d9:05:ac:e2:55:fe:7b:1b:f1:e6:de:f8:6c:4e:f7:0a:
be:e4:62:e5:1b:fb:e0:ef:25:42:b8:4c:3c:7a:75:0e:9e:47:
c2:f6:c3:0f:94:92:e1:b5:8d:ca:aa:82:b5:a0:e5:a9:e7:5a:
1f:0b:99:ca:6f:24:84:1c:f9:3d:09:72:18:ab:ec:91:2b:29:
96:26:b5:2c:93:a0:93:14:db:31:61:7f:70:cc:32:a1:dc:6a:
fc:d2:90:e4:24:9e:f6:a9:ee:c5:7d:04:e3:b2:3d:6a:f6:22:
10:f7:f3:5a:5b:5c:00:cb:eb:23:de:b0:c2:6d:38:c3:bd:27:
39:a3:3f:7b:77:b4:9c:72:8f:cc:04:c1:b1:f8:ce:a7:da:01:
c7:b9:89:65:57:15:2a:72:b5:d4:c7:3a:d7:22:89:a2:0e:fe:
47:f3:f5:75:f7:34:b7:a3:3d:c4:c9:d5:62:8e:9f:db:92:c3:
49:97:91:be:1c:ef:84:f1:f0:0b:82:41:cb:26:37:96:a3:aa:
ea:d2:e1:4d:f2:f3:ff:b7:b0:33:aa:9a:9c:6d:00:ce:59:07:
ba:dc:f1:71:9d:53:43:f2:13:46:3f:e2:ff:bb:67:bb:4a:49:
92:f3:f1:3b
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQTVTdDob/0lMMAF9Eq3zk5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjQxMjI5MTY1MjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWVjNGU5NDQxZjFhNGRkOWYzZTMwNWZhNDdlZjMzYmY2MjExZTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Z7ErX3f4aGKnQsSkZb3+2p4Xdo7
/nBkIKapd+k4sL+hAGXJYTwHx0JHKYFYf7oXXw+deaLuEPkY8wMfDbT0RN4ddyC+
QujI/pjnnbclTW3qzW8/uBrUk+UH3dEkCIG4HX8Gh5CpxzR8JSdQkVlNcdDuKnjy
+gCu0aBvWQhhP2kbQLXwWbzXvrcHv83Ut6AvRHKm3Qc3NplIof7+Ejj4d7iXodRR
a20JmN+uOYwZgoO+yZy7JrJZnl/OhxAQmFnlzk/HRUigZrYOPgFmfUGGKiXgEFqa
rg+weAxfimqPoN1nv9zh4x1ogzrFKzG7pZLc4dNI1x/SSSMlq+KJ2NJ56wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFCXsTpRB8aTdnz4wX6R+8zv2IR6BMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvSmV4T2xFSHhwTjJmUGpCZnBIN3pPX1loSG9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKguEQAMF
AyoLpMADBQMqE83AAwUDKhPRQDANBgkqhkiG9w0BAQsFAAOCAQEAgN8rDOyIbsUD
xLYN3dbJ6lGCcNHZBaziVf57G/Hm3vhsTvcKvuRi5Rv74O8lQrhMPHp1Dp5HwvbD
D5SS4bWNyqqCtaDlqedaHwuZym8khBz5PQlyGKvskSsplia1LJOgkxTbMWF/cMwy
odxq/NKQ5CSe9qnuxX0E47I9avYiEPfzWltcAMvrI96wwm04w70nOaM/e3e0nHKP
zATBsfjOp9oBx7mJZVcVKnK11Mc61yKJog7+R/P1dfc0t6M9xMnVYo6f25LDSZeR
vhzvhPHwC4JByyY3lqOq6tLhTfLz/7ewM6qanG0AzlkHutzxcZ1TQ/ITRj/i/7tn
u0pJkvPxOw==
-----END CERTIFICATE-----
Generated at Sun Apr 27 13:23:44 2025 by rpki-client