Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/E7M7JavqRTOosxgj_9BAV8xM9nU.roa
File: E7M7JavqRTOosxgj_9BAV8xM9nU.roa (raw, json)
Hash identifier: b/ektoHL3RwLledhnDU5p7uLYYiIkOWyq+O3cHqPv/Q=
Subject key identifier: 13:B3:3B:25:AB:EA:45:33:A8:B3:18:23:FF:D0:40:57:CC:4C:F6:75
Certificate issuer: /CN=3d7b9dffaae33ec2cf19b5ad4e49c1e9eb1d9d64
Certificate serial: 0194D111689608971CCAF35FCB43398F5BFE
Authority key identifier: 3D:7B:9D:FF:AA:E3:3E:C2:CF:19:B5:AD:4E:49:C1:E9:EB:1D:9D:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PXud_6rjPsLPGbWtTknB6esdnWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/E7M7JavqRTOosxgj_9BAV8xM9nU.roa
Signing time: Tue 04 Feb 2025 13:06:06 +0000
ROA not before: Tue 04 Feb 2025 13:06:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35263
IP address blocks: 86.109.64.0/19 maxlen: 19
86.109.64.0/20 maxlen: 20
2a00:1b90::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 06 Feb 2025 11:17:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d1:11:68:96:08:97:1c:ca:f3:5f:cb:43:39:8f:5b:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d7b9dffaae33ec2cf19b5ad4e49c1e9eb1d9d64
Validity
Not Before: Feb 4 13:06:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=13b33b25abea4533a8b31823ffd04057cc4cf675
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:91:7e:8b:67:23:8b:82:cd:9a:2a:0c:bc:67:
43:cc:c5:ba:f4:8e:08:bc:14:95:00:56:d4:d4:6b:
31:df:f8:3b:31:65:53:1c:eb:5f:b5:4d:ee:a5:e0:
15:67:03:f6:54:54:e6:3a:c0:1e:36:7c:a3:77:64:
0f:68:8c:e9:8a:c0:8d:9e:04:eb:47:10:04:59:d0:
ea:1a:a4:11:70:53:e1:0f:83:9d:f7:d9:e9:a5:57:
d6:1d:24:be:a1:40:e3:6a:92:2d:00:e5:02:69:b4:
b7:55:03:b1:b1:6c:19:89:57:c1:8b:86:53:10:f0:
26:4e:f0:c7:66:00:95:0b:77:0e:f5:58:8d:84:a2:
6f:52:bb:4d:a5:b6:54:ce:e5:db:ba:d9:9a:e0:15:
a1:8b:b4:b8:00:16:1b:cc:4b:21:5f:4f:b6:a0:80:
fb:47:0f:bc:9d:cf:00:c7:d7:b9:8c:73:4c:da:63:
7d:be:50:da:0d:5f:28:fd:51:b3:cc:83:62:a3:ea:
4f:2a:6a:94:f8:76:77:a9:12:f5:78:19:86:42:e3:
b6:7f:c9:78:22:6b:60:24:bc:8a:96:1d:1b:74:33:
23:19:21:08:d1:34:3d:4a:02:7d:8d:8f:88:51:ab:
bc:19:5a:e5:8d:f2:3f:7d:2b:f6:f0:06:b1:00:5d:
f8:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:B3:3B:25:AB:EA:45:33:A8:B3:18:23:FF:D0:40:57:CC:4C:F6:75
X509v3 Authority Key Identifier:
keyid:3D:7B:9D:FF:AA:E3:3E:C2:CF:19:B5:AD:4E:49:C1:E9:EB:1D:9D:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PXud_6rjPsLPGbWtTknB6esdnWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/E7M7JavqRTOosxgj_9BAV8xM9nU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/PXud_6rjPsLPGbWtTknB6esdnWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.109.64.0/19
IPv6:
2a00:1b90::/32
Signature Algorithm: sha256WithRSAEncryption
51:9a:c4:8c:29:5b:a1:c9:15:31:4a:83:ef:5d:e7:d3:b5:7a:
12:32:db:c2:e7:53:a5:c3:21:dd:a8:2b:fa:fd:63:96:33:b6:
0d:5e:1b:dd:ed:e9:49:32:ef:1b:76:70:21:55:26:94:c8:b2:
a0:3c:15:de:a8:19:b2:88:70:5b:d1:a0:e6:e8:a9:1c:5c:3f:
7e:ff:c0:43:26:60:5d:65:a1:a5:7f:07:83:30:20:a6:45:69:
9d:2c:be:01:83:ba:e4:8a:48:fd:22:9b:09:4f:5c:cc:a9:03:
1b:8e:e9:b9:bc:fa:83:47:67:84:93:c6:5d:92:84:e5:35:1d:
a0:be:44:79:e5:16:4f:2f:86:78:d3:41:93:f0:59:39:5a:e8:
17:25:52:90:17:65:c8:90:a5:db:7e:c5:e8:c0:77:6e:e2:4f:
3a:44:59:f5:1f:74:98:51:3b:ea:d3:a7:f7:f1:2a:34:06:57:
14:a0:9c:24:8d:36:50:ff:c1:4e:da:c6:c2:e9:c8:d1:d4:ef:
f9:1a:b8:54:83:46:59:fa:a1:61:3e:4b:f2:cb:55:48:a1:2e:
ed:64:62:7a:a3:0f:d8:65:6d:d8:85:1c:01:e5:82:88:57:7f:
bb:a2:1a:3e:a4:f8:62:19:c0:92:b8:c5:b2:2e:78:d3:fd:7d:
18:92:97:de
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZTREWiWCJccyvNfy0M5j1v+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkN2I5ZGZmYWFlMzNlYzJjZjE5YjVhZDRlNDljMWU5ZWIx
ZDlkNjQwHhcNMjUwMjA0MTMwNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2IzM2IyNWFiZWE0NTMzYThiMzE4MjNmZmQwNDA1N2NjNGNmNjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5F+i2cji4LNmioMvGdDzMW69I4I
vBSVAFbU1Gsx3/g7MWVTHOtftU3upeAVZwP2VFTmOsAeNnyjd2QPaIzpisCNngTr
RxAEWdDqGqQRcFPhD4Od99nppVfWHSS+oUDjapItAOUCabS3VQOxsWwZiVfBi4ZT
EPAmTvDHZgCVC3cO9ViNhKJvUrtNpbZUzuXbutma4BWhi7S4ABYbzEshX0+2oID7
Rw+8nc8Ax9e5jHNM2mN9vlDaDV8o/VGzzINio+pPKmqU+HZ3qRL1eBmGQuO2f8l4
ImtgJLyKlh0bdDMjGSEI0TQ9SgJ9jY+IUau8GVrljfI/fSv28AaxAF34twIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBOzOyWr6kUzqLMYI//QQFfMTPZ1MB8GA1UdIwQY
MBaAFD17nf+q4z7Czxm1rU5JwenrHZ1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFh1ZF82cmpQc0xQR2JXdFRrbkI2ZXNkbldRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80OTE5NWItMjkwOS00NmUwLWFiY2Ut
NDIyNTIzYzRlNjhiLzEvRTdNN0phdnFSVE9vc3hnal85QkFWOHhNOW5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80OTE5NWItMjkwOS00NmUwLWFiY2UtNDIyNTIzYzRlNjhi
LzEvUFh1ZF82cmpQc0xQR2JXdFRrbkI2ZXNkbldRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFVm1AMA0E
AgACMAcDBQAqABuQMA0GCSqGSIb3DQEBCwUAA4IBAQBRmsSMKVuhyRUxSoPvXefT
tXoSMtvC51OlwyHdqCv6/WOWM7YNXhvd7elJMu8bdnAhVSaUyLKgPBXeqBmyiHBb
0aDm6KkcXD9+/8BDJmBdZaGlfweDMCCmRWmdLL4Bg7rkikj9IpsJT1zMqQMbjum5
vPqDR2eEk8ZdkoTlNR2gvkR55RZPL4Z400GT8Fk5WugXJVKQF2XIkKXbfsXowHdu
4k86RFn1H3SYUTvq06f38So0BlcUoJwkjTZQ/8FO2sbC6cjR1O/5GrhUg0ZZ+qFh
Pkvyy1VIoS7tZGJ6ow/YZW3YhRwB5YKIV3+7oho+pPhiGcCSuMWyLnjT/X0Ykpfe
-----END CERTIFICATE-----
Generated at Wed Apr 30 09:41:52 2025 by rpki-client