Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/GnMpEQsw_8JEqI3U40e4hNwReio.roa
File: GnMpEQsw_8JEqI3U40e4hNwReio.roa (raw, json)
Hash identifier: xPZ7FUbRuLZRVIHgG9uVMkyujGCs3LFwcL7aC26PJFI=
Subject key identifier: 1A:73:29:11:0B:30:FF:C2:44:A8:8D:D4:E3:47:B8:84:DC:11:7A:2A
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 01957F72BADF36E5AFAA9DAE6DA4B335EE35
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/GnMpEQsw_8JEqI3U40e4hNwReio.roa
Signing time: Mon 10 Mar 2025 09:46:20 +0000
ROA not before: Mon 10 Mar 2025 09:46:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206873
IP address blocks: 2a0d:cdc5::/32 maxlen: 32
2a0e:eec4::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 13 Mar 2025 17:27:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7f:72:ba:df:36:e5:af:aa:9d:ae:6d:a4:b3:35:ee:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Mar 10 09:46:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a7329110b30ffc244a88dd4e347b884dc117a2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:aa:3c:64:70:fb:71:0e:0a:91:61:eb:56:dd:
8a:85:70:ba:01:bf:e1:c8:bf:bf:51:ad:bb:2d:a9:
4f:ad:33:c0:b7:4b:04:c9:45:0f:29:54:c7:ef:d9:
78:3b:5b:fc:33:fd:32:f0:f6:82:b5:aa:2c:e6:0e:
b1:b2:a8:52:07:95:53:dc:02:4e:cf:e8:8f:77:41:
aa:f2:c0:1d:57:1f:d7:88:54:ff:3e:ba:48:db:aa:
81:63:91:1f:ed:a2:d8:16:f5:ce:23:aa:f9:b8:15:
78:a1:51:25:06:30:39:c9:7f:ab:90:af:64:86:d6:
0d:8d:99:82:6b:5c:dc:d7:6e:a4:96:f6:5e:5a:de:
74:3c:47:aa:3b:13:79:f8:93:cd:38:75:44:d2:9f:
c7:ea:8a:18:0b:96:51:27:26:db:f8:92:97:67:cd:
36:40:0c:27:f9:66:d5:46:10:4e:74:4e:6b:c2:9b:
ea:c3:9e:dc:a9:5a:bb:50:f3:92:68:95:03:8b:35:
8d:61:87:2d:ed:bf:a7:4b:a1:f4:14:ad:97:62:30:
b9:4e:86:3c:3c:53:b9:1f:d0:6a:c9:b1:52:be:e9:
6c:92:87:a5:25:01:72:64:e9:96:28:92:e6:2b:ce:
33:ae:a8:e7:7e:c3:93:b4:80:65:38:18:09:b5:3f:
7b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:73:29:11:0B:30:FF:C2:44:A8:8D:D4:E3:47:B8:84:DC:11:7A:2A
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/GnMpEQsw_8JEqI3U40e4hNwReio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:cdc5::/32
2a0e:eec4::/32
Signature Algorithm: sha256WithRSAEncryption
a8:2c:cf:83:38:e5:8c:8e:16:7f:90:b8:39:80:66:68:2b:df:
08:15:eb:6d:26:92:9e:3f:2f:3c:0a:82:41:91:c4:6e:94:01:
dd:98:0f:75:db:73:43:22:a3:83:a8:a6:4c:f1:e5:54:fd:70:
b3:ee:aa:7e:f7:27:c4:65:0b:8e:1c:f6:85:44:e0:bb:7c:39:
ee:7b:c9:a2:d4:c1:c0:16:14:5f:aa:f8:c1:14:8a:5e:62:4c:
9f:34:6c:3f:8b:ea:4a:8d:a5:78:9c:0a:9e:6e:22:a2:0e:ea:
7e:fa:1c:ed:bf:98:b9:f9:9f:9b:4a:e9:09:7d:ae:fb:54:b8:
a6:2e:1c:be:3a:4f:37:90:c0:b3:20:6f:6e:60:da:2b:d9:69:
06:11:e2:a3:cd:65:cc:e4:75:6e:19:d8:90:dc:f7:42:c5:19:
ee:44:6f:4d:52:42:68:51:7f:f6:21:2b:30:4f:a2:ee:1d:ea:
1e:38:bd:53:cb:c2:85:1b:c5:96:9e:10:90:b9:a4:b7:66:c7:
ca:2c:a7:78:9d:86:76:db:d4:e7:9b:3d:16:3e:e4:f3:3f:3a:
52:bb:d0:a7:2e:14:12:37:99:90:34:ec:bb:0b:5d:24:a7:c9:
95:90:1c:2f:bd:52:63:b6:99:eb:7a:4e:10:fe:a3:4a:03:60:
b9:09:f6:92
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZV/crrfNuWvqp2ubaSzNe41MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjUwMzEwMDk0NjIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTczMjkxMTBiMzBmZmMyNDRhODhkZDRlMzQ3Yjg4NGRjMTE3YTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3qo8ZHD7cQ4KkWHrVt2KhXC6Ab/h
yL+/Ua27LalPrTPAt0sEyUUPKVTH79l4O1v8M/0y8PaCtaos5g6xsqhSB5VT3AJO
z+iPd0Gq8sAdVx/XiFT/PrpI26qBY5Ef7aLYFvXOI6r5uBV4oVElBjA5yX+rkK9k
htYNjZmCa1zc126klvZeWt50PEeqOxN5+JPNOHVE0p/H6ooYC5ZRJybb+JKXZ802
QAwn+WbVRhBOdE5rwpvqw57cqVq7UPOSaJUDizWNYYct7b+nS6H0FK2XYjC5ToY8
PFO5H9BqybFSvulskoelJQFyZOmWKJLmK84zrqjnfsOTtIBlOBgJtT97BQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBpzKRELMP/CRKiN1ONHuITcEXoqMB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvR25NcEVRc3dfOEpFcUkzVTQwZTRoTndSZWlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg3NxQMF
ACoO7sQwDQYJKoZIhvcNAQELBQADggEBAKgsz4M45YyOFn+QuDmAZmgr3wgV620m
kp4/LzwKgkGRxG6UAd2YD3Xbc0Mio4Oopkzx5VT9cLPuqn73J8RlC44c9oVE4Lt8
Oe57yaLUwcAWFF+q+MEUil5iTJ80bD+L6kqNpXicCp5uIqIO6n76HO2/mLn5n5tK
6Ql9rvtUuKYuHL46TzeQwLMgb25g2ivZaQYR4qPNZczkdW4Z2JDc90LFGe5Eb01S
QmhRf/YhKzBPou4d6h44vVPLwoUbxZaeEJC5pLdmx8osp3idhnbb1OebPRY+5PM/
OlK70KcuFBI3mZA07LsLXSSnyZWQHC+9UmO2met6ThD+o0oDYLkJ9pI=
-----END CERTIFICATE-----
Generated at Tue Apr 8 23:56:16 2025 by rpki-client