Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/1-hST_TdP9lz7G_NUm-j6FsIsABg.roa
File: 1-hST_TdP9lz7G_NUm-j6FsIsABg.roa (raw, json)
Hash identifier: 4XR0/zyVIczFHBV3asxLWAI8t6O/hkHOXtv0LPosR2Y=
Subject key identifier: FA:14:93:FD:37:4F:F6:5C:FB:1B:F3:54:9B:E8:FA:16:C2:2C:00:18
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019423D704D2D0E1E3F3F164E68A61BB0EC3
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/1-hST_TdP9lz7G_NUm-j6FsIsABg.roa
Signing time: Wed 01 Jan 2025 21:48:01 +0000
ROA not before: Wed 01 Jan 2025 21:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12608
IP address blocks: 2a09:5300::/29 maxlen: 29
2a0d:8340::/29 maxlen: 29
2a0f:7b80::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 06 Feb 2025 09:38:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:04:d2:d0:e1:e3:f3:f1:64:e6:8a:61:bb:0e:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 1 21:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa1493fd374ff65cfb1bf3549be8fa16c22c0018
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e5:aa:87:3d:79:89:11:a3:9b:b9:95:c2:60:
3f:1a:5d:16:96:5d:9d:c6:6f:e8:27:1d:c1:cb:c4:
76:3c:98:dd:d5:5c:09:a8:dc:f4:a4:e6:1d:7d:be:
ad:d0:ef:0e:97:2b:c1:f7:f6:18:3b:cb:40:42:df:
eb:0d:dc:dd:0b:6b:1f:de:9d:c1:fc:a0:13:46:58:
5f:2f:75:1b:1a:40:81:e0:d7:ff:52:c9:e9:c3:04:
09:90:f9:e3:ba:f9:57:61:73:51:50:cf:a2:09:b1:
dc:e9:a2:f9:db:83:70:3e:82:38:90:c4:61:c0:bf:
df:b4:c5:d1:e2:b1:ed:b6:5c:f1:1e:a1:49:64:8e:
af:ff:3f:78:b2:ee:4a:28:ea:15:6a:1c:5e:bd:20:
6d:2b:0b:55:94:cd:48:6d:06:2b:83:7e:66:6a:b4:
a5:16:ea:c0:18:4e:a8:b5:2d:1e:11:13:49:ad:77:
ed:61:e2:9a:bb:ac:ed:ad:f1:37:4e:08:fa:6d:17:
7d:1f:ad:b4:b9:ce:c0:dc:c3:ca:13:dd:05:d2:ac:
69:39:6c:2c:d9:2f:93:5f:49:5a:77:7f:88:8e:aa:
74:e6:e9:3d:05:7c:52:c7:ad:e5:cb:f7:4c:9a:3b:
2e:3c:51:fc:f4:f7:65:74:c8:3b:4e:36:52:4a:a6:
67:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:14:93:FD:37:4F:F6:5C:FB:1B:F3:54:9B:E8:FA:16:C2:2C:00:18
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/1-hST_TdP9lz7G_NUm-j6FsIsABg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:5300::/29
2a0d:8340::/29
2a0f:7b80::/29
Signature Algorithm: sha256WithRSAEncryption
b8:fc:fb:37:fd:1f:e0:82:d0:73:59:6c:26:a7:7b:2e:fb:03:
39:31:ba:fa:7c:48:3c:73:bf:87:4d:aa:71:77:a2:49:9c:93:
b5:2b:60:bc:51:c7:0d:10:20:89:89:9f:14:e7:92:75:2a:36:
2d:2a:55:5a:3c:fc:94:4f:f8:38:91:14:f9:47:e5:91:7c:21:
5e:bb:c3:fd:78:53:a0:23:1b:49:dc:ed:10:00:39:04:bd:40:
70:1d:57:38:29:64:b7:7c:6d:c5:53:5c:3a:f6:d2:74:61:ba:
84:2f:95:f1:ce:c5:21:de:7a:92:2a:f5:5a:1b:ea:fe:21:47:
db:45:fd:07:b4:8b:ba:d6:58:34:4e:07:2a:8d:5b:60:3a:f1:
eb:82:61:d6:16:f0:03:c6:4e:9d:2c:b2:54:af:b0:2d:46:08:
6a:56:b9:d6:ba:1c:14:f9:82:ad:54:fd:b5:7a:f7:58:94:30:
11:ad:42:49:40:50:62:e2:2b:4c:f2:22:3b:d3:70:f7:78:26:
3f:6a:19:88:86:f5:41:45:d0:b7:d8:01:62:4d:f8:b8:8a:54:
4b:fa:fe:75:18:11:6e:c3:b1:8f:21:eb:e5:b6:78:db:64:c9:
ea:14:e0:29:25:3c:88:0a:97:cf:4c:83:cc:86:bd:4b:c9:06:
1b:4e:e2:dd
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQj1wTS0OHj8/Fk5ophuw7DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwMTAxMjE0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTE0OTNmZDM3NGZmNjVjZmIxYmYzNTQ5YmU4ZmExNmMyMmMwMDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+Wqhz15iRGjm7mVwmA/Gl0Wll2d
xm/oJx3By8R2PJjd1VwJqNz0pOYdfb6t0O8OlyvB9/YYO8tAQt/rDdzdC2sf3p3B
/KATRlhfL3UbGkCB4Nf/UsnpwwQJkPnjuvlXYXNRUM+iCbHc6aL524NwPoI4kMRh
wL/ftMXR4rHttlzxHqFJZI6v/z94su5KKOoVahxevSBtKwtVlM1IbQYrg35marSl
FurAGE6otS0eERNJrXftYeKau6ztrfE3Tgj6bRd9H620uc7A3MPKE90F0qxpOWws
2S+TX0lad3+Ijqp05uk9BXxSx63ly/dMmjsuPFH89PdldMg7TjZSSqZnxwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPoUk/03T/Zc+xvzVJvo+hbCLAAYMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvMS1oU1RfVGRQOWx6N0dfTlVtLWo2RnNJc0FCZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2Nk
Mi8xL3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wGwQCAAIwFQMFAyoJUwAD
BQMqDYNAAwUDKg97gDANBgkqhkiG9w0BAQsFAAOCAQEAuPz7N/0f4ILQc1lsJqd7
LvsDOTG6+nxIPHO/h02qcXeiSZyTtStgvFHHDRAgiYmfFOeSdSo2LSpVWjz8lE/4
OJEU+UflkXwhXrvD/XhToCMbSdztEAA5BL1AcB1XOClkt3xtxVNcOvbSdGG6hC+V
8c7FId56kir1Whvq/iFH20X9B7SLutZYNE4HKo1bYDrx64Jh1hbwA8ZOnSyyVK+w
LUYIala51rocFPmCrVT9tXr3WJQwEa1CSUBQYuIrTPIiO9Nw93gmP2oZiIb1QUXQ
t9gBYk34uIpUS/r+dRgRbsOxjyHr5bZ422TJ6hTgKSU8iAqXz0yDzIa9S8kGG07i
3Q==
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:26:27 2025 by rpki-client