Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/1-FzbKtmm6wsEG_ZXThaDU-kUycs.roa
File: 1-FzbKtmm6wsEG_ZXThaDU-kUycs.roa (raw, json)
Hash identifier: yTNX6399mgX05cWODnq3gHuKtPtdlhp0wLC1z2Qhegc=
Subject key identifier: F8:5C:DB:2A:D9:A6:EB:0B:04:1B:F6:57:4E:16:83:53:E9:14:C9:CB
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 019423D7BFD0D67709087BDAB917DC604C23
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/1-FzbKtmm6wsEG_ZXThaDU-kUycs.roa
Signing time: Wed 01 Jan 2025 21:48:49 +0000
ROA not before: Wed 01 Jan 2025 21:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214477
IP address blocks: 2a12:6f40::/29 maxlen: 29
2a12:7740::/29 maxlen: 32
Validation: Failed, certificate revoked on Wed 15 Jan 2025 18:27:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:bf:d0:d6:77:09:08:7b:da:b9:17:dc:60:4c:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Jan 1 21:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f85cdb2ad9a6eb0b041bf6574e168353e914c9cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:59:b7:96:86:4e:8e:83:68:ce:f0:98:8f:f5:
0d:1c:2b:a1:26:f3:dd:af:45:60:e6:90:91:bb:b0:
ef:55:20:c4:11:2d:24:d1:14:ff:ba:a8:33:78:72:
a3:15:15:a4:97:27:7e:8e:05:f2:63:be:0f:71:70:
01:76:73:bf:a8:73:db:36:b1:c1:68:f0:8d:ab:20:
09:e3:b6:c3:0a:ce:90:c8:5b:86:e9:02:4a:de:68:
9b:4e:b1:50:bc:8a:fc:e7:d9:3b:06:48:b4:d6:d2:
e9:26:9d:f7:41:6b:45:ff:1d:88:1e:79:38:21:cc:
01:51:94:c9:66:6f:71:91:b9:56:9a:3d:61:b2:4a:
e7:93:15:1f:a7:88:7d:04:94:df:2e:83:a2:83:5b:
41:b7:0e:e7:e1:39:46:24:4e:df:d7:25:13:43:d6:
03:80:24:77:0e:4b:eb:01:5d:ec:c6:fe:9e:c5:95:
de:c5:ce:0c:6b:fb:42:26:e1:8a:b1:72:f1:c4:dd:
0f:75:8d:2d:44:4d:d6:e6:76:21:85:4d:ef:a4:0a:
87:b0:52:65:cf:20:e8:1d:5e:90:9f:47:30:e8:16:
b1:b3:6f:a3:01:d4:c7:3b:ac:92:0d:f0:c6:17:20:
b0:79:0e:52:a7:80:4a:ed:9b:e1:bb:0e:96:d2:f7:
7e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:5C:DB:2A:D9:A6:EB:0B:04:1B:F6:57:4E:16:83:53:E9:14:C9:CB
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/1-FzbKtmm6wsEG_ZXThaDU-kUycs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:6f40::/29
2a12:7740::/29
Signature Algorithm: sha256WithRSAEncryption
80:8f:6c:0f:36:75:c0:0f:ea:cb:4a:35:c0:46:90:2f:0a:96:
4b:19:6e:9b:03:61:f7:3a:8e:a8:d0:78:58:c1:c9:5f:73:99:
a5:29:d0:4d:38:57:d5:5b:67:18:7a:20:8c:21:84:e6:30:c2:
8b:31:f6:7b:40:31:aa:fb:c5:2e:e9:ab:06:60:1b:e0:89:1d:
48:c9:5d:2e:f8:7b:23:d6:a7:21:47:39:64:a4:07:fb:ad:7b:
bb:42:ab:be:1a:8a:f3:8d:66:24:e8:57:b9:c3:79:5b:3f:be:
b9:45:3b:08:09:49:fe:63:a8:6f:63:c4:46:a2:8d:dd:4c:b4:
f2:2b:88:8b:94:04:bf:c1:b8:d5:31:5b:55:ec:dc:25:29:7e:
ea:d7:c7:51:aa:93:47:b7:7a:2c:e6:34:01:a7:20:7e:5f:92:
74:33:5f:fb:d0:b6:67:a7:46:22:3b:76:b2:3f:d9:c5:19:89:
94:29:f5:b7:05:0a:72:0f:da:14:d0:98:30:27:ab:b6:cf:bb:
4a:63:52:df:21:f9:3a:bf:eb:aa:58:aa:76:b4:ab:86:6e:75:
76:fc:b6:69:bf:17:aa:f9:fb:70:fc:fe:57:e9:78:f8:00:78:
76:ef:4d:12:ec:11:2b:86:70:8c:81:0e:b7:6e:b1:b5:96:8d:
f4:c2:67:a8
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAZQj17/Q1ncJCHvauRfcYEwjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjUwMTAxMjE0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODVjZGIyYWQ5YTZlYjBiMDQxYmY2NTc0ZTE2ODM1M2U5MTRjOWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVm3loZOjoNozvCYj/UNHCuhJvPd
r0Vg5pCRu7DvVSDEES0k0RT/uqgzeHKjFRWklyd+jgXyY74PcXABdnO/qHPbNrHB
aPCNqyAJ47bDCs6QyFuG6QJK3mibTrFQvIr859k7Bki01tLpJp33QWtF/x2IHnk4
IcwBUZTJZm9xkblWmj1hskrnkxUfp4h9BJTfLoOig1tBtw7n4TlGJE7f1yUTQ9YD
gCR3DkvrAV3sxv6exZXexc4Ma/tCJuGKsXLxxN0PdY0tRE3W5nYhhU3vpAqHsFJl
zyDoHV6Qn0cw6Baxs2+jAdTHO6ySDfDGFyCweQ5Sp4BK7Zvhuw6W0vd+wQIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFPhc2yrZpusLBBv2V04Wg1PpFMnLMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvMS1GemJLdG1tNndzRUdfWlhUaGFEVS1rVXljcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTEvNzU3YjU2LTdiNTctNDhhMC05YTc1LWEyYTRjNmE2MjFj
ZC8xL0dKMXJWZGFtaU81ZU00R0lPN1d2YUVNeWR1TS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAIwDgMFAyoSb0AD
BQMqEndAMA0GCSqGSIb3DQEBCwUAA4IBAQCAj2wPNnXAD+rLSjXARpAvCpZLGW6b
A2H3Oo6o0HhYwclfc5mlKdBNOFfVW2cYeiCMIYTmMMKLMfZ7QDGq+8Uu6asGYBvg
iR1IyV0u+Hsj1qchRzlkpAf7rXu7Qqu+GorzjWYk6Fe5w3lbP765RTsICUn+Y6hv
Y8RGoo3dTLTyK4iLlAS/wbjVMVtV7NwlKX7q18dRqpNHt3os5jQBpyB+X5J0M1/7
0LZnp0YiO3ayP9nFGYmUKfW3BQpyD9oU0JgwJ6u2z7tKY1LfIfk6v+uqWKp2tKuG
bnV2/LZpvxeq+ftw/P5X6Xj4AHh2700S7BErhnCMgQ63brG1lo30wmeo
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:28:25 2025 by rpki-client