Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/b5af47-9452-4c55-bc2f-5746007cb2a3/1/iJwQHncgVx5TSbk-epHU8OHNCA4.roa
File: iJwQHncgVx5TSbk-epHU8OHNCA4.roa (raw, json)
Hash identifier: kB8KPngm35DKSBAND1qdOkHVam+wGGjS/Ew+pOA19zo=
Subject key identifier: 88:9C:10:1E:77:20:57:1E:53:49:B9:3E:7A:91:D4:F0:E1:CD:08:0E
Certificate issuer: /CN=49bd4d28c52c2f12e46a1efbe113241be00ca58f
Certificate serial: 01951D5A7657529C2DED926A66589C226F06
Authority key identifier: 49:BD:4D:28:C5:2C:2F:12:E4:6A:1E:FB:E1:13:24:1B:E0:0C:A5:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sb1NKMUsLxLkah774RMkG-AMpY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/b5af47-9452-4c55-bc2f-5746007cb2a3/1/iJwQHncgVx5TSbk-epHU8OHNCA4.roa
Signing time: Wed 19 Feb 2025 08:37:02 +0000
ROA not before: Wed 19 Feb 2025 08:37:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 2a14:9600::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 12 Mar 2025 07:34:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1d:5a:76:57:52:9c:2d:ed:92:6a:66:58:9c:22:6f:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49bd4d28c52c2f12e46a1efbe113241be00ca58f
Validity
Not Before: Feb 19 08:37:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=889c101e7720571e5349b93e7a91d4f0e1cd080e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:5d:ed:01:e2:97:b9:42:cd:5e:ba:7a:00:90:
4a:47:8e:24:51:8a:e1:c8:e4:e6:2e:0e:d2:be:a8:
6f:8b:e0:c7:bd:2e:a9:bc:85:10:6f:03:36:e1:da:
e0:e5:40:43:fb:e1:cb:7a:8d:1b:b3:57:a7:d9:61:
a0:53:a8:8b:af:1e:bb:39:9f:e4:01:00:ff:41:4e:
fd:76:f1:14:d1:ec:8a:30:20:e1:63:3b:4a:19:4a:
b7:ae:fc:71:35:59:be:87:30:6b:64:60:76:4b:ae:
72:1b:b6:f9:51:ef:2a:c4:0b:c8:4c:64:ed:a3:d5:
2f:8f:25:8a:23:8a:6f:1d:5b:d5:f3:f2:ea:89:8f:
60:ce:82:64:7a:a2:3d:91:d0:b2:1e:46:1c:68:d6:
17:49:b4:12:ac:33:e2:5e:8e:49:d0:77:e4:4b:73:
f0:67:b8:9d:e7:f5:66:f8:07:84:82:03:3e:d7:5c:
d9:39:e2:74:6d:a9:c0:1f:9f:95:58:bd:99:fa:04:
e7:d5:a9:d1:ba:14:06:d3:a8:04:4f:6f:54:18:37:
93:a9:cd:bc:d9:b9:38:d6:d4:48:f2:be:96:59:b1:
84:07:45:9f:81:ab:e0:03:ef:40:fa:a3:23:37:ac:
6c:0f:be:5c:fa:be:f0:c9:05:cc:d1:eb:af:8d:07:
2b:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:9C:10:1E:77:20:57:1E:53:49:B9:3E:7A:91:D4:F0:E1:CD:08:0E
X509v3 Authority Key Identifier:
keyid:49:BD:4D:28:C5:2C:2F:12:E4:6A:1E:FB:E1:13:24:1B:E0:0C:A5:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sb1NKMUsLxLkah774RMkG-AMpY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b5af47-9452-4c55-bc2f-5746007cb2a3/1/iJwQHncgVx5TSbk-epHU8OHNCA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b5af47-9452-4c55-bc2f-5746007cb2a3/1/Sb1NKMUsLxLkah774RMkG-AMpY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:9600::/29
Signature Algorithm: sha256WithRSAEncryption
19:5b:fc:4c:a8:b9:58:bb:a1:84:56:1b:13:a9:e3:a0:7d:c2:
32:27:12:ae:89:a0:a9:2f:0f:d8:60:90:8c:77:f5:79:84:8a:
74:37:c2:bf:34:2f:81:12:c8:df:d3:5e:52:88:94:4c:0b:37:
e3:0a:34:b3:4c:da:5e:da:61:da:d3:6d:4a:6e:48:1f:7c:ec:
a1:26:2b:d7:a8:fe:a8:4d:2e:06:df:4e:a3:46:10:4f:96:c6:
10:46:a6:03:dd:10:5a:c1:4f:9e:4b:59:1b:6b:e8:7e:98:eb:
75:73:34:c6:7a:9b:3f:e2:f1:b8:7c:61:b7:1c:5a:47:04:79:
07:78:8b:0a:9f:f4:0b:6c:4e:7d:bf:d8:7b:01:e6:a1:8c:08:
e0:ee:4e:c2:ff:f5:56:62:8d:dc:70:c2:4e:fd:76:1d:b2:e5:
fb:ed:73:ba:41:33:50:59:25:ca:d9:1d:d9:d9:c3:43:ec:ba:
7a:82:00:95:63:8f:58:86:b9:d3:07:77:85:36:79:a2:3f:6c:
b7:60:1c:7f:27:1d:24:1b:c7:41:f7:89:c5:ea:5f:c8:3d:07:
cf:18:61:f4:58:19:29:b9:bb:c8:bf:e3:be:dd:a0:20:8f:7f:
b9:e1:9a:33:c3:25:99:f0:1a:bf:53:7c:28:75:84:c8:b0:01:
b0:2d:02:6a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZUdWnZXUpwt7ZJqZlicIm8GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5YmQ0ZDI4YzUyYzJmMTJlNDZhMWVmYmUxMTMyNDFiZTAw
Y2E1OGYwHhcNMjUwMjE5MDgzNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODljMTAxZTc3MjA1NzFlNTM0OWI5M2U3YTkxZDRmMGUxY2QwODBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9V3tAeKXuULNXrp6AJBKR44kUYrh
yOTmLg7Svqhvi+DHvS6pvIUQbwM24drg5UBD++HLeo0bs1en2WGgU6iLrx67OZ/k
AQD/QU79dvEU0eyKMCDhYztKGUq3rvxxNVm+hzBrZGB2S65yG7b5Ue8qxAvITGTt
o9UvjyWKI4pvHVvV8/LqiY9gzoJkeqI9kdCyHkYcaNYXSbQSrDPiXo5J0HfkS3Pw
Z7id5/Vm+AeEggM+11zZOeJ0banAH5+VWL2Z+gTn1anRuhQG06gET29UGDeTqc28
2bk41tRI8r6WWbGEB0WfgavgA+9A+qMjN6xsD75c+r7wyQXM0euvjQcr9QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIicEB53IFceU0m5PnqR1PDhzQgOMB8GA1UdIwQY
MBaAFEm9TSjFLC8S5Goe++ETJBvgDKWPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2IxTktNVXNMeExrYWg3NzRSTWtHLUFNcFk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iNWFmNDctOTQ1Mi00YzU1LWJjMmYt
NTc0NjAwN2NiMmEzLzEvaUp3UUhuY2dWeDVUU2JrLWVwSFU4T0hOQ0E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9iNWFmNDctOTQ1Mi00YzU1LWJjMmYtNTc0NjAwN2NiMmEz
LzEvU2IxTktNVXNMeExrYWg3NzRSTWtHLUFNcFk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhSWADAN
BgkqhkiG9w0BAQsFAAOCAQEAGVv8TKi5WLuhhFYbE6njoH3CMicSromgqS8P2GCQ
jHf1eYSKdDfCvzQvgRLI39NeUoiUTAs34wo0s0zaXtph2tNtSm5IH3zsoSYr16j+
qE0uBt9Oo0YQT5bGEEamA90QWsFPnktZG2vofpjrdXM0xnqbP+LxuHxhtxxaRwR5
B3iLCp/0C2xOfb/YewHmoYwI4O5Owv/1VmKN3HDCTv12HbLl++1zukEzUFklytkd
2dnDQ+y6eoIAlWOPWIa50wd3hTZ5oj9st2AcfycdJBvHQfeJxepfyD0Hzxhh9FgZ
Kbm7yL/jvt2gII9/ueGaM8MlmfAav1N8KHWEyLABsC0Cag==
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:55:21 2025 by rpki-client