Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/6f80a8-6b6a-4d96-bf49-775f5f74d581/1/ekFJWMFoApJc7qleNhnnMFGjre8.roa
File: ekFJWMFoApJc7qleNhnnMFGjre8.roa (raw, json)
Hash identifier: lRIrBiaJLJzWGxTA7rfaM3YZ+cPNIYieb99wDsffGDk=
Subject key identifier: 7A:41:49:58:C1:68:02:92:5C:EE:A9:5E:36:19:E7:30:51:A3:AD:EF
Certificate issuer: /CN=663a24480f04d1318bf1a70dabffa4b27ef32da2
Certificate serial: 01945039C84F336B07122BDE61AC48A01CE1
Authority key identifier: 66:3A:24:48:0F:04:D1:31:8B:F1:A7:0D:AB:FF:A4:B2:7E:F3:2D:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZjokSA8E0TGL8acNq_-ksn7zLaI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/6f80a8-6b6a-4d96-bf49-775f5f74d581/1/ekFJWMFoApJc7qleNhnnMFGjre8.roa
Signing time: Fri 10 Jan 2025 12:39:11 +0000
ROA not before: Fri 10 Jan 2025 12:39:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207754
IP address blocks: 2a14:a900::/29 maxlen: 32
2a14:a900::/32 maxlen: 32
2a14:a900:fffe::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 13 Jan 2025 14:09:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:50:39:c8:4f:33:6b:07:12:2b:de:61:ac:48:a0:1c:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=663a24480f04d1318bf1a70dabffa4b27ef32da2
Validity
Not Before: Jan 10 12:39:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a414958c16802925ceea95e3619e73051a3adef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:34:fb:3b:57:57:05:09:0d:c6:54:c7:3d:4b:
72:aa:14:79:70:83:26:b1:57:fe:68:62:f2:c6:fa:
4c:99:04:5a:df:01:32:45:b0:7d:cc:33:63:0b:21:
9d:2f:59:78:e5:d4:a7:0f:13:1d:df:d4:c6:18:cd:
d3:12:d1:c8:a0:f2:9c:86:31:e0:71:6d:8a:97:25:
f8:b3:67:4e:23:4a:4d:73:b7:48:6a:ab:d5:40:cc:
ce:a3:31:cc:06:f7:85:8d:b1:22:fc:ad:7b:9a:89:
a9:ff:5e:27:80:aa:e6:04:ad:d5:7a:fd:62:3c:a8:
f5:9f:2b:17:14:0b:c5:f0:0d:4c:d1:d6:5c:f4:2c:
06:a7:8a:c1:57:cc:e0:1e:2e:b8:4d:7f:b3:3c:48:
51:0e:a8:36:c3:4a:14:cb:76:36:76:bc:9b:8e:fe:
ed:3f:a1:61:e1:47:fc:7b:ce:33:75:52:7c:5e:79:
96:63:d3:d1:5c:09:52:74:d7:7f:eb:04:52:41:16:
1e:8f:ea:6a:b7:c8:e5:9e:43:ec:bc:73:3f:ad:f9:
30:82:28:63:6a:04:eb:fb:a7:1c:ab:de:e4:aa:c2:
20:03:c3:78:23:a6:83:1d:0f:ea:05:eb:aa:e6:96:
f4:e8:95:4e:70:89:a7:b1:00:c8:8b:8d:40:fd:cc:
20:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:41:49:58:C1:68:02:92:5C:EE:A9:5E:36:19:E7:30:51:A3:AD:EF
X509v3 Authority Key Identifier:
keyid:66:3A:24:48:0F:04:D1:31:8B:F1:A7:0D:AB:FF:A4:B2:7E:F3:2D:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZjokSA8E0TGL8acNq_-ksn7zLaI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/6f80a8-6b6a-4d96-bf49-775f5f74d581/1/ekFJWMFoApJc7qleNhnnMFGjre8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/6f80a8-6b6a-4d96-bf49-775f5f74d581/1/ZjokSA8E0TGL8acNq_-ksn7zLaI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:a900::/29
Signature Algorithm: sha256WithRSAEncryption
4c:aa:45:1c:68:e7:7b:4b:82:5a:0c:56:a3:ed:c3:a9:07:c9:
f2:ca:77:7a:a6:3e:b6:5b:56:8b:c7:ff:d0:fd:90:a2:65:56:
5e:ab:eb:17:8e:35:ac:cc:36:40:02:14:9a:74:26:f0:d2:9a:
47:ce:5a:73:3c:c2:88:d7:33:af:aa:4b:9b:fa:c4:9a:60:f2:
74:de:7c:5b:6f:d8:5c:07:82:8a:fe:d1:ee:7b:f3:fc:b6:4a:
19:3b:0a:79:d7:42:ac:79:02:f5:e5:0b:bd:72:ae:12:9c:a6:
7d:7e:b8:d7:87:d3:aa:4d:48:09:99:cf:7e:4a:48:69:27:1a:
f8:ab:58:d4:42:6a:2f:68:36:5d:18:ea:05:5f:fd:0d:16:3b:
59:34:3c:98:83:43:ce:fc:2c:96:8f:d6:a0:9f:76:12:6e:ef:
fb:43:21:5c:ef:1b:c3:0d:e3:e1:43:f7:8b:bc:38:84:5e:56:
97:9d:8f:91:c8:4a:41:da:fe:9b:15:20:f8:4a:97:34:97:cd:
cd:22:c3:a5:37:de:55:60:1a:dd:b6:3d:62:cf:6a:36:07:7b:
f5:66:23:e7:2d:2d:90:ac:5b:4c:fb:d3:cb:fe:0e:6c:0a:d4:
0e:c7:3f:c9:7f:bd:18:26:85:05:dc:60:b0:37:ef:fb:f1:f2:
07:a9:af:02
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZRQOchPM2sHEiveYaxIoBzhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2M2EyNDQ4MGYwNGQxMzE4YmYxYTcwZGFiZmZhNGIyN2Vm
MzJkYTIwHhcNMjUwMTEwMTIzOTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTQxNDk1OGMxNjgwMjkyNWNlZWE5NWUzNjE5ZTczMDUxYTNhZGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjT7O1dXBQkNxlTHPUtyqhR5cIMm
sVf+aGLyxvpMmQRa3wEyRbB9zDNjCyGdL1l45dSnDxMd39TGGM3TEtHIoPKchjHg
cW2KlyX4s2dOI0pNc7dIaqvVQMzOozHMBveFjbEi/K17momp/14ngKrmBK3Vev1i
PKj1nysXFAvF8A1M0dZc9CwGp4rBV8zgHi64TX+zPEhRDqg2w0oUy3Y2drybjv7t
P6Fh4Uf8e84zdVJ8XnmWY9PRXAlSdNd/6wRSQRYej+pqt8jlnkPsvHM/rfkwgihj
agTr+6ccq97kqsIgA8N4I6aDHQ/qBeuq5pb06JVOcImnsQDIi41A/cwgdwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHpBSVjBaAKSXO6pXjYZ5zBRo63vMB8GA1UdIwQY
MBaAFGY6JEgPBNExi/GnDav/pLJ+8y2iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmpva1NBOEUwVEdMOGFjTnFfLWtzbjd6TGFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi82ZjgwYTgtNmI2YS00ZDk2LWJmNDkt
Nzc1ZjVmNzRkNTgxLzEvZWtGSldNRm9BcEpjN3FsZU5obm5NRkdqcmU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi82ZjgwYTgtNmI2YS00ZDk2LWJmNDktNzc1ZjVmNzRkNTgx
LzEvWmpva1NBOEUwVEdMOGFjTnFfLWtzbjd6TGFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhSpADAN
BgkqhkiG9w0BAQsFAAOCAQEATKpFHGjne0uCWgxWo+3DqQfJ8sp3eqY+tltWi8f/
0P2QomVWXqvrF441rMw2QAIUmnQm8NKaR85aczzCiNczr6pLm/rEmmDydN58W2/Y
XAeCiv7R7nvz/LZKGTsKeddCrHkC9eULvXKuEpymfX6414fTqk1ICZnPfkpIaSca
+KtY1EJqL2g2XRjqBV/9DRY7WTQ8mINDzvwslo/WoJ92Em7v+0MhXO8bww3j4UP3
i7w4hF5Wl52PkchKQdr+mxUg+EqXNJfNzSLDpTfeVWAa3bY9Ys9qNgd79WYj5y0t
kKxbTPvTy/4ObArUDsc/yX+9GCaFBdxgsDfv+/HyB6mvAg==
-----END CERTIFICATE-----
Generated at Sun Mar 9 20:10:30 2025 by rpki-client