Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/1NRzl2a_G7v4H6gFJoe6eY7vfWQ.roa
File: 1NRzl2a_G7v4H6gFJoe6eY7vfWQ.roa (raw, json)
Hash identifier: iBbeKfb9LS/1s5l1Z+LvXl4d3uBt+a+2sUlafydSGGs=
Subject key identifier: D4:D4:73:97:66:BF:1B:BB:F8:1F:A8:05:26:87:BA:79:8E:EF:7D:64
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0195BF23CEC04F95E245B8E9912FFDB5D6DC
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/1NRzl2a_G7v4H6gFJoe6eY7vfWQ.roa
Signing time: Sat 22 Mar 2025 18:35:49 +0000
ROA not before: Sat 22 Mar 2025 18:35:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211507
IP address blocks: 2a13:e040::/29 maxlen: 29
2a14:6a40::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 23 Mar 2025 20:23:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:bf:23:ce:c0:4f:95:e2:45:b8:e9:91:2f:fd:b5:d6:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Mar 22 18:35:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4d4739766bf1bbbf81fa8052687ba798eef7d64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ef:cd:f9:bb:3b:c8:64:e5:36:2b:6e:b5:cb:
9a:97:de:c4:98:b1:d9:0d:c2:a0:7f:7a:86:5f:9b:
8e:fe:ac:a3:11:e6:d2:cb:48:67:02:10:48:0d:10:
92:3f:6c:b6:87:e7:01:65:79:e0:12:e1:e1:72:4c:
82:ba:04:41:5a:30:d8:0c:3b:4a:18:35:c9:5c:f7:
13:f4:8a:97:53:03:62:4a:28:9b:13:b2:31:d1:b6:
b3:18:c1:df:73:e2:32:c3:c8:f2:1f:8e:44:83:f5:
18:23:d9:f1:0a:92:5f:42:06:13:79:a5:19:f8:36:
62:4d:d6:92:fb:a8:e5:29:76:31:f9:b2:d4:7d:af:
ae:0d:66:44:b3:55:57:d3:7a:c8:c1:f7:53:2e:a5:
b0:90:29:8f:52:30:5b:9e:bb:29:ac:a2:38:23:1f:
48:ac:40:d2:e5:78:80:6d:61:ac:1e:f3:0d:87:9a:
e0:19:44:29:c3:c3:e5:2e:7e:f6:c8:8f:30:93:24:
fe:72:13:95:25:4a:d2:02:5e:e1:48:ae:e0:9f:fa:
5d:f0:23:a5:bb:44:e4:ef:b6:b0:3c:8c:a6:5d:89:
a3:95:90:e8:67:5a:f0:bd:c1:93:48:89:5b:1d:61:
58:09:76:59:52:77:35:2c:8f:1f:5e:2b:ee:22:3b:
11:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:D4:73:97:66:BF:1B:BB:F8:1F:A8:05:26:87:BA:79:8E:EF:7D:64
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/1NRzl2a_G7v4H6gFJoe6eY7vfWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:e040::/29
2a14:6a40::/29
Signature Algorithm: sha256WithRSAEncryption
56:e1:d5:db:96:4a:3d:b8:72:97:75:e1:3a:1e:da:76:bd:9b:
0a:83:95:f0:cb:92:78:ec:4d:91:92:40:37:70:77:26:4c:b8:
64:05:f4:14:b3:4b:b1:10:c6:1e:46:3c:2c:ae:56:d4:f6:bd:
a4:e3:e5:b7:b5:f5:f9:68:ce:4d:91:bb:e6:8b:5f:1c:45:8a:
a6:28:4c:ad:6e:5e:4a:7d:7b:25:9d:43:d3:41:77:e5:a5:ea:
41:e3:3f:c5:56:e3:e8:bc:81:2e:05:f8:cf:7d:54:ef:20:b8:
63:33:85:ab:49:11:09:6c:25:a2:79:71:53:df:a0:23:0f:74:
aa:51:70:1a:13:3d:a4:18:bc:fd:ed:fa:3d:97:55:ee:1c:a0:
cf:c0:22:ff:b2:d4:a1:34:18:42:7f:01:b7:8d:96:69:ca:f9:
c1:2e:3a:74:07:ec:1c:cc:35:c1:d9:74:18:6a:90:80:c7:de:
88:95:2f:27:cc:f6:88:15:77:4c:c7:73:b8:d0:0f:5d:f9:94:
2e:5a:4e:3e:ff:4a:33:3d:af:07:84:5d:12:bc:cb:d0:8e:c2:
a6:ec:c9:21:ca:18:5c:66:18:81:60:45:fb:73:9f:97:52:d6:
9e:40:ed:b3:6c:2c:12:b0:14:38:98:9f:d5:92:2c:ad:3e:81:
54:a7:cb:6c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZW/I87AT5XiRbjpkS/9tdbcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwMzIyMTgzNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGQ0NzM5NzY2YmYxYmJiZjgxZmE4MDUyNjg3YmE3OThlZWY3ZDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAve/N+bs7yGTlNitutcual97EmLHZ
DcKgf3qGX5uO/qyjEebSy0hnAhBIDRCSP2y2h+cBZXngEuHhckyCugRBWjDYDDtK
GDXJXPcT9IqXUwNiSiibE7Ix0bazGMHfc+Iyw8jyH45Eg/UYI9nxCpJfQgYTeaUZ
+DZiTdaS+6jlKXYx+bLUfa+uDWZEs1VX03rIwfdTLqWwkCmPUjBbnrsprKI4Ix9I
rEDS5XiAbWGsHvMNh5rgGUQpw8PlLn72yI8wkyT+chOVJUrSAl7hSK7gn/pd8COl
u0Tk77awPIymXYmjlZDoZ1rwvcGTSIlbHWFYCXZZUnc1LI8fXivuIjsREwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNTUc5dmvxu7+B+oBSaHunmO731kMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvMU5SemwyYV9HN3Y0SDZnRkpvZTZlWTd2ZldRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhPgQAMF
AyoUakAwDQYJKoZIhvcNAQELBQADggEBAFbh1duWSj24cpd14Toe2na9mwqDlfDL
knjsTZGSQDdwdyZMuGQF9BSzS7EQxh5GPCyuVtT2vaTj5be19flozk2Ru+aLXxxF
iqYoTK1uXkp9eyWdQ9NBd+Wl6kHjP8VW4+i8gS4F+M99VO8guGMzhatJEQlsJaJ5
cVPfoCMPdKpRcBoTPaQYvP3t+j2XVe4coM/AIv+y1KE0GEJ/AbeNlmnK+cEuOnQH
7BzMNcHZdBhqkIDH3oiVLyfM9ogVd0zHc7jQD135lC5aTj7/SjM9rweEXRK8y9CO
wqbsySHKGFxmGIFgRftzn5dS1p5A7bNsLBKwFDiYn9WSLK0+gVSny2w=
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:44:39 2025 by rpki-client