Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/2uDxgXCmS3ptDGMknP2C33vof0Y.roa
File: 2uDxgXCmS3ptDGMknP2C33vof0Y.roa (raw, json)
Hash identifier: t7MRTtVd/FubWYJIH4ndgok6TtXjXNo7GZC/djIoL1s=
Subject key identifier: DA:E0:F1:81:70:A6:4B:7A:6D:0C:63:24:9C:FD:82:DF:7B:E8:7F:46
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0195684C8474A521A72A13DE0FBB980299BC
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/2uDxgXCmS3ptDGMknP2C33vof0Y.roa
Signing time: Wed 05 Mar 2025 21:53:19 +0000
ROA not before: Wed 05 Mar 2025 21:53:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202496
IP address blocks: 2a05:9a40::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 22 Mar 2025 18:52:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:68:4c:84:74:a5:21:a7:2a:13:de:0f:bb:98:02:99:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Mar 5 21:53:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dae0f18170a64b7a6d0c63249cfd82df7be87f46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:44:80:cd:01:71:b7:ba:22:c4:ce:17:e8:6e:
53:c3:a3:57:a2:d5:3c:ff:94:82:81:2e:a1:38:01:
3a:bd:e4:c3:6b:b1:a5:6c:57:4c:0e:c4:01:f0:6b:
89:c7:a4:0e:14:24:24:cf:af:ad:3d:dd:87:d1:ef:
2a:21:f8:a9:b5:92:37:d7:f2:43:a9:5e:07:ac:99:
5f:24:c7:48:91:f7:7a:f1:1d:e9:a3:c5:b6:1b:88:
04:00:4a:16:74:5c:05:1c:7e:71:76:70:c5:d3:c0:
ff:9d:0e:df:17:73:66:db:67:9a:74:14:e0:69:25:
46:56:45:e7:43:5c:ec:d7:45:ea:f4:73:e7:94:3a:
30:c3:a5:4b:29:58:64:eb:6c:4d:d1:87:c3:a2:cc:
39:5e:e4:d6:73:bc:d4:5e:8b:d3:11:fe:98:32:6d:
a0:f3:b9:61:fd:c4:71:9d:ff:03:c3:dd:8d:87:4d:
88:dc:18:9f:7c:b7:7d:f6:3b:1e:99:39:24:e5:96:
ee:8b:f1:53:f7:65:92:08:d6:da:0e:7d:ec:f1:ff:
37:ed:e8:22:67:d5:15:9d:af:8d:b3:7e:06:8a:55:
a7:ca:e7:d1:76:13:de:7c:ce:c8:a5:de:24:4b:be:
b1:f5:d4:6f:39:0b:dd:7a:2e:b2:63:09:b5:89:92:
a0:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:E0:F1:81:70:A6:4B:7A:6D:0C:63:24:9C:FD:82:DF:7B:E8:7F:46
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/2uDxgXCmS3ptDGMknP2C33vof0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:9a40::/29
Signature Algorithm: sha256WithRSAEncryption
91:08:89:5e:94:64:b9:65:a2:fe:33:16:2a:b0:2c:34:15:4f:
41:2a:bc:f1:14:dd:ed:b9:2a:31:ee:80:7f:6a:2d:28:c6:4d:
d6:44:9c:94:2e:f8:d7:96:58:71:a2:89:40:16:b4:f1:5a:76:
22:ec:4e:ab:0c:e3:22:eb:cf:9e:ee:0b:43:92:c6:ff:c8:fb:
11:90:53:2c:9a:a4:d1:f6:76:34:6f:16:1c:20:d5:86:8b:be:
80:f2:b9:15:14:20:d2:fd:bc:46:b3:de:13:6a:83:c8:76:39:
95:63:f7:d3:d8:f8:03:61:15:08:72:45:b5:4f:16:2c:df:7c:
66:d2:5f:97:3f:83:c0:55:51:b5:57:b9:06:b7:4a:47:5a:50:
70:77:45:95:1c:74:0a:36:d5:95:5a:5f:2c:47:aa:87:78:59:
dd:c8:a4:80:24:44:67:b4:5a:06:7b:a6:45:cd:8a:d3:5c:0a:
63:91:99:30:6f:44:5d:d2:93:91:bf:54:24:f9:f7:a8:f8:2d:
88:1c:79:5b:4c:2e:4e:3a:ff:ce:f8:4f:1a:6c:72:6e:82:5e:
be:55:2a:f8:09:12:34:69:11:c5:d4:b5:12:86:ba:73:56:4f:
e7:19:af:01:c7:d1:73:da:b2:3c:d4:ae:6b:5a:4b:2f:6e:f7:
59:0e:2a:69
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZVoTIR0pSGnKhPeD7uYApm8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwMzA1MjE1MzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWUwZjE4MTcwYTY0YjdhNmQwYzYzMjQ5Y2ZkODJkZjdiZTg3ZjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUSAzQFxt7oixM4X6G5Tw6NXotU8
/5SCgS6hOAE6veTDa7GlbFdMDsQB8GuJx6QOFCQkz6+tPd2H0e8qIfiptZI31/JD
qV4HrJlfJMdIkfd68R3po8W2G4gEAEoWdFwFHH5xdnDF08D/nQ7fF3Nm22eadBTg
aSVGVkXnQ1zs10Xq9HPnlDoww6VLKVhk62xN0YfDosw5XuTWc7zUXovTEf6YMm2g
87lh/cRxnf8Dw92Nh02I3BiffLd99jsemTkk5Zbui/FT92WSCNbaDn3s8f837egi
Z9UVna+Ns34GilWnyufRdhPefM7Ipd4kS76x9dRvOQvdei6yYwm1iZKgbQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNrg8YFwpkt6bQxjJJz9gt976H9GMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvMnVEeGdYQ21TM3B0REdNa25QMkMzM3ZvZjBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgWaQDAN
BgkqhkiG9w0BAQsFAAOCAQEAkQiJXpRkuWWi/jMWKrAsNBVPQSq88RTd7bkqMe6A
f2otKMZN1kSclC7415ZYcaKJQBa08Vp2IuxOqwzjIuvPnu4LQ5LG/8j7EZBTLJqk
0fZ2NG8WHCDVhou+gPK5FRQg0v28RrPeE2qDyHY5lWP309j4A2EVCHJFtU8WLN98
ZtJflz+DwFVRtVe5BrdKR1pQcHdFlRx0CjbVlVpfLEeqh3hZ3cikgCREZ7RaBnum
Rc2K01wKY5GZMG9EXdKTkb9UJPn3qPgtiBx5W0wuTjr/zvhPGmxyboJevlUq+AkS
NGkRxdS1Eoa6c1ZP5xmvAcfRc9qyPNSua1pLL273WQ4qaQ==
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:46:55 2025 by rpki-client