Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/3WO6Ar-FDtnu5-F0ONe5aj6-ORY.roa
File: 3WO6Ar-FDtnu5-F0ONe5aj6-ORY.roa (raw, json)
Hash identifier: eJCg7kc8IabdsNY/7yqDFmMrQ2vbKmrxl0UAvDOfyoc=
Subject key identifier: DD:63:BA:02:BF:85:0E:D9:EE:E7:E1:74:38:D7:B9:6A:3E:BE:39:16
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0195BF318A428B33B1C0DFC81B38CED1FD80
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/3WO6Ar-FDtnu5-F0ONe5aj6-ORY.roa
Signing time: Sat 22 Mar 2025 18:50:49 +0000
ROA not before: Sat 22 Mar 2025 18:50:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204335
IP address blocks: 2a14:1101:8000::/33 maxlen: 33
Validation: Failed, certificate revoked on Mon 24 Mar 2025 06:48:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:bf:31:8a:42:8b:33:b1:c0:df:c8:1b:38:ce:d1:fd:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Mar 22 18:50:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd63ba02bf850ed9eee7e17438d7b96a3ebe3916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2a:48:27:98:5b:66:e8:27:a6:76:02:9b:dc:
53:a1:ac:da:34:dc:d2:17:b0:bb:e1:b1:7e:ed:11:
f2:af:a2:8a:69:91:de:4f:c5:a2:bc:38:13:16:b5:
c3:a2:41:30:83:16:f1:91:ee:08:27:31:85:f1:8e:
c2:47:7b:58:a1:66:bc:22:41:e4:e3:a0:c5:0c:3e:
b4:50:a2:ed:f9:41:18:d3:9f:76:4e:7d:44:31:c8:
74:0a:f2:9f:bd:de:83:1d:2a:9e:ce:bc:56:c1:46:
67:60:cd:7d:de:c8:44:e1:e1:b3:f3:20:79:83:36:
ff:24:88:fe:fb:46:44:5c:f3:22:6d:62:41:dc:8c:
6b:16:6f:95:e4:97:b8:08:8b:57:0b:09:ff:9b:62:
11:64:06:09:1c:b7:41:09:68:a9:a2:3c:52:74:96:
84:ed:4c:ca:37:ed:bb:6c:eb:e8:70:78:9c:b5:56:
1f:b6:4d:fd:22:4c:d2:d2:e7:2b:18:ec:8a:4e:2e:
b4:3b:a2:bc:18:e9:4e:23:cf:5f:83:a0:09:1c:ff:
45:07:f9:f2:63:ff:09:cc:3a:71:d3:a9:aa:46:b8:
1a:8d:a8:08:52:ce:e4:31:73:37:32:40:95:c5:72:
1e:0a:5c:65:dd:83:c5:ea:20:ae:03:03:d0:6a:ff:
43:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:63:BA:02:BF:85:0E:D9:EE:E7:E1:74:38:D7:B9:6A:3E:BE:39:16
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/3WO6Ar-FDtnu5-F0ONe5aj6-ORY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1101:8000::/33
Signature Algorithm: sha256WithRSAEncryption
72:be:34:aa:a5:df:5d:c4:30:a2:6a:27:a5:67:b0:c1:47:03:
6e:11:97:b8:10:88:89:07:0d:b3:ca:88:72:a5:63:0c:b8:0b:
b5:01:33:1d:48:49:3b:26:4a:04:f6:4d:f0:63:77:70:18:30:
a0:ae:19:ea:b8:3f:b4:d8:07:6a:ef:89:73:df:7c:d9:fd:27:
a8:e3:5a:b0:1b:0f:2e:40:1a:fc:37:5d:b7:3e:f3:55:2c:04:
5f:ad:b1:d8:26:b8:ee:c4:19:a3:c2:d5:54:c5:15:61:2c:86:
b0:c8:a5:1a:79:57:14:6d:ac:fd:6e:87:d5:b0:71:24:ef:f3:
f8:10:c3:8a:d2:ca:40:55:13:7f:ec:56:68:42:f5:67:2f:95:
cf:76:d1:1c:aa:58:b9:34:33:9e:a4:de:eb:f3:70:f4:5a:44:
a7:69:75:02:44:4a:e9:fc:a2:09:54:54:52:57:cd:6b:d4:ef:
1c:68:2d:7f:90:c4:26:cb:14:c8:e3:74:4a:7f:ce:ce:b6:2f:
2e:84:2b:7f:7d:31:ca:6d:61:23:3c:f2:80:d4:aa:40:1c:ad:
41:a4:2f:66:5c:2a:58:78:d0:63:c2:9b:cf:d1:42:a6:93:57:
b2:1c:77:ef:81:1a:47:ef:f7:45:b1:af:f3:c5:7c:aa:0f:26:
22:e2:38:9b
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZW/MYpCizOxwN/IGzjO0f2AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwMzIyMTg1MDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDYzYmEwMmJmODUwZWQ5ZWVlN2UxNzQzOGQ3Yjk2YTNlYmUzOTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvipIJ5hbZugnpnYCm9xToazaNNzS
F7C74bF+7RHyr6KKaZHeT8WivDgTFrXDokEwgxbxke4IJzGF8Y7CR3tYoWa8IkHk
46DFDD60UKLt+UEY0592Tn1EMch0CvKfvd6DHSqezrxWwUZnYM193shE4eGz8yB5
gzb/JIj++0ZEXPMibWJB3IxrFm+V5Je4CItXCwn/m2IRZAYJHLdBCWipojxSdJaE
7UzKN+27bOvocHictVYftk39IkzS0ucrGOyKTi60O6K8GOlOI89fg6AJHP9FB/ny
Y/8JzDpx06mqRrgajagIUs7kMXM3MkCVxXIeClxl3YPF6iCuAwPQav9D6wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFN1jugK/hQ7Z7ufhdDjXuWo+vjkWMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvM1dPNkFyLUZEdG51NS1GME9OZTVhajYtT1JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYHKhQRAYAw
DQYJKoZIhvcNAQELBQADggEBAHK+NKql313EMKJqJ6VnsMFHA24Rl7gQiIkHDbPK
iHKlYwy4C7UBMx1ISTsmSgT2TfBjd3AYMKCuGeq4P7TYB2rviXPffNn9J6jjWrAb
Dy5AGvw3Xbc+81UsBF+tsdgmuO7EGaPC1VTFFWEshrDIpRp5VxRtrP1uh9WwcSTv
8/gQw4rSykBVE3/sVmhC9Wcvlc920RyqWLk0M56k3uvzcPRaRKdpdQJESun8oglU
VFJXzWvU7xxoLX+QxCbLFMjjdEp/zs62Ly6EK399McptYSM88oDUqkAcrUGkL2Zc
Klh40GPCm8/RQqaTV7Icd++BGkfv90Wxr/PFfKoPJiLiOJs=
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:12:16 2025 by rpki-client