Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/5tBYqDx1JZL7PMnvfuZ8acHktfM.roa
File: 5tBYqDx1JZL7PMnvfuZ8acHktfM.roa (raw, json)
Hash identifier: BTYNd9CMXNurVAKTeKDs4MIW8FAnfFwuOgeZmOixZzE=
Subject key identifier: E6:D0:58:A8:3C:75:25:92:FB:3C:C9:EF:7E:E6:7C:69:C1:E4:B5:F3
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0195AE8CAD9D202C143868ED5A516BDD8BCA
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/5tBYqDx1JZL7PMnvfuZ8acHktfM.roa
Signing time: Wed 19 Mar 2025 13:16:49 +0000
ROA not before: Wed 19 Mar 2025 13:16:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2a0b:ac00::/29 maxlen: 29
2a13:c240::/29 maxlen: 29
2a13:e040::/29 maxlen: 29
2a14:1100::/29 maxlen: 29
2a14:62c0::/29 maxlen: 29
2a14:6a40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 20 Mar 2025 12:33:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ae:8c:ad:9d:20:2c:14:38:68:ed:5a:51:6b:dd:8b:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Mar 19 13:16:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e6d058a83c752592fb3cc9ef7ee67c69c1e4b5f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f8:22:56:12:ae:51:d1:64:ef:c9:35:2e:7d:
3c:43:49:40:2b:13:14:b0:50:af:cb:bc:7f:c5:b2:
28:df:e9:1b:91:17:da:a2:5b:62:7a:f3:ca:58:5b:
01:55:f0:34:2b:aa:67:c5:fd:51:e7:5b:5a:1c:ea:
39:08:66:8a:60:08:57:97:7c:fc:20:66:35:d8:f9:
dc:48:c1:5f:94:24:55:a2:9f:f0:56:59:1b:b0:e5:
9f:01:de:2f:5c:50:91:f5:42:6a:a7:e3:9c:0b:01:
35:61:b9:ee:c6:30:19:c2:de:c3:62:e0:58:28:f3:
f0:96:8d:20:d7:8d:5f:d4:e9:d5:54:7f:43:f9:8b:
6f:11:0e:f9:c7:03:7b:ad:21:b0:5c:c3:69:3b:44:
36:64:7f:10:eb:9c:6e:18:42:0b:52:cf:1e:fa:13:
00:5f:96:74:07:4b:6c:ce:f9:b6:1e:9a:29:83:35:
5a:23:eb:e4:0d:2a:f7:a6:27:d3:66:6f:fc:0c:7d:
a1:94:fa:8c:b4:dd:36:bf:f1:81:50:97:4b:31:fb:
ca:40:00:20:4a:cc:2e:dc:b9:16:30:ab:3d:fd:29:
46:6a:9d:64:fb:21:52:27:63:80:a0:66:20:10:5d:
b9:3b:e8:56:66:c1:21:e7:38:a0:26:ee:51:0d:48:
27:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:D0:58:A8:3C:75:25:92:FB:3C:C9:EF:7E:E6:7C:69:C1:E4:B5:F3
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/5tBYqDx1JZL7PMnvfuZ8acHktfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:ac00::/29
2a13:c240::/29
2a13:e040::/29
2a14:1100::/29
2a14:62c0::/29
2a14:6a40::/29
Signature Algorithm: sha256WithRSAEncryption
79:a1:28:88:9c:b2:37:d1:65:c2:21:5a:df:1d:62:10:ba:bf:
0f:e4:4c:99:11:c9:40:db:9b:00:01:3f:1d:aa:05:78:b2:c1:
18:69:5b:97:55:2e:f4:74:79:fa:79:35:15:71:f9:c9:48:ec:
f9:57:15:12:49:08:48:d6:8b:ab:e0:cb:9f:21:f2:e6:4e:e9:
70:30:76:05:08:a6:28:6b:04:39:60:0c:a7:ee:76:2a:03:38:
6a:98:61:82:01:e3:0e:5f:0a:b2:c6:76:14:d1:d0:7c:31:da:
3d:29:3c:b2:62:98:bb:ad:54:24:a6:18:a2:e7:c0:c0:f6:56:
45:50:37:b2:4f:95:5f:15:f4:7f:b2:4f:59:37:13:4f:a5:cc:
40:4d:8c:fe:94:81:a4:55:3e:44:41:00:18:9f:d1:e2:4f:0c:
da:01:53:01:bd:bb:5b:af:7e:ea:0c:9c:14:ab:0f:83:43:67:
94:b9:af:6a:7e:3f:1c:d8:e1:38:52:e4:57:23:2a:d1:c2:0f:
d4:b6:45:5c:d7:6e:b5:e0:7b:0a:5a:29:22:2f:32:80:e3:d2:
0f:2a:91:74:bb:d4:38:a5:bf:f4:eb:16:f5:cc:f1:45:c2:20:
89:13:b4:a8:35:92:f5:c9:8b:95:b4:7f:9c:bf:7d:27:4a:2f:
cc:f0:a5:62
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZWujK2dICwUOGjtWlFr3YvKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwMzE5MTMxNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmQwNThhODNjNzUyNTkyZmIzY2M5ZWY3ZWU2N2M2OWMxZTRiNWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfgiVhKuUdFk78k1Ln08Q0lAKxMU
sFCvy7x/xbIo3+kbkRfaoltievPKWFsBVfA0K6pnxf1R51taHOo5CGaKYAhXl3z8
IGY12PncSMFflCRVop/wVlkbsOWfAd4vXFCR9UJqp+OcCwE1YbnuxjAZwt7DYuBY
KPPwlo0g141f1OnVVH9D+YtvEQ75xwN7rSGwXMNpO0Q2ZH8Q65xuGEILUs8e+hMA
X5Z0B0tszvm2HpopgzVaI+vkDSr3pifTZm/8DH2hlPqMtN02v/GBUJdLMfvKQAAg
Sswu3LkWMKs9/SlGap1k+yFSJ2OAoGYgEF25O+hWZsEh5zigJu5RDUgnYQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFObQWKg8dSWS+zzJ737mfGnB5LXzMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvNXRCWXFEeDFKWkw3UE1udmZ1WjhhY0hrdGZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKgusAAMF
AyoTwkADBQMqE+BAAwUDKhQRAAMFAyoUYsADBQMqFGpAMA0GCSqGSIb3DQEBCwUA
A4IBAQB5oSiInLI30WXCIVrfHWIQur8P5EyZEclA25sAAT8dqgV4ssEYaVuXVS70
dHn6eTUVcfnJSOz5VxUSSQhI1our4MufIfLmTulwMHYFCKYoawQ5YAyn7nYqAzhq
mGGCAeMOXwqyxnYU0dB8Mdo9KTyyYpi7rVQkphii58DA9lZFUDeyT5VfFfR/sk9Z
NxNPpcxATYz+lIGkVT5EQQAYn9HiTwzaAVMBvbtbr37qDJwUqw+DQ2eUua9qfj8c
2OE4UuRXIyrRwg/UtkVc12614HsKWikiLzKA49IPKpF0u9Q4pb/06xb1zPFFwiCJ
E7SoNZL1yYuVtH+cv30nSi/M8KVi
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:40:03 2025 by rpki-client