Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/6RocuyUs0oZP6DB76uEGU8O-qEw.roa
File: 6RocuyUs0oZP6DB76uEGU8O-qEw.roa (raw, json)
Hash identifier: GHWdBA/qhE+2ZebMwLDZHSg4/2qA/fwgEFS3tC9fP6w=
Subject key identifier: E9:1A:1C:BB:25:2C:D2:86:4F:E8:30:7B:EA:E1:06:53:C3:BE:A8:4C
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01940D9B744A5950FD1761178B49797B4020
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/6RocuyUs0oZP6DB76uEGU8O-qEw.roa
Signing time: Sat 28 Dec 2024 14:11:19 +0000
ROA not before: Sat 28 Dec 2024 14:11:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212477
IP address blocks: 2a0b:ac00::/29 maxlen: 29
2a13:c240::/29 maxlen: 29
2a14:1100::/29 maxlen: 29
2a14:62c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 29 Dec 2024 08:12:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:0d:9b:74:4a:59:50:fd:17:61:17:8b:49:79:7b:40:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Dec 28 14:11:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e91a1cbb252cd2864fe8307beae10653c3bea84c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:0c:7b:e0:7f:ed:20:61:41:45:00:89:1f:c2:
2e:c0:ef:f4:6b:67:9b:cd:ac:a2:7e:2f:59:f8:f1:
48:a2:ef:30:d9:61:bf:58:75:a1:fe:d1:9c:28:3e:
38:44:2c:67:6b:0d:b0:90:e1:f1:49:ba:21:87:c5:
8f:89:28:2f:db:45:0b:e3:a0:dd:d9:76:dd:84:d9:
2f:2b:83:9c:c4:a7:92:ed:0d:b1:50:09:b7:e7:13:
85:50:d4:cd:94:d7:51:21:7d:c3:1f:30:69:5f:e1:
29:3c:43:80:87:1d:bc:e1:d1:c9:0c:9d:03:21:e3:
ab:05:f7:6c:e8:06:7c:98:eb:07:f5:55:60:c1:cd:
b2:6f:99:23:09:ce:fe:29:06:e1:60:4a:ae:52:79:
e3:66:63:15:d5:8f:dc:33:d6:ff:78:10:50:3b:20:
37:23:a9:af:7f:eb:87:4e:a4:69:de:41:c2:70:1f:
55:82:0c:b5:dd:43:91:16:d4:4b:1c:eb:5e:66:fd:
a8:1c:53:3d:3d:aa:f0:74:2b:04:01:3b:e0:b1:90:
81:81:9d:b4:73:ae:cd:99:eb:43:e6:6f:01:53:a0:
4b:5f:ab:5f:fa:b5:47:b1:54:e2:c1:fd:1f:c2:df:
08:c8:4a:35:6d:da:b0:25:10:e0:7e:f1:0c:d2:0b:
3a:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:1A:1C:BB:25:2C:D2:86:4F:E8:30:7B:EA:E1:06:53:C3:BE:A8:4C
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/6RocuyUs0oZP6DB76uEGU8O-qEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:ac00::/29
2a13:c240::/29
2a14:1100::/29
2a14:62c0::/29
Signature Algorithm: sha256WithRSAEncryption
33:e2:ee:bf:15:96:7f:c8:3f:1e:15:28:fc:e6:b3:cc:0e:5a:
c9:e5:25:a9:1c:e1:d2:96:90:8c:40:8b:35:90:23:0a:cf:cd:
00:9b:4e:83:36:b9:0d:6e:e3:bd:6c:2a:1a:65:b4:e1:5e:82:
57:48:66:3e:f9:2c:d4:2a:bd:1d:14:39:ed:94:01:09:0b:c6:
6d:7e:23:de:26:6a:5d:c6:bb:7b:ef:a6:fa:fc:9f:67:9b:22:
43:86:77:b6:75:f6:c0:f2:0f:a3:ab:5f:4d:40:48:7c:1e:2a:
89:5b:71:3b:07:e7:6d:09:6c:f9:1c:45:1b:0e:21:65:1b:50:
f4:86:92:86:55:14:2c:c4:3a:2d:aa:62:43:e5:59:46:0d:a4:
eb:48:77:9d:57:41:b8:d5:dd:2c:35:79:12:31:47:0e:a9:66:
df:e2:82:71:84:d9:6b:ad:67:58:e2:60:1a:3c:a9:2c:cc:89:
d8:a8:1d:00:db:6b:e7:49:6d:57:5e:2c:c6:de:ab:14:c6:3f:
45:c0:2c:7e:61:df:2a:d6:d8:e4:63:c0:e5:7c:ef:26:8d:da:
b6:cc:4e:71:22:1c:b8:ab:82:e8:59:7e:37:69:cd:38:a8:cd:
6f:04:6d:c2:76:36:96:82:ad:5a:46:2f:bc:dd:e6:73:4a:82:
5a:f3:96:2b
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQNm3RKWVD9F2EXi0l5e0AgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQxMjI4MTQxMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTFhMWNiYjI1MmNkMjg2NGZlODMwN2JlYWUxMDY1M2MzYmVhODRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAx74H/tIGFBRQCJH8IuwO/0a2eb
zayifi9Z+PFIou8w2WG/WHWh/tGcKD44RCxnaw2wkOHxSbohh8WPiSgv20UL46Dd
2XbdhNkvK4OcxKeS7Q2xUAm35xOFUNTNlNdRIX3DHzBpX+EpPEOAhx284dHJDJ0D
IeOrBfds6AZ8mOsH9VVgwc2yb5kjCc7+KQbhYEquUnnjZmMV1Y/cM9b/eBBQOyA3
I6mvf+uHTqRp3kHCcB9Vggy13UORFtRLHOteZv2oHFM9ParwdCsEATvgsZCBgZ20
c67NmetD5m8BU6BLX6tf+rVHsVTiwf0fwt8IyEo1bdqwJRDgfvEM0gs6EwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFOkaHLslLNKGT+gwe+rhBlPDvqhMMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvNlJvY3V5VXMwb1pQNkRCNzZ1RUdVOE8tcUV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgusAAMF
AyoTwkADBQMqFBEAAwUDKhRiwDANBgkqhkiG9w0BAQsFAAOCAQEAM+LuvxWWf8g/
HhUo/OazzA5ayeUlqRzh0paQjECLNZAjCs/NAJtOgza5DW7jvWwqGmW04V6CV0hm
Pvks1Cq9HRQ57ZQBCQvGbX4j3iZqXca7e++m+vyfZ5siQ4Z3tnX2wPIPo6tfTUBI
fB4qiVtxOwfnbQls+RxFGw4hZRtQ9IaShlUULMQ6LapiQ+VZRg2k60h3nVdBuNXd
LDV5EjFHDqlm3+KCcYTZa61nWOJgGjypLMyJ2KgdANtr50ltV14sxt6rFMY/RcAs
fmHfKtbY5GPA5XzvJo3atsxOcSIcuKuC6Fl+N2nNOKjNbwRtwnY2loKtWkYvvN3m
c0qCWvOWKw==
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:41:02 2025 by rpki-client