Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/OCW4R98Lz3LYqIihktSAGs4eOSE.roa
File: OCW4R98Lz3LYqIihktSAGs4eOSE.roa (raw, json)
Hash identifier: XKh2iesw35tY2HjwXWuildP23xqZIK2p3NdHF13TGkk=
Subject key identifier: 38:25:B8:47:DF:0B:CF:72:D8:A8:88:A1:92:D4:80:1A:CE:1E:39:21
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0195B38BABDBD271201188586F7C1CF626D6
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/OCW4R98Lz3LYqIihktSAGs4eOSE.roa
Signing time: Thu 20 Mar 2025 12:33:50 +0000
ROA not before: Thu 20 Mar 2025 12:33:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215898
IP address blocks: 2a14:6a40::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 22 Mar 2025 18:35:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b3:8b:ab:db:d2:71:20:11:88:58:6f:7c:1c:f6:26:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Mar 20 12:33:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3825b847df0bcf72d8a888a192d4801ace1e3921
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:87:bc:e6:82:86:60:ea:96:8a:36:1a:59:d7:
26:b7:fb:ec:be:0e:82:a5:78:23:56:c2:10:a8:4d:
dc:8f:22:7d:ae:ca:98:37:30:6e:55:00:1c:48:3a:
ee:51:43:38:05:78:f1:1c:f9:06:d6:64:03:fa:62:
1e:d6:99:56:cd:3a:09:49:4e:bc:55:e1:28:5f:d7:
a8:20:0c:13:05:56:6b:24:33:e4:07:19:dd:19:20:
9c:c4:3e:de:1d:09:d4:c9:51:80:95:2d:55:14:85:
c0:eb:25:16:34:c5:0d:88:b5:6e:4c:c8:45:c4:33:
dd:94:7b:f8:77:05:88:24:17:2e:1a:97:93:0d:a4:
dd:2d:48:24:ec:b2:d8:c9:5b:65:da:bf:ac:40:c1:
ad:4b:1f:3a:57:f1:29:94:c5:c1:26:5c:bb:7d:f2:
42:0a:d2:fc:d1:91:a4:da:df:3e:4d:1a:fb:c9:77:
32:28:cd:ad:2b:fa:c4:d1:31:ba:a0:da:89:e9:89:
95:93:c8:ae:80:da:9c:70:60:ec:05:ef:39:83:6d:
9f:d9:18:cf:28:bf:44:58:8e:a3:5a:55:77:8e:5d:
3a:1d:6e:4e:44:cd:a5:7e:74:a8:7e:00:f9:0d:01:
2c:dc:43:a6:58:db:92:9d:0c:d1:48:e7:0a:a4:c7:
a8:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:25:B8:47:DF:0B:CF:72:D8:A8:88:A1:92:D4:80:1A:CE:1E:39:21
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/OCW4R98Lz3LYqIihktSAGs4eOSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:6a40::/29
Signature Algorithm: sha256WithRSAEncryption
72:d9:da:30:48:6f:d9:20:45:56:b1:6d:02:a4:79:d2:3c:95:
29:5e:2c:1d:f6:30:15:92:b0:74:bb:9e:fd:ff:c9:36:31:34:
a9:ee:26:3e:6e:48:c2:b6:d4:4c:87:9b:95:b0:77:9e:6e:d6:
72:de:68:c3:a9:e5:5b:33:b5:f2:df:87:67:b7:4e:a4:2c:2a:
39:4a:be:5a:f9:7a:ca:b0:a2:c0:aa:6a:c0:af:d4:1a:74:c5:
5a:71:43:a5:fb:ff:f1:0a:d9:14:d5:30:c8:9a:68:ca:14:12:
a5:83:83:09:db:b1:4e:33:f9:9c:cf:cd:24:85:ef:f2:ac:a3:
95:13:5a:16:25:cf:a6:70:93:78:e4:94:35:29:04:4d:7f:a1:
5c:91:e9:5c:6e:ef:0d:7a:c9:fe:64:8f:b9:82:9e:7d:a5:bf:
9f:59:8d:e8:c4:bf:5b:22:03:21:b2:a1:05:a5:62:67:3f:9e:
74:e2:6b:58:50:da:72:62:81:3e:01:0e:16:63:f9:c0:6f:0f:
f1:73:1e:4e:6e:f6:d4:5c:44:8c:f3:17:23:ea:af:bb:08:a3:
22:00:75:2e:c5:34:2d:7b:7b:9e:f7:61:4e:ee:41:d0:5e:d5:
9a:d3:93:6d:08:02:17:37:6f:56:61:b4:76:e4:db:cb:7f:44:
88:56:ce:16
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZWzi6vb0nEgEYhYb3wc9ibWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwMzIwMTIzMzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODI1Yjg0N2RmMGJjZjcyZDhhODg4YTE5MmQ0ODAxYWNlMWUzOTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYe85oKGYOqWijYaWdcmt/vsvg6C
pXgjVsIQqE3cjyJ9rsqYNzBuVQAcSDruUUM4BXjxHPkG1mQD+mIe1plWzToJSU68
VeEoX9eoIAwTBVZrJDPkBxndGSCcxD7eHQnUyVGAlS1VFIXA6yUWNMUNiLVuTMhF
xDPdlHv4dwWIJBcuGpeTDaTdLUgk7LLYyVtl2r+sQMGtSx86V/EplMXBJly7ffJC
CtL80ZGk2t8+TRr7yXcyKM2tK/rE0TG6oNqJ6YmVk8iugNqccGDsBe85g22f2RjP
KL9EWI6jWlV3jl06HW5ORM2lfnSofgD5DQEs3EOmWNuSnQzRSOcKpMeozQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDgluEffC89y2KiIoZLUgBrOHjkhMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvT0NXNFI5OEx6M0xZcUlpaGt0U0FHczRlT1NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhRqQDAN
BgkqhkiG9w0BAQsFAAOCAQEActnaMEhv2SBFVrFtAqR50jyVKV4sHfYwFZKwdLue
/f/JNjE0qe4mPm5IwrbUTIeblbB3nm7Wct5ow6nlWzO18t+HZ7dOpCwqOUq+Wvl6
yrCiwKpqwK/UGnTFWnFDpfv/8QrZFNUwyJpoyhQSpYODCduxTjP5nM/NJIXv8qyj
lRNaFiXPpnCTeOSUNSkETX+hXJHpXG7vDXrJ/mSPuYKefaW/n1mN6MS/WyIDIbKh
BaViZz+edOJrWFDacmKBPgEOFmP5wG8P8XMeTm721FxEjPMXI+qvuwijIgB1LsU0
LXt7nvdhTu5B0F7VmtOTbQgCFzdvVmG0duTby39EiFbOFg==
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:19:20 2025 by rpki-client