Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/PNBaANMpRveENceK0uU9y_uhOX8.roa
File: PNBaANMpRveENceK0uU9y_uhOX8.roa (raw, json)
Hash identifier: 4roN9NI8aXnFtmM81L1WrFpWceJE9JZurvmJUMporTA=
Subject key identifier: 3C:D0:5A:00:D3:29:46:F7:84:35:C7:8A:D2:E5:3D:CB:FB:A1:39:7F
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01941179238989230D09C7BF27DC3CD97292
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/PNBaANMpRveENceK0uU9y_uhOX8.roa
Signing time: Sun 29 Dec 2024 08:12:18 +0000
ROA not before: Sun 29 Dec 2024 08:12:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207108
IP address blocks: 2a13:e040::/29 maxlen: 29
2a14:1100::/29 maxlen: 29
2a14:62c0::/29 maxlen: 29
2a14:6a40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:11:79:23:89:89:23:0d:09:c7:bf:27:dc:3c:d9:72:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Dec 29 08:12:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3cd05a00d32946f78435c78ad2e53dcbfba1397f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:9e:a7:c7:6d:51:2c:ef:58:91:35:10:bf:4a:
13:c5:b0:78:79:56:e2:63:5c:e3:dc:09:0c:18:d0:
2a:cb:77:aa:66:f9:8f:35:26:c8:fc:24:76:87:28:
f3:5a:ee:fc:f1:c3:da:ea:08:ec:d0:bd:d6:7e:c1:
93:45:e1:c7:f1:0d:ea:42:4c:5d:ec:68:bb:f6:45:
9a:a5:84:79:1a:62:e8:ee:5c:d0:2f:12:1f:51:52:
be:83:a2:38:43:e2:0f:d7:89:a8:0d:a6:a9:73:59:
87:fd:0f:c7:d7:c5:c7:0e:c5:93:87:a5:8a:85:ee:
83:76:d8:de:28:d7:76:9f:aa:26:c1:34:58:72:c1:
43:c8:1a:53:94:e3:e1:6a:61:4f:35:db:13:30:6c:
46:ca:19:58:e7:86:86:c0:0d:fe:f3:8d:cc:30:4f:
0f:c7:f4:ec:d8:cf:d5:bd:26:f5:22:38:b7:81:c2:
9c:d9:ce:1a:10:78:db:9e:d6:57:44:10:f5:6c:f5:
a7:2c:26:84:1b:45:c9:e7:a3:cf:dc:94:e0:a9:bf:
2f:82:53:d5:57:d2:ef:20:77:9a:a5:da:7f:85:7b:
56:6c:3f:9e:93:71:8e:03:ee:3f:d3:56:af:08:11:
e0:af:09:d4:3a:67:56:f0:c1:62:ba:ce:a6:c4:00:
49:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:D0:5A:00:D3:29:46:F7:84:35:C7:8A:D2:E5:3D:CB:FB:A1:39:7F
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/PNBaANMpRveENceK0uU9y_uhOX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:e040::/29
2a14:1100::/29
2a14:62c0::/29
2a14:6a40::/29
Signature Algorithm: sha256WithRSAEncryption
a9:bb:c4:3c:20:5e:16:7e:68:d9:b0:51:16:f2:26:b9:e2:4a:
c0:98:f6:ac:ed:f4:b8:83:ec:75:85:2c:7c:3c:4a:f7:c9:33:
70:ec:2a:08:c6:07:b6:49:95:69:6d:7a:bb:c5:d0:3f:81:34:
cd:96:da:bb:01:43:d6:33:a7:fb:6f:b1:1e:51:9b:c1:cf:0f:
62:28:4b:fb:24:e0:10:a3:9c:98:76:3b:93:bc:04:de:3a:30:
77:19:b0:b1:27:09:c6:fc:7e:8f:cb:dc:1b:7a:9d:06:e9:c7:
1f:60:af:67:3c:6f:f2:b8:44:08:b8:ff:aa:b7:09:d8:4e:a1:
e8:7a:5d:90:a1:75:58:3a:cb:32:76:51:79:d6:24:cd:ac:a4:
8b:d8:ff:11:b2:41:b6:21:b5:64:07:20:49:c1:1a:be:1b:d5:
88:69:d3:56:6c:73:15:03:e1:d5:03:db:7e:ff:89:08:ff:36:
6a:ec:64:19:9c:84:26:10:d2:f9:0b:6f:d0:71:2e:aa:cd:1c:
82:98:6a:6d:df:ea:db:3c:8d:75:5a:6c:cd:74:49:96:6c:7f:
34:59:7a:fa:57:97:67:f4:ec:c1:2b:08:a4:11:60:e5:18:4e:
48:05:38:36:27:ef:83:f2:5f:66:c7:4a:53:18:83:68:64:c1:
9d:53:1b:95
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQReSOJiSMNCce/J9w82XKSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQxMjI5MDgxMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2QwNWEwMGQzMjk0NmY3ODQzNWM3OGFkMmU1M2RjYmZiYTEzOTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqp6nx21RLO9YkTUQv0oTxbB4eVbi
Y1zj3AkMGNAqy3eqZvmPNSbI/CR2hyjzWu788cPa6gjs0L3WfsGTReHH8Q3qQkxd
7Gi79kWapYR5GmLo7lzQLxIfUVK+g6I4Q+IP14moDaapc1mH/Q/H18XHDsWTh6WK
he6DdtjeKNd2n6omwTRYcsFDyBpTlOPhamFPNdsTMGxGyhlY54aGwA3+843MME8P
x/Ts2M/VvSb1Iji3gcKc2c4aEHjbntZXRBD1bPWnLCaEG0XJ56PP3JTgqb8vglPV
V9LvIHeapdp/hXtWbD+ek3GOA+4/01avCBHgrwnUOmdW8MFius6mxABJ0wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDzQWgDTKUb3hDXHitLlPcv7oTl/MB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvUE5CYUFOTXBSdmVFTmNlSzB1VTl5X3VoT1g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKhPgQAMF
AyoUEQADBQMqFGLAAwUDKhRqQDANBgkqhkiG9w0BAQsFAAOCAQEAqbvEPCBeFn5o
2bBRFvImueJKwJj2rO30uIPsdYUsfDxK98kzcOwqCMYHtkmVaW16u8XQP4E0zZba
uwFD1jOn+2+xHlGbwc8PYihL+yTgEKOcmHY7k7wE3jowdxmwsScJxvx+j8vcG3qd
BunHH2CvZzxv8rhECLj/qrcJ2E6h6HpdkKF1WDrLMnZRedYkzayki9j/EbJBtiG1
ZAcgScEavhvViGnTVmxzFQPh1QPbfv+JCP82auxkGZyEJhDS+Qtv0HEuqs0cgphq
bd/q2zyNdVpszXRJlmx/NFl6+leXZ/TswSsIpBFg5RhOSAU4Nifvg/JfZsdKUxiD
aGTBnVMblQ==
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:44:31 2025 by rpki-client