Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/gNLnOwX0Uw5-SCxgWHIVK4M7ks8.roa
File: gNLnOwX0Uw5-SCxgWHIVK4M7ks8.roa (raw, json)
Hash identifier: 941XaAV9kbAYSwLjS+xPJ5rr7r0BdJCG7iDayFOi0Kw=
Subject key identifier: 80:D2:E7:3B:05:F4:53:0E:7E:48:2C:60:58:72:15:2B:83:3B:92:CF
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0195684D708F3489DFEC8BE550976CAEF36D
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/gNLnOwX0Uw5-SCxgWHIVK4M7ks8.roa
Signing time: Wed 05 Mar 2025 21:54:20 +0000
ROA not before: Wed 05 Mar 2025 21:54:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 264749
IP address blocks: 2a10:3f80::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 22 Mar 2025 18:54:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:68:4d:70:8f:34:89:df:ec:8b:e5:50:97:6c:ae:f3:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Mar 5 21:54:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=80d2e73b05f4530e7e482c605872152b833b92cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:15:4a:b7:41:72:ef:79:eb:31:c3:9e:46:f6:
95:ad:6a:00:1d:d8:1d:df:79:4a:69:22:1c:81:ca:
44:88:8a:29:e1:7e:16:23:2b:4d:8d:01:0f:da:e7:
4f:49:ba:86:bd:91:fd:4e:04:09:e4:48:aa:3c:e5:
5b:d6:b3:3d:2f:37:9a:c7:6c:0e:01:38:56:1f:58:
59:d7:ee:33:fd:e9:f0:6b:26:b7:8b:a9:2d:d0:88:
aa:22:33:d1:0f:9c:1c:8a:4f:33:8c:1c:6c:b6:a6:
b7:67:ab:82:33:17:6d:5a:b3:6c:3d:c3:79:6f:b5:
85:2e:24:31:42:1d:fe:cb:99:ee:e7:91:7e:42:f8:
08:13:50:75:32:2e:68:d3:b0:a7:c2:b0:d4:ae:67:
55:cd:75:df:e5:a4:9c:2d:35:33:7d:a6:16:6a:d1:
59:06:f0:7b:81:50:53:7b:b1:8e:1d:1e:33:8a:cb:
b9:66:60:76:87:57:4f:29:65:d1:84:9b:54:57:62:
10:b1:e6:a5:89:dc:2b:18:c2:b3:30:1c:ea:b5:c0:
93:6c:8f:2b:88:e8:11:62:29:8e:ee:86:f6:bb:33:
cc:1f:01:7c:40:05:64:34:7d:70:95:b4:5b:a9:c0:
cd:73:f9:d3:bd:f2:e5:b5:63:54:68:02:b1:dc:4b:
ab:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:D2:E7:3B:05:F4:53:0E:7E:48:2C:60:58:72:15:2B:83:3B:92:CF
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/gNLnOwX0Uw5-SCxgWHIVK4M7ks8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:3f80::/29
Signature Algorithm: sha256WithRSAEncryption
93:68:b1:07:2d:d9:cc:46:32:b3:49:37:cb:f1:48:7b:ca:aa:
03:14:bb:6c:2b:54:10:68:90:ed:db:5f:d3:af:a9:b9:5e:ac:
01:33:14:88:e2:b0:2c:88:c4:b1:63:e6:22:69:54:d8:5e:ac:
02:72:47:ef:7a:19:e7:49:34:a0:fa:69:99:cb:53:34:4f:d2:
ba:e5:63:45:4d:18:1d:1c:85:a7:8b:db:66:fb:83:bf:c1:cd:
af:1d:96:9a:2e:16:3a:6e:29:74:f7:e6:aa:9e:c6:27:87:02:
41:7b:82:c5:8c:4b:62:52:6a:b2:59:7e:45:ab:6c:af:ca:b8:
81:34:8e:bd:6f:b9:74:09:f7:d7:14:9c:0e:c5:d3:af:d5:ae:
69:f1:f3:a8:b7:53:cc:7f:08:dd:00:2a:9f:f7:34:6a:29:e0:
b6:d6:93:d6:c6:85:99:5d:5f:5d:e6:92:7b:e1:8f:33:78:8d:
4f:ff:72:cd:97:83:c6:2f:4c:d3:37:8f:39:8d:12:01:c0:9f:
59:74:ed:93:01:bc:19:5d:75:d0:04:66:87:f5:66:30:b7:ec:
2c:16:fa:81:8a:e4:a4:44:07:8d:ea:7f:0a:63:5f:7c:8b:43:
75:dc:2f:c4:1c:ca:a8:0d:9d:98:3f:f4:44:e8:c9:9f:3d:f8:
cc:f2:96:46
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZVoTXCPNInf7IvlUJdsrvNtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwMzA1MjE1NDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGQyZTczYjA1ZjQ1MzBlN2U0ODJjNjA1ODcyMTUyYjgzM2I5MmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxVKt0Fy73nrMcOeRvaVrWoAHdgd
33lKaSIcgcpEiIop4X4WIytNjQEP2udPSbqGvZH9TgQJ5EiqPOVb1rM9Lzeax2wO
AThWH1hZ1+4z/enwaya3i6kt0IiqIjPRD5wcik8zjBxstqa3Z6uCMxdtWrNsPcN5
b7WFLiQxQh3+y5nu55F+QvgIE1B1Mi5o07CnwrDUrmdVzXXf5aScLTUzfaYWatFZ
BvB7gVBTe7GOHR4zisu5ZmB2h1dPKWXRhJtUV2IQsealidwrGMKzMBzqtcCTbI8r
iOgRYimO7ob2uzPMHwF8QAVkNH1wlbRbqcDNc/nTvfLltWNUaAKx3EurkQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIDS5zsF9FMOfkgsYFhyFSuDO5LPMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvZ05Mbk93WDBVdzUtU0N4Z1dISVZLNE03a3M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhA/gDAN
BgkqhkiG9w0BAQsFAAOCAQEAk2ixBy3ZzEYys0k3y/FIe8qqAxS7bCtUEGiQ7dtf
06+puV6sATMUiOKwLIjEsWPmImlU2F6sAnJH73oZ50k0oPppmctTNE/SuuVjRU0Y
HRyFp4vbZvuDv8HNrx2Wmi4WOm4pdPfmqp7GJ4cCQXuCxYxLYlJqsll+Ratsr8q4
gTSOvW+5dAn31xScDsXTr9WuafHzqLdTzH8I3QAqn/c0aingttaT1saFmV1fXeaS
e+GPM3iNT/9yzZeDxi9M0zePOY0SAcCfWXTtkwG8GV110ARmh/VmMLfsLBb6gYrk
pEQHjep/CmNffItDddwvxBzKqA2dmD/0ROjJnz34zPKWRg==
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:40:33 2025 by rpki-client