Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/idjcXWtASsWUnVuqbU3MBIj8Kn0.roa
File: idjcXWtASsWUnVuqbU3MBIj8Kn0.roa (raw, json)
Hash identifier: 0PMqzIZUQTfcViEafel5TfV0pReds+gt8rjbaTDytlE=
Subject key identifier: 89:D8:DC:5D:6B:40:4A:C5:94:9D:5B:AA:6D:4D:CC:04:88:FC:2A:7D
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01959AD475507E7C399D5EB0C8BCA5B5C3EA
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/idjcXWtASsWUnVuqbU3MBIj8Kn0.roa
Signing time: Sat 15 Mar 2025 17:22:49 +0000
ROA not before: Sat 15 Mar 2025 17:22:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212477
IP address blocks: 2a0b:ac00::/29 maxlen: 29
2a13:c240::/29 maxlen: 29
2a14:68c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 19 Mar 2025 13:14:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:9a:d4:75:50:7e:7c:39:9d:5e:b0:c8:bc:a5:b5:c3:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Mar 15 17:22:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89d8dc5d6b404ac5949d5baa6d4dcc0488fc2a7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:5d:c8:41:a9:ed:ca:41:57:e8:b1:0e:24:bd:
00:2c:dc:22:1a:33:56:9b:9d:22:ad:60:86:70:62:
68:11:56:d8:ae:87:4e:c7:6c:bc:d9:12:9e:22:38:
81:9e:51:55:ce:19:9e:22:54:0b:84:2d:cc:f5:5d:
f7:5f:e7:d7:f5:eb:de:37:da:76:10:0b:98:c0:cc:
16:c9:98:cb:91:04:2d:01:10:81:29:05:38:74:a4:
18:32:7c:a2:04:e2:cd:96:8c:d8:83:f2:09:95:b5:
58:59:06:5d:65:98:2e:74:4e:e4:3d:33:86:3e:06:
d3:5e:e8:7a:1c:fa:a9:c0:8c:9f:b2:4e:15:3a:9d:
9e:26:1a:4e:2b:47:15:40:2e:2b:df:ec:ad:27:e9:
67:00:72:e8:04:3b:7e:52:d5:69:a4:ef:6b:40:6e:
2d:03:40:45:cc:0a:d9:df:cb:8f:88:fc:a1:8a:f1:
e1:6b:50:f1:b8:d5:67:e4:52:0b:f2:96:7a:79:50:
ca:04:93:d6:70:ff:ad:d2:02:b7:4a:7b:3d:a8:43:
22:8c:89:e8:b9:37:27:cf:a0:e4:70:ba:36:7e:8b:
8e:f8:11:f7:fc:1d:c5:5f:ce:ed:7b:b4:39:05:3a:
8f:c3:39:c9:c7:f0:5a:42:9a:a8:ae:c1:24:77:e5:
5a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:D8:DC:5D:6B:40:4A:C5:94:9D:5B:AA:6D:4D:CC:04:88:FC:2A:7D
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/idjcXWtASsWUnVuqbU3MBIj8Kn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:ac00::/29
2a13:c240::/29
2a14:68c0::/29
Signature Algorithm: sha256WithRSAEncryption
2f:59:73:7f:aa:9d:3c:41:b2:e1:5a:53:67:b8:74:b0:75:77:
18:aa:95:4a:2a:68:39:ac:9c:55:4f:48:8e:a3:45:d1:e0:02:
78:03:59:85:24:af:61:03:26:28:f9:b4:22:6b:06:eb:ad:84:
0d:53:59:93:ac:0d:ab:e8:80:66:49:ab:79:eb:89:98:8d:c3:
cd:f1:24:f4:69:4e:26:3e:28:ea:96:58:df:96:c9:d8:3f:8f:
49:2c:1e:33:a9:46:06:e5:46:75:f4:37:00:4a:97:60:b4:b0:
e8:81:60:b7:88:60:e8:bb:dc:2d:7b:af:ec:a5:03:6a:7c:c9:
aa:16:f4:c9:29:0c:b0:7c:ea:b8:1f:b0:b2:d4:b9:ba:ba:0c:
d8:b1:ec:89:71:1b:8a:38:a9:27:ec:cd:8e:f7:91:dc:cf:e2:
50:57:46:cb:ea:88:34:f9:91:bc:a2:fa:5a:f7:03:0a:14:30:
26:2c:8d:d9:26:ac:52:b1:d6:6e:c5:e8:46:3a:02:8c:3e:96:
e6:08:61:7e:78:8f:6d:c0:8e:dc:33:e7:bb:23:e9:6b:a8:e0:
86:9f:be:69:0a:db:41:a2:b0:37:34:eb:95:4c:41:34:bf:52:
2a:5d:ce:1a:9d:7d:2d:24:fc:87:db:34:3c:68:59:c1:37:be:
8a:73:47:07
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZWa1HVQfnw5nV6wyLyltcPqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwMzE1MTcyMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWQ4ZGM1ZDZiNDA0YWM1OTQ5ZDViYWE2ZDRkY2MwNDg4ZmMyYTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4V3IQantykFX6LEOJL0ALNwiGjNW
m50irWCGcGJoEVbYrodOx2y82RKeIjiBnlFVzhmeIlQLhC3M9V33X+fX9eveN9p2
EAuYwMwWyZjLkQQtARCBKQU4dKQYMnyiBOLNlozYg/IJlbVYWQZdZZgudE7kPTOG
PgbTXuh6HPqpwIyfsk4VOp2eJhpOK0cVQC4r3+ytJ+lnAHLoBDt+UtVppO9rQG4t
A0BFzArZ38uPiPyhivHha1DxuNVn5FIL8pZ6eVDKBJPWcP+t0gK3Sns9qEMijIno
uTcnz6DkcLo2fouO+BH3/B3FX87te7Q5BTqPwznJx/BaQpqorsEkd+VaxQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFInY3F1rQErFlJ1bqm1NzASI/Cp9MB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvaWRqY1hXdEFTc1dVblZ1cWJVM01CSWo4S24wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgusAAMF
AyoTwkADBQMqFGjAMA0GCSqGSIb3DQEBCwUAA4IBAQAvWXN/qp08QbLhWlNnuHSw
dXcYqpVKKmg5rJxVT0iOo0XR4AJ4A1mFJK9hAyYo+bQiawbrrYQNU1mTrA2r6IBm
Sat564mYjcPN8ST0aU4mPijqlljflsnYP49JLB4zqUYG5UZ19DcASpdgtLDogWC3
iGDou9wte6/spQNqfMmqFvTJKQywfOq4H7Cy1Lm6ugzYseyJcRuKOKkn7M2O95Hc
z+JQV0bL6og0+ZG8ovpa9wMKFDAmLI3ZJqxSsdZuxehGOgKMPpbmCGF+eI9twI7c
M+e7I+lrqOCGn75pCttBorA3NOuVTEE0v1IqXc4anX0tJPyH2zQ8aFnBN76Kc0cH
-----END CERTIFICATE-----
Generated at Thu Apr 17 04:46:29 2025 by rpki-client