Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/mXfMuiT183-nGpgWK_IYFWbLXOI.roa
File: mXfMuiT183-nGpgWK_IYFWbLXOI.roa (raw, json)
Hash identifier: 45DPd0qjJBm+hiGAKZYSZOm2O9HY7WI+7vrlMNTV9LE=
Subject key identifier: 99:77:CC:BA:24:F5:F3:7F:A7:1A:98:16:2B:F2:18:15:66:CB:5C:E2
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0195B38C968559B5A7438D801C3E51BA1390
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/mXfMuiT183-nGpgWK_IYFWbLXOI.roa
Signing time: Thu 20 Mar 2025 12:34:49 +0000
ROA not before: Thu 20 Mar 2025 12:34:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2a13:c240::/29 maxlen: 29
2a14:1100::/29 maxlen: 29
2a14:62c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 22 Mar 2025 18:55:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b3:8c:96:85:59:b5:a7:43:8d:80:1c:3e:51:ba:13:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Mar 20 12:34:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9977ccba24f5f37fa71a98162bf2181566cb5ce2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:4c:5a:ef:47:87:c1:9b:ec:a0:f3:2d:8b:81:
73:6e:80:74:10:a3:c4:ae:18:d7:ac:2e:6d:cc:69:
34:30:45:19:52:0c:fb:a0:0e:4c:75:3d:8b:6c:e9:
3d:f8:94:93:03:4b:2b:3f:df:15:9e:d1:b8:6d:c1:
fe:06:f5:9b:c9:30:27:65:64:d9:01:f8:94:50:29:
52:ad:7b:d0:9f:0e:49:99:3b:05:a4:5d:f6:a9:11:
ce:b8:09:dc:79:6a:bc:49:b8:df:8a:6b:1c:59:85:
66:d6:16:f0:9d:e4:12:ce:26:24:c1:f6:4a:de:68:
77:63:cc:74:fa:05:b1:5f:f3:15:de:4d:33:f1:e0:
9a:6c:02:09:17:ff:cd:b6:0c:dc:f1:92:d3:cf:1a:
72:ae:0d:fd:98:f8:43:d0:b2:94:f0:4e:79:d9:dd:
94:5e:da:f6:a8:42:4f:c3:12:d2:b2:34:9f:0b:db:
fe:01:a8:89:0c:aa:28:b6:17:2e:e6:ea:00:2a:06:
cc:b2:cb:8a:fe:4a:d8:ba:10:ae:fc:73:eb:ed:a9:
5f:68:42:e5:95:53:b2:46:7d:87:70:29:2d:5f:a9:
14:ad:48:a8:6e:10:48:17:44:13:29:80:a2:87:91:
54:d7:f1:6b:9c:f2:05:2e:e5:be:44:a7:1b:a4:cc:
d6:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:77:CC:BA:24:F5:F3:7F:A7:1A:98:16:2B:F2:18:15:66:CB:5C:E2
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/mXfMuiT183-nGpgWK_IYFWbLXOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:c240::/29
2a14:1100::/29
2a14:62c0::/29
Signature Algorithm: sha256WithRSAEncryption
8c:ef:f5:34:81:d5:ef:f7:1f:3d:f9:90:9b:c5:66:0c:31:df:
ad:46:f1:5a:83:46:50:92:0c:3b:1f:bd:07:25:96:af:d6:42:
03:2b:e6:41:ab:e8:43:cb:c3:a3:39:81:85:84:63:ce:38:4b:
ee:de:45:4f:b9:3a:68:d2:21:71:c7:a0:1c:12:51:ad:2e:81:
33:3a:65:5f:dc:e7:93:7b:ae:08:cf:13:69:40:4b:0a:ea:2f:
c6:ce:eb:31:72:38:c4:89:8f:41:5e:a4:8e:df:d9:84:d0:6f:
67:69:8e:09:c3:82:ce:d7:d5:62:25:c4:5d:54:98:b7:81:6e:
7c:15:f0:28:ee:52:39:0d:5c:96:f0:00:ed:47:77:ec:cd:44:
d1:a2:e2:a0:b3:88:f3:2b:a5:69:42:1d:19:7c:3d:58:3a:66:
2a:fe:cb:8f:d9:9e:af:35:39:4a:41:27:1f:8b:b4:5f:f8:b9:
55:85:d1:dc:07:4a:d8:41:3b:38:ca:76:26:d3:c0:f7:aa:fe:
03:25:7c:ad:fd:2a:3b:0d:09:a4:c1:3c:14:11:bc:40:9f:df:
52:fa:1d:c9:de:0e:72:2d:04:27:e5:59:f6:fd:a8:26:66:40:
63:1d:bf:56:7c:e4:31:e6:4a:92:f0:f7:d9:c4:f4:0a:c7:0c:
56:da:43:b7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZWzjJaFWbWnQ42AHD5RuhOQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwMzIwMTIzNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTc3Y2NiYTI0ZjVmMzdmYTcxYTk4MTYyYmYyMTgxNTY2Y2I1Y2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Uxa70eHwZvsoPMti4FzboB0EKPE
rhjXrC5tzGk0MEUZUgz7oA5MdT2LbOk9+JSTA0srP98VntG4bcH+BvWbyTAnZWTZ
AfiUUClSrXvQnw5JmTsFpF32qRHOuAnceWq8SbjfimscWYVm1hbwneQSziYkwfZK
3mh3Y8x0+gWxX/MV3k0z8eCabAIJF//Ntgzc8ZLTzxpyrg39mPhD0LKU8E552d2U
Xtr2qEJPwxLSsjSfC9v+AaiJDKoothcu5uoAKgbMssuK/krYuhCu/HPr7alfaELl
lVOyRn2HcCktX6kUrUiobhBIF0QTKYCih5FU1/FrnPIFLuW+RKcbpMzWfwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJl3zLok9fN/pxqYFivyGBVmy1ziMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvbVhmTXVpVDE4My1uR3BnV0tfSVlGV2JMWE9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKhPCQAMF
AyoUEQADBQMqFGLAMA0GCSqGSIb3DQEBCwUAA4IBAQCM7/U0gdXv9x89+ZCbxWYM
Md+tRvFag0ZQkgw7H70HJZav1kIDK+ZBq+hDy8OjOYGFhGPOOEvu3kVPuTpo0iFx
x6AcElGtLoEzOmVf3OeTe64IzxNpQEsK6i/GzusxcjjEiY9BXqSO39mE0G9naY4J
w4LO19ViJcRdVJi3gW58FfAo7lI5DVyW8ADtR3fszUTRouKgs4jzK6VpQh0ZfD1Y
OmYq/suP2Z6vNTlKQScfi7Rf+LlVhdHcB0rYQTs4ynYm08D3qv4DJXyt/So7DQmk
wTwUEbxAn99S+h3J3g5yLQQn5Vn2/agmZkBjHb9WfOQx5kqS8PfZxPQKxwxW2kO3
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:02:39 2025 by rpki-client