Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/n0KIspIa911yf8rJKOfAQlenLsg.roa
File: n0KIspIa911yf8rJKOfAQlenLsg.roa (raw, json)
Hash identifier: tSFyCBtPkYDzfhKl3HjL4P5iE7OyFLLmYMYzl3dPVIM=
Subject key identifier: 9F:42:88:B2:92:1A:F7:5D:72:7F:CA:C9:28:E7:C0:42:57:A7:2E:C8
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01942369EEC2C61637C21E9B3167348E2378
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/n0KIspIa911yf8rJKOfAQlenLsg.roa
Signing time: Wed 01 Jan 2025 19:48:52 +0000
ROA not before: Wed 01 Jan 2025 19:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2a10:3f80::/29 maxlen: 29
2a13:c240::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 07 Jan 2025 18:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:ee:c2:c6:16:37:c2:1e:9b:31:67:34:8e:23:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Jan 1 19:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f4288b2921af75d727fcac928e7c04257a72ec8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:3c:cc:55:17:e9:46:2a:eb:70:16:91:28:3e:
2f:2b:6a:4e:76:36:fa:d5:f5:fd:db:4f:52:d6:8c:
d2:26:d6:fe:c4:99:9e:a5:ad:fa:d0:27:f8:89:85:
bc:ca:c7:ef:f7:a8:bc:57:29:c6:10:4c:f1:88:22:
9d:21:cc:82:9e:ef:d4:1f:38:94:2b:fc:a2:15:38:
48:c4:e0:db:72:e6:b4:f5:50:b6:85:83:ad:d9:1c:
53:fd:42:50:59:5d:a7:da:e5:6f:c6:36:d2:66:f4:
4c:a2:1e:6e:ed:04:c6:19:99:bd:3e:37:a9:9f:d4:
7c:b6:11:7d:62:99:0e:71:21:07:8b:46:50:c3:9c:
3f:5a:4f:3e:39:87:c5:95:28:d2:b1:30:e1:37:e7:
a9:01:72:2f:46:d3:56:91:fd:18:a0:7f:30:69:ba:
67:a1:74:19:9d:ab:2e:56:d5:05:88:7c:b0:48:ea:
2f:09:3a:42:6a:60:b3:b0:49:60:a3:14:bd:d8:b1:
e2:f1:0a:75:eb:35:91:23:3a:47:6e:ba:80:2a:b1:
ba:52:50:17:58:70:4e:54:a6:75:27:b6:86:7e:81:
02:e2:e8:1a:59:c7:23:44:aa:f6:90:44:c4:9d:82:
f1:3f:7c:04:17:5b:84:63:cc:7e:e4:1f:06:d6:b2:
e7:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:42:88:B2:92:1A:F7:5D:72:7F:CA:C9:28:E7:C0:42:57:A7:2E:C8
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/n0KIspIa911yf8rJKOfAQlenLsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:3f80::/29
2a13:c240::/29
Signature Algorithm: sha256WithRSAEncryption
c5:ef:bd:79:ec:87:27:9b:94:8e:3f:f0:62:23:83:7d:00:b6:
47:be:41:33:e0:49:ed:19:72:67:7a:da:21:72:04:b5:ef:db:
d3:ee:71:f9:49:4b:97:f2:a7:50:6e:81:fd:15:f0:b8:3c:d8:
ac:d1:24:f0:1c:c8:53:96:87:15:fb:1f:4b:be:ee:2f:06:ef:
d0:13:6a:b8:65:07:2f:e1:97:72:30:ab:03:26:ee:82:78:7e:
4d:04:c1:f1:7b:7c:a0:ac:e3:5b:1d:70:70:f8:aa:b7:e9:b2:
b1:27:10:66:dd:f5:77:53:ef:4c:5c:1e:69:ba:fa:60:d1:e0:
e9:5c:e4:ba:ec:ab:c4:33:62:33:66:4e:4b:f1:04:64:5d:95:
94:4c:92:1f:62:05:f1:79:c3:1d:7f:f8:0f:4a:cb:31:e5:96:
2f:6d:1d:c5:59:bf:b0:47:68:f3:22:dc:16:cf:f5:30:25:b9:
ea:c8:b1:db:2c:ec:1b:a3:61:4f:79:22:c5:73:bd:39:9d:4f:
ea:2d:a6:c4:c2:7d:b9:88:ab:3d:c3:79:78:64:7b:19:6f:b5:
1b:1a:50:88:00:db:2f:f1:00:63:41:52:79:27:a2:ee:71:59:
c0:2e:17:a8:fb:36:1e:fa:5f:46:49:2b:b4:b9:66:e9:de:04:
2d:e9:69:f3
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQjae7CxhY3wh6bMWc0jiN4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwMTAxMTk0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjQyODhiMjkyMWFmNzVkNzI3ZmNhYzkyOGU3YzA0MjU3YTcyZWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDzMVRfpRirrcBaRKD4vK2pOdjb6
1fX9209S1ozSJtb+xJmepa360Cf4iYW8ysfv96i8VynGEEzxiCKdIcyCnu/UHziU
K/yiFThIxODbcua09VC2hYOt2RxT/UJQWV2n2uVvxjbSZvRMoh5u7QTGGZm9Pjep
n9R8thF9YpkOcSEHi0ZQw5w/Wk8+OYfFlSjSsTDhN+epAXIvRtNWkf0YoH8wabpn
oXQZnasuVtUFiHywSOovCTpCamCzsElgoxS92LHi8Qp16zWRIzpHbrqAKrG6UlAX
WHBOVKZ1J7aGfoEC4ugaWccjRKr2kETEnYLxP3wEF1uEY8x+5B8G1rLnfwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJ9CiLKSGvddcn/KySjnwEJXpy7IMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvbjBLSXNwSWE5MTF5ZjhySktPZkFRbGVuTHNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhA/gAMF
AyoTwkAwDQYJKoZIhvcNAQELBQADggEBAMXvvXnshyeblI4/8GIjg30Atke+QTPg
Se0Zcmd62iFyBLXv29PucflJS5fyp1Bugf0V8Lg82KzRJPAcyFOWhxX7H0u+7i8G
79ATarhlBy/hl3IwqwMm7oJ4fk0EwfF7fKCs41sdcHD4qrfpsrEnEGbd9XdT70xc
Hmm6+mDR4Olc5Lrsq8QzYjNmTkvxBGRdlZRMkh9iBfF5wx1/+A9KyzHlli9tHcVZ
v7BHaPMi3BbP9TAluerIsdss7BujYU95IsVzvTmdT+otpsTCfbmIqz3DeXhkexlv
tRsaUIgA2y/xAGNBUnknou5xWcAuF6j7Nh76X0ZJK7S5ZuneBC3pafM=
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:42:26 2025 by rpki-client