Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/pI72m9i8Bj58dgqeIR84Wk68lS4.roa
File: pI72m9i8Bj58dgqeIR84Wk68lS4.roa (raw, json)
Hash identifier: dVHt8V5F1/6JXAvstF8wOeOCYGBZx9nZrSmi1x2eI04=
Subject key identifier: A4:8E:F6:9B:D8:BC:06:3E:7C:76:0A:9E:21:1F:38:5A:4E:BC:95:2E
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0195BF361E2536950643B103B53D53CB8F50
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/pI72m9i8Bj58dgqeIR84Wk68lS4.roa
Signing time: Sat 22 Mar 2025 18:55:49 +0000
ROA not before: Sat 22 Mar 2025 18:55:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2a13:c240::/29 maxlen: 29
2a14:62c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 24 Mar 2025 20:17:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:bf:36:1e:25:36:95:06:43:b1:03:b5:3d:53:cb:8f:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Mar 22 18:55:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a48ef69bd8bc063e7c760a9e211f385a4ebc952e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:fc:19:8a:1b:8a:37:61:d1:97:fe:f1:e2:c6:
6e:f3:2a:2a:49:44:9c:5d:7c:32:cf:68:59:03:9d:
c1:6a:94:22:de:81:04:ab:45:4c:3f:0d:76:2d:e5:
28:10:e1:04:f0:2d:3f:15:ad:6d:28:93:55:52:bf:
33:8b:59:78:2c:cc:4d:21:11:f1:c3:f2:08:a2:db:
c9:f9:97:92:5c:08:a6:57:c9:da:35:d1:56:a2:c0:
e1:7d:dc:cb:d1:74:ad:2a:1a:60:fe:db:e9:ff:0a:
07:1e:86:12:9c:77:2c:fe:3f:f2:4b:9b:06:3c:0c:
db:3b:b3:01:84:9b:ed:e5:59:e3:62:22:a3:8b:b8:
85:b5:6d:f8:9f:8c:cd:6e:f2:88:a5:6c:45:5e:98:
ff:50:83:fe:8d:f0:c8:de:d3:0d:5d:3b:da:fb:a3:
48:c3:30:57:86:5b:17:a0:57:e7:0a:e2:13:aa:6b:
6a:8c:1b:28:20:ab:a3:bb:86:63:e4:8d:5a:b0:0a:
7e:69:fa:77:ad:be:bd:73:0e:0d:ab:11:bc:6c:2a:
46:5d:23:36:24:61:d0:19:d9:f6:9f:1c:29:1c:cd:
98:62:c1:90:d7:6c:17:d3:fb:48:df:a6:62:88:61:
b4:69:05:52:ca:7d:5f:92:b2:fc:5a:22:b6:62:e7:
ca:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:8E:F6:9B:D8:BC:06:3E:7C:76:0A:9E:21:1F:38:5A:4E:BC:95:2E
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/pI72m9i8Bj58dgqeIR84Wk68lS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:c240::/29
2a14:62c0::/29
Signature Algorithm: sha256WithRSAEncryption
ab:a4:20:f0:61:6d:5a:87:7b:ed:dc:61:b6:02:7a:9a:aa:d4:
62:fe:11:49:72:cf:60:68:ed:9c:2d:23:98:9d:2e:77:41:a2:
42:9a:de:8c:92:ed:d6:60:f6:aa:08:4c:f4:3b:17:85:1f:54:
53:8e:57:ad:2a:aa:55:96:0e:6b:fe:3b:cd:4f:16:70:e5:86:
2f:b1:2f:11:b6:29:ab:df:2a:1d:64:ad:84:f2:f2:6f:57:3c:
c5:81:e7:00:49:99:51:de:40:84:3f:b2:fb:c2:3a:f4:ef:79:
b8:fb:42:fc:23:46:40:36:de:b9:58:fb:b5:ba:81:d8:e8:8a:
55:70:23:cc:b6:b8:6e:4b:b5:cd:66:e9:78:bf:2c:ba:eb:bc:
8a:9b:34:c3:e4:c0:66:c8:a7:86:85:97:0f:32:2e:7f:ae:9c:
d2:32:18:94:99:38:3c:cf:81:c0:52:27:45:1b:00:4f:05:ea:
e1:d4:c0:8d:3f:75:14:95:98:3d:47:9c:38:24:4f:05:75:24:
01:58:97:f4:50:42:7f:3e:54:fb:f4:47:33:ac:71:78:09:28:
16:9e:c5:74:ae:00:69:24:25:ea:75:c6:91:72:17:5e:54:9a:
f6:11:37:1e:4c:9d:a5:fe:2d:f6:e3:d7:93:14:a0:94:8f:0f:
6c:3a:54:65
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZW/Nh4lNpUGQ7EDtT1Ty49QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwMzIyMTg1NTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDhlZjY5YmQ4YmMwNjNlN2M3NjBhOWUyMTFmMzg1YTRlYmM5NTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/wZihuKN2HRl/7x4sZu8yoqSUSc
XXwyz2hZA53BapQi3oEEq0VMPw12LeUoEOEE8C0/Fa1tKJNVUr8zi1l4LMxNIRHx
w/IIotvJ+ZeSXAimV8naNdFWosDhfdzL0XStKhpg/tvp/woHHoYSnHcs/j/yS5sG
PAzbO7MBhJvt5VnjYiKji7iFtW34n4zNbvKIpWxFXpj/UIP+jfDI3tMNXTva+6NI
wzBXhlsXoFfnCuITqmtqjBsoIKuju4Zj5I1asAp+afp3rb69cw4NqxG8bCpGXSM2
JGHQGdn2nxwpHM2YYsGQ12wX0/tI36ZiiGG0aQVSyn1fkrL8WiK2YufKuwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKSO9pvYvAY+fHYKniEfOFpOvJUuMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvcEk3Mm05aThCajU4ZGdxZUlSODRXazY4bFM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhPCQAMF
AyoUYsAwDQYJKoZIhvcNAQELBQADggEBAKukIPBhbVqHe+3cYbYCepqq1GL+EUly
z2Bo7ZwtI5idLndBokKa3oyS7dZg9qoITPQ7F4UfVFOOV60qqlWWDmv+O81PFnDl
hi+xLxG2KavfKh1krYTy8m9XPMWB5wBJmVHeQIQ/svvCOvTvebj7QvwjRkA23rlY
+7W6gdjoilVwI8y2uG5Ltc1m6Xi/LLrrvIqbNMPkwGbIp4aFlw8yLn+unNIyGJSZ
ODzPgcBSJ0UbAE8F6uHUwI0/dRSVmD1HnDgkTwV1JAFYl/RQQn8+VPv0RzOscXgJ
KBaexXSuAGkkJep1xpFyF15UmvYRNx5MnaX+Lfbj15MUoJSPD2w6VGU=
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:46:48 2025 by rpki-client