Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/pWVtYK34E8I9KTsj58VPPiSSEO8.roa
File: pWVtYK34E8I9KTsj58VPPiSSEO8.roa (raw, json)
Hash identifier: btUyyBKyveCqWb+kZk56B5tQzYMUlrwSZTQqeyCFYRc=
Subject key identifier: A5:65:6D:60:AD:F8:13:C2:3D:29:3B:23:E7:C5:4F:3E:24:92:10:EF
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0195684E5AA632E4A9BFADA721212FAF7D2E
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/pWVtYK34E8I9KTsj58VPPiSSEO8.roa
Signing time: Wed 05 Mar 2025 21:55:20 +0000
ROA not before: Wed 05 Mar 2025 21:55:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215059
IP address blocks: 2a10:77c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 22 Mar 2025 18:50:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:68:4e:5a:a6:32:e4:a9:bf:ad:a7:21:21:2f:af:7d:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Mar 5 21:55:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5656d60adf813c23d293b23e7c54f3e249210ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:48:81:d9:8f:b5:f4:27:17:0c:ff:8b:a9:5c:
0e:82:73:75:ef:a5:7c:9d:ef:e2:63:35:00:9d:d3:
6c:7c:79:8b:63:40:1c:e9:03:7e:88:aa:e1:7b:c1:
31:e9:a7:b2:d5:04:10:dd:96:75:ae:0d:1a:8f:78:
29:1e:c7:0f:2d:2c:a3:64:29:de:81:b9:55:9f:58:
2d:ef:f3:d0:51:77:bf:f3:a3:46:83:04:7e:42:c7:
fe:cb:3b:ba:a8:47:2a:0f:c0:6e:c7:e2:67:bc:1b:
82:16:40:9a:e3:bb:cd:de:c2:13:31:b3:2e:e6:29:
d8:aa:ac:f0:b4:cb:1f:a4:6c:74:d9:f2:ab:fc:f8:
35:27:ac:a3:87:4d:02:20:7a:71:5d:ad:09:ec:5a:
5f:d0:8e:f8:04:46:52:91:05:f0:92:18:56:41:5b:
58:d4:e2:46:f9:ba:c1:68:b6:5f:e0:72:a5:e8:f5:
06:14:30:83:7c:ba:03:31:de:dc:b9:20:b5:70:32:
35:f5:83:5b:15:cf:13:d8:65:f8:42:1f:23:47:ff:
f3:cf:81:4f:04:98:69:15:06:e3:b2:bf:53:42:f7:
20:2b:fc:21:e9:d5:4f:df:1f:4b:35:8b:3b:17:69:
5d:d7:16:13:70:a9:26:e7:3b:79:89:c1:33:20:36:
5a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:65:6D:60:AD:F8:13:C2:3D:29:3B:23:E7:C5:4F:3E:24:92:10:EF
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/pWVtYK34E8I9KTsj58VPPiSSEO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:77c0::/29
Signature Algorithm: sha256WithRSAEncryption
28:df:b0:4a:91:01:f4:8d:30:b4:5b:7b:2f:6e:00:0c:c2:80:
92:4d:1a:f7:c2:2c:55:a9:a3:89:ad:5f:d8:2f:bb:1e:38:90:
24:15:39:bb:bd:d9:fd:96:56:24:94:01:ca:21:ea:cc:87:83:
f3:72:56:c2:44:94:2b:25:99:67:61:52:c9:0d:2b:cb:30:94:
b9:f0:a7:f9:b9:ab:8c:8f:64:34:a2:ec:65:0b:e0:6e:e9:eb:
eb:eb:27:a8:ef:80:0e:28:a0:6b:1d:01:75:3c:53:cd:a9:a6:
e5:36:4d:d9:08:2b:a2:53:de:33:0a:1f:a7:ea:07:f5:e1:a9:
3b:7f:91:6f:75:46:24:87:07:a6:d2:01:47:80:10:9b:26:f8:
a9:0f:cf:e5:8e:06:9e:53:20:f8:3a:52:b7:f5:6f:1a:50:45:
ca:a7:b9:50:c7:a5:6b:3c:8c:36:da:f8:7c:30:c8:f1:62:a9:
f9:30:47:64:51:b5:6c:8f:6c:a8:fe:37:dc:49:23:fb:b0:fd:
55:ea:93:e9:0a:aa:b1:4d:bc:c0:99:81:66:f6:5f:02:23:d7:
1b:f9:4b:7c:1d:17:1c:a0:6b:f4:e0:db:5d:7b:68:b2:c1:a4:
1e:0d:65:d8:8e:35:4d:b6:51:07:e7:57:e3:7e:a7:05:0c:a2:
cb:b6:e2:88
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZVoTlqmMuSpv62nISEvr30uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwMzA1MjE1NTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTY1NmQ2MGFkZjgxM2MyM2QyOTNiMjNlN2M1NGYzZTI0OTIxMGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkiB2Y+19CcXDP+LqVwOgnN176V8
ne/iYzUAndNsfHmLY0Ac6QN+iKrhe8Ex6aey1QQQ3ZZ1rg0aj3gpHscPLSyjZCne
gblVn1gt7/PQUXe/86NGgwR+Qsf+yzu6qEcqD8Bux+JnvBuCFkCa47vN3sITMbMu
5inYqqzwtMsfpGx02fKr/Pg1J6yjh00CIHpxXa0J7Fpf0I74BEZSkQXwkhhWQVtY
1OJG+brBaLZf4HKl6PUGFDCDfLoDMd7cuSC1cDI19YNbFc8T2GX4Qh8jR//zz4FP
BJhpFQbjsr9TQvcgK/wh6dVP3x9LNYs7F2ld1xYTcKkm5zt5icEzIDZaeQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKVlbWCt+BPCPSk7I+fFTz4kkhDvMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvcFdWdFlLMzRFOEk5S1RzajU4VlBQaVNTRU84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhB3wDAN
BgkqhkiG9w0BAQsFAAOCAQEAKN+wSpEB9I0wtFt7L24ADMKAkk0a98IsVamjia1f
2C+7HjiQJBU5u73Z/ZZWJJQByiHqzIeD83JWwkSUKyWZZ2FSyQ0ryzCUufCn+bmr
jI9kNKLsZQvgbunr6+snqO+ADiigax0BdTxTzamm5TZN2QgrolPeMwofp+oH9eGp
O3+Rb3VGJIcHptIBR4AQmyb4qQ/P5Y4GnlMg+DpSt/VvGlBFyqe5UMelazyMNtr4
fDDI8WKp+TBHZFG1bI9sqP433Ekj+7D9VeqT6QqqsU28wJmBZvZfAiPXG/lLfB0X
HKBr9ODbXXtossGkHg1l2I41TbZRB+dX436nBQyiy7biiA==
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:20:34 2025 by rpki-client