Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/rSfUMA2u3Ng6bF5IFmuAj47QEfE.roa
File: rSfUMA2u3Ng6bF5IFmuAj47QEfE.roa (raw, json)
Hash identifier: BNa+WJyMg2CWqVQKEqsogD7aALHTbIYQH+TlATAq/Uw=
Subject key identifier: AD:27:D4:30:0D:AE:DC:D8:3A:6C:5E:48:16:6B:80:8F:8E:D0:11:F1
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01942369F6469689A2FD9014D3D96B4A46FE
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/rSfUMA2u3Ng6bF5IFmuAj47QEfE.roa
Signing time: Wed 01 Jan 2025 19:48:54 +0000
ROA not before: Wed 01 Jan 2025 19:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207108
IP address blocks: 2a13:e040::/29 maxlen: 29
2a14:1100::/29 maxlen: 29
2a14:62c0::/29 maxlen: 29
2a14:6a40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 30 Jan 2025 17:24:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:f6:46:96:89:a2:fd:90:14:d3:d9:6b:4a:46:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Jan 1 19:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad27d4300daedcd83a6c5e48166b808f8ed011f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b8:98:48:ca:59:a9:c3:15:4c:2e:ff:b6:c9:
85:63:76:fc:ef:02:0c:9b:1d:0b:5a:79:aa:da:29:
de:b0:03:1f:de:c8:dd:3f:c4:3b:85:c9:3a:0d:1a:
4e:f2:ad:61:8d:b5:51:25:ba:29:d5:8e:c8:12:2a:
99:e0:57:4b:e7:46:4c:91:f8:96:70:fb:c1:d6:c4:
ac:93:51:8e:f5:be:70:a5:db:6f:5a:4e:1b:72:94:
18:39:50:3d:05:b8:a9:de:6f:02:1a:1e:38:99:38:
6b:94:13:98:c7:87:7a:43:ab:a9:d6:a2:1d:fe:b8:
f9:b4:b3:38:90:ac:7d:d7:e6:63:f5:20:96:d6:8e:
3a:fe:89:c8:db:56:85:19:30:f7:76:f9:1a:12:d0:
7f:43:9d:b0:6c:45:a2:30:b4:e5:ca:75:05:6d:f3:
ae:96:c0:d6:bd:c6:9a:e9:46:64:52:c6:21:21:11:
12:80:8b:55:c8:0b:24:16:e7:b8:82:7b:e9:3b:62:
bc:0f:2b:0c:6d:c0:d9:ab:e8:41:a4:a9:f9:50:c7:
5c:3e:5e:82:a4:4c:76:69:ff:ec:69:61:5c:1d:dd:
1d:b1:75:d2:0c:d0:05:13:bb:48:a2:d8:25:15:2f:
4d:12:6b:f3:b8:a9:fe:e3:91:17:b8:05:e7:6a:ee:
ce:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:27:D4:30:0D:AE:DC:D8:3A:6C:5E:48:16:6B:80:8F:8E:D0:11:F1
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/rSfUMA2u3Ng6bF5IFmuAj47QEfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:e040::/29
2a14:1100::/29
2a14:62c0::/29
2a14:6a40::/29
Signature Algorithm: sha256WithRSAEncryption
d0:c1:08:dd:19:eb:03:52:f7:d8:d9:88:44:fa:8c:0c:8e:e2:
5e:7e:2b:27:f8:a3:41:94:8a:cd:fb:76:35:36:c8:17:05:3d:
ec:99:c4:ba:9e:d6:69:de:49:64:d8:89:d3:6b:3b:ba:4e:64:
1c:e9:58:7b:6a:ea:ea:99:32:ad:a2:44:cc:f9:58:a6:cc:86:
2e:ce:da:20:cf:b8:95:24:c6:4e:82:9c:cc:06:dd:b2:d1:13:
f9:b0:55:91:b5:76:ae:5f:8c:c9:b1:35:f3:cd:70:d3:6f:7b:
8f:38:76:b0:c8:b1:6d:e5:e1:bf:82:d4:ef:73:31:3b:da:bb:
6b:c6:f1:a2:63:80:f3:5d:ff:ca:88:26:75:54:48:5f:ab:db:
aa:69:bb:e9:bd:4e:45:59:6d:01:e3:cf:4f:8f:e1:87:cd:cd:
6f:43:7d:b5:ec:b4:5d:ee:3f:b0:a5:0b:63:42:47:44:6e:95:
ef:49:e1:15:3d:f6:2c:b4:c1:98:24:a3:0f:92:92:ce:d1:0e:
8f:fb:ff:71:5b:79:ea:58:a3:63:24:0f:64:bc:5d:d6:ff:93:
4f:38:e1:78:65:47:0f:88:20:e8:23:48:92:93:fe:66:09:9a:
f3:01:a5:7c:4e:25:8b:68:a6:bf:fe:26:ac:28:43:bc:0d:c7:
37:43:f1:78
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQjafZGlomi/ZAU09lrSkb+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwMTAxMTk0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDI3ZDQzMDBkYWVkY2Q4M2E2YzVlNDgxNjZiODA4ZjhlZDAxMWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLiYSMpZqcMVTC7/tsmFY3b87wIM
mx0LWnmq2inesAMf3sjdP8Q7hck6DRpO8q1hjbVRJbop1Y7IEiqZ4FdL50ZMkfiW
cPvB1sSsk1GO9b5wpdtvWk4bcpQYOVA9Bbip3m8CGh44mThrlBOYx4d6Q6up1qId
/rj5tLM4kKx91+Zj9SCW1o46/onI21aFGTD3dvkaEtB/Q52wbEWiMLTlynUFbfOu
lsDWvcaa6UZkUsYhIRESgItVyAskFue4gnvpO2K8DysMbcDZq+hBpKn5UMdcPl6C
pEx2af/saWFcHd0dsXXSDNAFE7tIotglFS9NEmvzuKn+45EXuAXnau7O/QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFK0n1DANrtzYOmxeSBZrgI+O0BHxMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvclNmVU1BMnUzTmc2YkY1SUZtdUFqNDdRRWZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKhPgQAMF
AyoUEQADBQMqFGLAAwUDKhRqQDANBgkqhkiG9w0BAQsFAAOCAQEA0MEI3RnrA1L3
2NmIRPqMDI7iXn4rJ/ijQZSKzft2NTbIFwU97JnEup7Wad5JZNiJ02s7uk5kHOlY
e2rq6pkyraJEzPlYpsyGLs7aIM+4lSTGToKczAbdstET+bBVkbV2rl+MybE1881w
0297jzh2sMixbeXhv4LU73MxO9q7a8bxomOA813/yogmdVRIX6vbqmm76b1ORVlt
AePPT4/hh83Nb0N9tey0Xe4/sKULY0JHRG6V70nhFT32LLTBmCSjD5KSztEOj/v/
cVt56lijYyQPZLxd1v+TTzjheGVHD4gg6CNIkpP+Zgma8wGlfE4li2imv/4mrChD
vA3HN0PxeA==
-----END CERTIFICATE-----
Generated at Wed Feb 5 12:52:10 2025 by rpki-client