Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/rtk39vJG7NahhGiSQzPEKKH4-Mo.roa
File: rtk39vJG7NahhGiSQzPEKKH4-Mo.roa (raw, json)
Hash identifier: qC+MAG4edwG50pXzIEcJGBjhEvwNUs3ZEyY9livcMmw=
Subject key identifier: AE:D9:37:F6:F2:46:EC:D6:A1:84:68:92:43:33:C4:28:A1:F8:F8:CA
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0195684F4304800D5692006FCB3DC912BD68
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/rtk39vJG7NahhGiSQzPEKKH4-Mo.roa
Signing time: Wed 05 Mar 2025 21:56:19 +0000
ROA not before: Wed 05 Mar 2025 21:56:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36680
IP address blocks: 2a13:c3c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 06 Mar 2025 22:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:68:4f:43:04:80:0d:56:92:00:6f:cb:3d:c9:12:bd:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Mar 5 21:56:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aed937f6f246ecd6a18468924333c428a1f8f8ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:92:3b:9a:4c:5c:f7:66:4a:14:43:53:0c:f9:
21:fa:bb:20:1a:bd:63:9d:a3:3b:da:ea:84:eb:fc:
94:be:11:d5:38:40:0e:78:4b:a6:0c:0a:68:a0:9b:
f8:3c:08:e5:76:42:10:65:e9:25:55:67:69:36:04:
8f:b1:e7:38:24:e3:07:ae:7f:ee:61:de:19:9f:a5:
06:5f:3e:85:86:92:36:6d:b9:c9:32:0d:24:a1:3b:
16:26:17:f9:3e:ce:a2:79:8b:69:3b:05:f5:f4:22:
85:3d:f8:cf:b3:65:65:1c:1b:ab:4b:e0:2e:b1:5e:
05:16:e0:2c:2f:0e:15:13:60:5a:d1:6b:b8:9f:f4:
4b:28:20:ef:94:ac:4f:15:be:38:3a:66:f6:af:18:
d1:8e:c0:50:28:87:91:5e:fc:7d:80:e1:a9:d8:0c:
3e:df:c3:d6:12:6e:13:f1:d2:18:7f:97:16:80:5f:
dc:26:48:af:62:fd:59:ed:35:21:48:df:51:02:38:
62:40:b3:f9:cf:f2:0c:5b:fe:59:67:ff:8f:6b:31:
78:7a:bb:49:2c:e5:b4:5d:4e:02:99:e1:96:24:91:
36:2f:a3:7c:67:f6:a1:41:5d:68:32:43:7b:3d:6f:
c4:f4:54:a4:66:dc:17:1f:47:c9:b8:ea:b8:e0:66:
dd:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:D9:37:F6:F2:46:EC:D6:A1:84:68:92:43:33:C4:28:A1:F8:F8:CA
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/rtk39vJG7NahhGiSQzPEKKH4-Mo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:c3c0::/29
Signature Algorithm: sha256WithRSAEncryption
50:72:80:9f:c8:5d:d0:d7:0e:9a:72:d7:a1:4f:56:cc:45:8c:
ed:90:da:29:d4:3b:4c:f6:88:37:fd:e9:ac:93:ee:7c:a2:94:
a0:cf:f9:79:a6:ca:c4:6d:01:27:d9:8b:19:eb:76:8f:3c:d4:
5d:54:c9:97:c2:67:c1:d6:79:5b:76:9f:f5:d6:fa:5e:95:d5:
9d:0d:0e:e4:12:a4:02:a4:a0:dd:bd:87:f6:53:b3:a3:2f:fc:
4a:6d:79:e1:34:08:aa:ee:aa:f3:70:f2:65:60:08:79:c9:d3:
98:3c:9e:f4:16:9d:57:d6:be:07:c8:99:e0:b7:70:4f:13:7d:
b3:65:81:e5:72:0d:5a:33:8d:99:ae:e9:2c:d4:45:05:ba:68:
5b:1d:73:a8:28:bd:de:19:9a:be:18:81:e2:c7:3c:5b:bf:a1:
55:e7:96:f7:d4:14:57:5b:70:1d:5d:7f:ea:41:4e:25:75:c7:
f7:1a:bc:0a:7f:aa:44:cc:1d:55:49:02:02:97:fd:76:0f:3b:
97:93:20:f2:ba:57:34:d7:80:d3:1d:d0:3b:96:63:7c:17:99:
8b:28:7d:8d:3d:69:9b:1e:da:9c:98:a6:18:12:65:44:53:49:
e7:5f:47:71:3a:15:18:45:89:bd:3f:d0:a1:88:3c:a4:cb:80:
c0:8a:90:8c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZVoT0MEgA1WkgBvyz3JEr1oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwMzA1MjE1NjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWQ5MzdmNmYyNDZlY2Q2YTE4NDY4OTI0MzMzYzQyOGExZjhmOGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJI7mkxc92ZKFENTDPkh+rsgGr1j
naM72uqE6/yUvhHVOEAOeEumDApooJv4PAjldkIQZeklVWdpNgSPsec4JOMHrn/u
Yd4Zn6UGXz6FhpI2bbnJMg0koTsWJhf5Ps6ieYtpOwX19CKFPfjPs2VlHBurS+Au
sV4FFuAsLw4VE2Ba0Wu4n/RLKCDvlKxPFb44Omb2rxjRjsBQKIeRXvx9gOGp2Aw+
38PWEm4T8dIYf5cWgF/cJkivYv1Z7TUhSN9RAjhiQLP5z/IMW/5ZZ/+PazF4ertJ
LOW0XU4CmeGWJJE2L6N8Z/ahQV1oMkN7PW/E9FSkZtwXH0fJuOq44GbdOwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFK7ZN/byRuzWoYRokkMzxCih+PjKMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvcnRrMzl2Skc3TmFoaEdpU1F6UEVLS0g0LU1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPDwDAN
BgkqhkiG9w0BAQsFAAOCAQEAUHKAn8hd0NcOmnLXoU9WzEWM7ZDaKdQ7TPaIN/3p
rJPufKKUoM/5eabKxG0BJ9mLGet2jzzUXVTJl8JnwdZ5W3af9db6XpXVnQ0O5BKk
AqSg3b2H9lOzoy/8Sm154TQIqu6q83DyZWAIecnTmDye9BadV9a+B8iZ4LdwTxN9
s2WB5XINWjONma7pLNRFBbpoWx1zqCi93hmavhiB4sc8W7+hVeeW99QUV1twHV1/
6kFOJXXH9xq8Cn+qRMwdVUkCApf9dg87l5Mg8rpXNNeA0x3QO5ZjfBeZiyh9jT1p
mx7anJimGBJlRFNJ519HcToVGEWJvT/QoYg8pMuAwIqQjA==
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:07:33 2025 by rpki-client