Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/v63xe3BPDbaGW71CeUEucLqHO5w.roa
File: v63xe3BPDbaGW71CeUEucLqHO5w.roa (raw, json)
Hash identifier: YnQ3Z3MDwOLgB/ge+F1j2qEhLvZJkxVF2x8iqlpFbFU=
Subject key identifier: BF:AD:F1:7B:70:4F:0D:B6:86:5B:BD:42:79:41:2E:70:BA:87:3B:9C
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0193FD6E857BC550B2835ED6935EE1C66947
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/v63xe3BPDbaGW71CeUEucLqHO5w.roa
Signing time: Wed 25 Dec 2024 10:48:18 +0000
ROA not before: Wed 25 Dec 2024 10:48:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212477
IP address blocks: 2a0b:ac00::/29 maxlen: 29
2a0f:9b40::/29 maxlen: 29
2a13:c240::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 28 Dec 2024 13:09:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:fd:6e:85:7b:c5:50:b2:83:5e:d6:93:5e:e1:c6:69:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Dec 25 10:48:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bfadf17b704f0db6865bbd4279412e70ba873b9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:e1:fb:fc:de:c8:60:8b:8f:c9:cf:57:45:f9:
8d:74:55:ee:fb:57:f0:78:7b:4c:d2:e6:18:32:b5:
8c:96:02:08:53:a0:d8:80:79:61:3b:fc:cd:2f:c2:
f3:d2:ce:92:6b:84:09:8e:09:3f:6a:31:12:f7:81:
d3:01:67:08:7e:b3:5b:f8:d2:bc:0c:f9:f2:73:d0:
de:3c:a6:01:99:53:1a:2b:2b:38:03:d9:06:b5:d1:
59:5d:6b:28:63:ba:31:e3:2a:c5:00:0e:a4:06:74:
d4:47:96:ed:ba:0f:7d:9e:37:96:b9:7e:4b:16:84:
1a:e0:e8:92:ba:99:53:15:48:99:9d:4b:26:b0:55:
33:8c:cd:4d:bf:04:23:c5:87:c1:4b:ea:62:40:9a:
94:56:ce:a9:c8:c4:0e:3a:ce:1d:ed:d7:22:85:99:
8f:03:b9:d8:d6:18:d9:4c:9b:fe:80:01:b9:fa:60:
08:d8:42:6d:a4:bf:ee:b6:07:ad:a1:f6:4c:a0:d3:
f2:d9:f7:fa:a5:9b:73:28:78:cb:a9:8d:23:ae:6a:
a9:55:a2:cd:42:18:21:eb:c0:96:eb:56:27:a7:9e:
53:af:7d:fd:b8:93:0a:f4:ad:6d:77:c6:6f:34:9b:
62:52:e3:e1:8f:10:3f:f4:d3:76:ae:d8:58:42:96:
98:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:AD:F1:7B:70:4F:0D:B6:86:5B:BD:42:79:41:2E:70:BA:87:3B:9C
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/v63xe3BPDbaGW71CeUEucLqHO5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:ac00::/29
2a0f:9b40::/29
2a13:c240::/29
Signature Algorithm: sha256WithRSAEncryption
4a:24:71:65:87:b6:4a:12:60:3e:97:9f:22:14:2c:42:62:bb:
fe:f1:3a:48:d6:55:49:99:8e:19:fd:15:94:b2:e9:e4:01:ff:
49:c0:9b:91:1e:75:3d:89:16:35:6f:8d:ea:81:df:16:89:22:
19:bd:be:6e:12:d5:45:7a:64:0b:e8:d3:15:0e:e6:12:70:42:
e4:84:34:18:18:e8:89:86:f7:e9:07:02:7e:93:fc:a1:29:ba:
8c:11:72:68:4e:46:5a:bb:3a:96:96:e6:90:54:fb:1f:9c:95:
94:aa:da:85:21:6d:af:be:f9:78:e9:ea:2f:a4:fe:3d:52:2f:
2c:d0:cb:2b:04:50:cf:6d:82:76:9e:96:6d:38:a1:ea:fd:dd:
15:18:d2:bc:f4:6e:87:0d:8d:98:9b:86:f8:74:4d:f5:af:76:
6a:fe:22:21:fc:3c:f2:d1:ad:45:3a:91:c8:15:a3:bc:70:58:
78:75:4b:bb:cf:97:9c:0c:10:33:b9:a0:79:a8:aa:c0:5d:57:
9a:2c:f0:0b:7b:26:10:05:e9:96:ad:19:c5:9c:18:52:2f:2d:
44:93:6f:ce:1d:a7:a5:70:f4:66:6d:e4:e9:a8:57:e2:9d:46:
68:af:5f:51:2f:eb:88:a8:b7:b2:78:1e:84:31:e1:07:71:a8:
47:b1:db:fa
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZP9boV7xVCyg17Wk17hxmlHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQxMjI1MTA0ODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmFkZjE3YjcwNGYwZGI2ODY1YmJkNDI3OTQxMmU3MGJhODczYjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+H7/N7IYIuPyc9XRfmNdFXu+1fw
eHtM0uYYMrWMlgIIU6DYgHlhO/zNL8Lz0s6Sa4QJjgk/ajES94HTAWcIfrNb+NK8
DPnyc9DePKYBmVMaKys4A9kGtdFZXWsoY7ox4yrFAA6kBnTUR5btug99njeWuX5L
FoQa4OiSuplTFUiZnUsmsFUzjM1NvwQjxYfBS+piQJqUVs6pyMQOOs4d7dcihZmP
A7nY1hjZTJv+gAG5+mAI2EJtpL/utgetofZMoNPy2ff6pZtzKHjLqY0jrmqpVaLN
Qhgh68CW61Ynp55Tr339uJMK9K1td8ZvNJtiUuPhjxA/9NN2rthYQpaYeQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL+t8XtwTw22hlu9QnlBLnC6hzucMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvdjYzeGUzQlBEYmFHVzcxQ2VVRXVjTHFITzV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgusAAMF
AyoPm0ADBQMqE8JAMA0GCSqGSIb3DQEBCwUAA4IBAQBKJHFlh7ZKEmA+l58iFCxC
Yrv+8TpI1lVJmY4Z/RWUsunkAf9JwJuRHnU9iRY1b43qgd8WiSIZvb5uEtVFemQL
6NMVDuYScELkhDQYGOiJhvfpBwJ+k/yhKbqMEXJoTkZauzqWluaQVPsfnJWUqtqF
IW2vvvl46eovpP49Ui8s0MsrBFDPbYJ2npZtOKHq/d0VGNK89G6HDY2Ym4b4dE31
r3Zq/iIh/Dzy0a1FOpHIFaO8cFh4dUu7z5ecDBAzuaB5qKrAXVeaLPALeyYQBemW
rRnFnBhSLy1Ek2/OHaelcPRmbeTpqFfinUZor19RL+uIqLeyeB6EMeEHcahHsdv6
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:36:04 2025 by rpki-client