Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/qP-jXuSaDyX-KLf28SmZ2FNgcy0.roa
File: qP-jXuSaDyX-KLf28SmZ2FNgcy0.roa (raw, json)
Hash identifier: Kbjf/+O3HfesveDZWCNZ0/9rGVHOsj6v+3eYrij4QV0=
Subject key identifier: A8:FF:A3:5E:E4:9A:0F:25:FE:28:B7:F6:F1:29:99:D8:53:60:73:2D
Certificate issuer: /CN=f1479b83c520d784445c24828bab633f0d702cf3
Certificate serial: 0194DC45C1B395126FA3763C1EEBC99F2F0E
Authority key identifier: F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/qP-jXuSaDyX-KLf28SmZ2FNgcy0.roa
Signing time: Thu 06 Feb 2025 17:19:06 +0000
ROA not before: Thu 06 Feb 2025 17:19:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57877
IP address blocks: 2a05:5cc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 12 Feb 2025 16:57:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:dc:45:c1:b3:95:12:6f:a3:76:3c:1e:eb:c9:9f:2f:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1479b83c520d784445c24828bab633f0d702cf3
Validity
Not Before: Feb 6 17:19:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8ffa35ee49a0f25fe28b7f6f12999d85360732d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f7:fe:0c:13:b2:6f:c7:b8:a3:36:a0:74:22:
c6:21:bd:10:7c:99:4d:00:d5:b3:58:dd:71:e5:26:
be:ce:cf:3d:5a:68:d2:ad:3e:6c:81:59:fc:b9:2d:
f8:9e:22:e1:90:0c:1a:6f:4c:2b:5f:07:7d:a7:df:
cf:73:5b:1b:e1:75:71:c6:9d:31:6c:5e:f6:ab:08:
09:cc:3c:52:52:54:f0:75:0e:35:6e:81:71:29:ca:
8d:89:29:c3:df:26:46:ed:b4:50:57:96:27:e8:42:
ee:a8:f4:7a:5c:a2:1c:09:10:4c:45:0a:27:d5:fb:
18:96:fd:1f:f2:67:46:91:ac:a1:d7:bb:58:10:f7:
77:92:b1:30:b5:ef:8c:eb:b6:03:c9:5e:e2:9d:42:
ad:13:b2:72:6c:d2:38:04:51:bb:65:ef:6f:07:49:
fc:f5:0f:b2:1b:4f:50:6f:38:81:2b:9b:7e:03:39:
69:f0:82:de:84:43:3b:9d:41:d8:e1:45:1c:77:5f:
ae:26:3a:9b:b1:b3:da:6a:59:3b:b6:89:39:76:2c:
26:b8:77:ff:15:94:b6:91:f8:3a:ae:67:2e:f9:a2:
f0:b8:c6:d6:01:7b:6f:be:79:69:21:de:dd:1c:f3:
0f:92:71:f1:91:32:e8:67:a1:af:5c:52:ed:b3:df:
42:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:FF:A3:5E:E4:9A:0F:25:FE:28:B7:F6:F1:29:99:D8:53:60:73:2D
X509v3 Authority Key Identifier:
keyid:F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/qP-jXuSaDyX-KLf28SmZ2FNgcy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/8Uebg8Ug14REXCSCi6tjPw1wLPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:5cc0::/29
Signature Algorithm: sha256WithRSAEncryption
89:c8:4b:c3:df:d2:ba:98:02:71:fb:68:65:90:da:25:94:1e:
30:db:57:c9:fd:1d:e0:fc:a6:87:45:e1:b9:79:0f:3d:dd:3b:
6c:74:be:a2:03:a9:c6:ba:9e:e6:aa:d4:35:67:b1:f4:e6:76:
f3:d8:19:5a:76:c2:6d:9d:fc:79:78:ce:44:bc:2b:85:c6:30:
1c:69:77:e0:43:15:6d:12:fd:83:3a:4c:04:f1:8f:b4:8e:05:
f4:d6:a9:eb:27:e7:8c:9d:f2:51:3d:ff:6d:fb:ec:e4:04:75:
1b:72:b5:58:2a:9a:85:0b:af:1a:d7:3f:3f:7d:d7:25:0f:6f:
b4:04:f2:71:e1:22:fb:40:b8:96:05:33:2d:b4:05:36:7a:e0:
95:4f:31:80:2c:14:16:ac:96:ce:40:e9:f7:51:eb:fc:5e:0b:
e7:04:09:ab:b6:e8:8b:85:97:78:e8:e8:56:da:d1:64:52:bf:
cc:32:be:a7:cb:f6:f4:08:7c:be:9c:96:fb:2a:6c:9b:a0:96:
b6:90:c2:3a:8f:f5:44:3f:f6:6b:80:eb:74:ce:4a:39:52:26:
fc:2c:34:10:79:f1:d5:13:37:46:fa:50:c5:37:d7:0c:44:21:
47:72:5c:38:7a:39:16:d8:0f:ae:77:96:e8:4e:32:61:08:de:
3d:74:40:48
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZTcRcGzlRJvo3Y8HuvJny8OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNDc5YjgzYzUyMGQ3ODQ0NDVjMjQ4MjhiYWI2MzNmMGQ3
MDJjZjMwHhcNMjUwMjA2MTcxOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGZmYTM1ZWU0OWEwZjI1ZmUyOGI3ZjZmMTI5OTlkODUzNjA3MzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/f+DBOyb8e4ozagdCLGIb0QfJlN
ANWzWN1x5Sa+zs89WmjSrT5sgVn8uS34niLhkAwab0wrXwd9p9/Pc1sb4XVxxp0x
bF72qwgJzDxSUlTwdQ41boFxKcqNiSnD3yZG7bRQV5Yn6ELuqPR6XKIcCRBMRQon
1fsYlv0f8mdGkayh17tYEPd3krEwte+M67YDyV7inUKtE7JybNI4BFG7Ze9vB0n8
9Q+yG09QbziBK5t+Azlp8ILehEM7nUHY4UUcd1+uJjqbsbPaalk7tok5diwmuHf/
FZS2kfg6rmcu+aLwuMbWAXtvvnlpId7dHPMPknHxkTLoZ6GvXFLts99CnQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKj/o17kmg8l/ii39vEpmdhTYHMtMB8GA1UdIwQY
MBaAFPFHm4PFINeERFwkgourYz8NcCzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEt
YmRkNGFmNWYzNWQxLzEvcVAtalh1U2FEeVgtS0xmMjhTbVoyRk5nY3kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEtYmRkNGFmNWYzNWQx
LzEvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgVcwDAN
BgkqhkiG9w0BAQsFAAOCAQEAichLw9/SupgCcftoZZDaJZQeMNtXyf0d4Pymh0Xh
uXkPPd07bHS+ogOpxrqe5qrUNWex9OZ289gZWnbCbZ38eXjORLwrhcYwHGl34EMV
bRL9gzpMBPGPtI4F9Nap6yfnjJ3yUT3/bfvs5AR1G3K1WCqahQuvGtc/P33XJQ9v
tATyceEi+0C4lgUzLbQFNnrglU8xgCwUFqyWzkDp91Hr/F4L5wQJq7boi4WXeOjo
VtrRZFK/zDK+p8v29Ah8vpyW+ypsm6CWtpDCOo/1RD/2a4DrdM5KOVIm/Cw0EHnx
1RM3RvpQxTfXDEQhR3JcOHo5FtgPrneW6E4yYQjePXRASA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:11:16 2025 by rpki-client