Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/2d9d80-b8bf-465a-a291-9f74facae8f1/1/vUStYqn1Ok_xDP04c7HMA9XzVKQ.roa
File: vUStYqn1Ok_xDP04c7HMA9XzVKQ.roa (raw, json)
Hash identifier: J76Gp5g8HVvMjYrtkfA8OZhpxOzHxsaFXV/nrty81E4=
Subject key identifier: BD:44:AD:62:A9:F5:3A:4F:F1:0C:FD:38:73:B1:CC:03:D5:F3:54:A4
Certificate issuer: /CN=f709528b8828b4d826355e2c52237d642071cd54
Certificate serial: 0194266C16F61C50EE5506BCFC625FC4D7FB
Authority key identifier: F7:09:52:8B:88:28:B4:D8:26:35:5E:2C:52:23:7D:64:20:71:CD:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9wlSi4gotNgmNV4sUiN9ZCBxzVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/2d9d80-b8bf-465a-a291-9f74facae8f1/1/vUStYqn1Ok_xDP04c7HMA9XzVKQ.roa
Signing time: Thu 02 Jan 2025 09:50:05 +0000
ROA not before: Thu 02 Jan 2025 09:50:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215759
IP address blocks: 2a14:6680::/48 maxlen: 48
2a14:6680:1000::/48 maxlen: 48
2a14:6680:2000::/48 maxlen: 48
2a14:6680:2001::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 09 Jan 2025 15:59:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:16:f6:1c:50:ee:55:06:bc:fc:62:5f:c4:d7:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f709528b8828b4d826355e2c52237d642071cd54
Validity
Not Before: Jan 2 09:50:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd44ad62a9f53a4ff10cfd3873b1cc03d5f354a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ff:ae:be:85:03:84:10:2a:42:1a:ab:d7:a4:
5c:41:95:b8:4b:45:53:42:f9:61:02:a7:d0:40:b6:
db:cf:f7:36:63:e9:d0:c2:08:bc:ee:33:ea:a8:35:
f5:4a:c0:59:4d:c4:44:32:69:13:9e:27:d6:e9:83:
d0:d2:8e:80:7a:46:09:9b:48:b7:0b:88:4a:54:2f:
9b:2e:88:5f:31:13:27:99:bb:94:b6:c0:d9:57:31:
e9:4c:26:c7:c8:68:c7:35:79:d8:31:f5:3e:08:c1:
80:fb:9a:eb:04:4e:5f:02:2a:5a:d5:eb:5c:be:7b:
f0:b9:12:0d:3b:7a:b2:6f:85:99:4f:a3:cb:c6:ba:
b4:fb:dc:1a:0d:60:b4:fe:12:03:f4:71:97:5f:33:
94:6a:ce:35:b0:c2:1a:20:73:ff:95:0f:57:1f:80:
cb:8c:d5:5c:ba:79:df:97:db:46:05:75:53:2c:49:
69:41:78:60:80:2b:c9:9b:01:aa:02:2c:3f:f5:70:
f1:12:9e:32:f9:3c:fd:81:62:4d:7f:43:fc:f6:28:
88:a2:6d:df:6c:80:2c:7e:ae:72:a2:a7:a4:de:b9:
36:18:f8:c1:2d:99:2f:d6:1d:cd:40:eb:82:4f:8b:
ce:5a:06:90:2b:ec:b9:50:eb:ac:b8:87:af:0d:c4:
5f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:44:AD:62:A9:F5:3A:4F:F1:0C:FD:38:73:B1:CC:03:D5:F3:54:A4
X509v3 Authority Key Identifier:
keyid:F7:09:52:8B:88:28:B4:D8:26:35:5E:2C:52:23:7D:64:20:71:CD:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9wlSi4gotNgmNV4sUiN9ZCBxzVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/2d9d80-b8bf-465a-a291-9f74facae8f1/1/vUStYqn1Ok_xDP04c7HMA9XzVKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/2d9d80-b8bf-465a-a291-9f74facae8f1/1/9wlSi4gotNgmNV4sUiN9ZCBxzVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:6680::/48
2a14:6680:1000::/48
2a14:6680:2000::/47
Signature Algorithm: sha256WithRSAEncryption
60:7d:3d:34:29:a7:0b:36:f1:3d:7e:da:c0:7a:01:c7:0c:b9:
f3:8f:a1:be:5a:43:0a:47:a7:77:86:96:cd:a1:d2:58:be:51:
2e:8c:d9:e2:a3:6b:37:6e:77:e1:8b:d5:9b:54:17:cd:21:61:
7b:92:1e:4e:31:56:d6:e4:c0:95:82:53:ae:4b:91:71:67:80:
dd:6f:02:1f:5e:6c:1d:54:63:49:be:f2:81:58:0c:46:2f:5c:
a1:d2:d3:39:2f:68:4d:30:6c:fd:ca:a1:d6:ec:a2:f0:1f:0e:
45:ea:d1:85:13:b8:4a:e3:86:60:a1:78:e4:ca:69:c1:8e:54:
68:10:7c:75:6c:1a:f0:f4:bd:30:ad:6a:8e:4e:fe:b2:af:58:
a0:c3:a6:a4:a4:55:43:58:55:9d:90:38:7e:89:98:73:2e:96:
4b:6d:db:b7:7d:03:d2:44:f6:0e:36:d8:ca:d4:5e:1b:af:c2:
15:b1:d2:6b:02:07:6c:ed:55:19:e0:9f:ae:39:4c:94:3e:2c:
00:c3:98:ba:84:d1:32:d5:c9:34:bd:1a:04:98:e1:4a:13:35:
ca:a4:82:34:10:7c:3f:66:3c:c3:10:b0:c8:2e:48:d2:f3:4f:
72:92:5d:22:04:64:b0:f0:c1:4b:ec:53:2d:f8:78:22:0f:a8:
ff:32:69:e3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQmbBb2HFDuVQa8/GJfxNf7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3MDk1MjhiODgyOGI0ZDgyNjM1NWUyYzUyMjM3ZDY0MjA3
MWNkNTQwHhcNMjUwMTAyMDk1MDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDQ0YWQ2MmE5ZjUzYTRmZjEwY2ZkMzg3M2IxY2MwM2Q1ZjM1NGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuf+uvoUDhBAqQhqr16RcQZW4S0VT
QvlhAqfQQLbbz/c2Y+nQwgi87jPqqDX1SsBZTcREMmkTnifW6YPQ0o6AekYJm0i3
C4hKVC+bLohfMRMnmbuUtsDZVzHpTCbHyGjHNXnYMfU+CMGA+5rrBE5fAipa1etc
vnvwuRINO3qyb4WZT6PLxrq0+9waDWC0/hID9HGXXzOUas41sMIaIHP/lQ9XH4DL
jNVcunnfl9tGBXVTLElpQXhggCvJmwGqAiw/9XDxEp4y+Tz9gWJNf0P89iiIom3f
bIAsfq5yoqek3rk2GPjBLZkv1h3NQOuCT4vOWgaQK+y5UOusuIevDcRfrwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFL1ErWKp9TpP8Qz9OHOxzAPV81SkMB8GA1UdIwQY
MBaAFPcJUouIKLTYJjVeLFIjfWQgcc1UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXdsU2k0Z290TmdtTlY0c1VpTjlaQ0J4elZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8yZDlkODAtYjhiZi00NjVhLWEyOTEt
OWY3NGZhY2FlOGYxLzEvdlVTdFlxbjFPa194RFAwNGM3SE1BOVh6VktRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8yZDlkODAtYjhiZi00NjVhLWEyOTEtOWY3NGZhY2FlOGYx
LzEvOXdsU2k0Z290TmdtTlY0c1VpTjlaQ0J4elZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKhRmgAAA
AwcAKhRmgBAAAwcBKhRmgCAAMA0GCSqGSIb3DQEBCwUAA4IBAQBgfT00KacLNvE9
ftrAegHHDLnzj6G+WkMKR6d3hpbNodJYvlEujNnio2s3bnfhi9WbVBfNIWF7kh5O
MVbW5MCVglOuS5FxZ4DdbwIfXmwdVGNJvvKBWAxGL1yh0tM5L2hNMGz9yqHW7KLw
Hw5F6tGFE7hK44ZgoXjkymnBjlRoEHx1bBrw9L0wrWqOTv6yr1igw6akpFVDWFWd
kDh+iZhzLpZLbdu3fQPSRPYONtjK1F4br8IVsdJrAgds7VUZ4J+uOUyUPiwAw5i6
hNEy1ck0vRoEmOFKEzXKpII0EHw/ZjzDELDILkjS809ykl0iBGSw8MFL7FMt+Hgi
D6j/Mmnj
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:55:23 2025 by rpki-client