Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/4sOFinBM18atvY6Fv1612lYQpmA.roa
File: 4sOFinBM18atvY6Fv1612lYQpmA.roa (raw, json)
Hash identifier: hP4WUNiLHqK2xMKQRWURa0A1VUH/QaVlQOkubW3EQ1o=
Subject key identifier: E2:C3:85:8A:70:4C:D7:C6:AD:BD:8E:85:BF:5E:B5:DA:56:10:A6:60
Certificate issuer: /CN=d914da56e1a934649da02964ac12eba34c5cb84f
Certificate serial: 0194258E38451D54F9F3ED730FCB7BCA62AE
Authority key identifier: D9:14:DA:56:E1:A9:34:64:9D:A0:29:64:AC:12:EB:A3:4C:5C:B8:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2RTaVuGpNGSdoClkrBLro0xcuE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/4sOFinBM18atvY6Fv1612lYQpmA.roa
Signing time: Thu 02 Jan 2025 05:47:44 +0000
ROA not before: Thu 02 Jan 2025 05:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197477
IP address blocks: 2a13:e3c0::/32 maxlen: 48
2a13:e3c1::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 03 Feb 2025 10:09:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:38:45:1d:54:f9:f3:ed:73:0f:cb:7b:ca:62:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d914da56e1a934649da02964ac12eba34c5cb84f
Validity
Not Before: Jan 2 05:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e2c3858a704cd7c6adbd8e85bf5eb5da5610a660
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c2:dd:d6:74:ab:6c:33:dc:96:51:2e:d7:76:
ab:47:a2:5c:e6:0a:70:3e:d6:d0:bc:17:44:e3:c4:
c4:ec:91:c1:64:db:66:1a:76:8b:76:2b:fd:14:1b:
08:08:51:d4:0d:f8:d1:8d:96:ad:ab:5b:21:1c:2a:
11:52:3a:30:69:5d:a8:e9:7e:4b:3c:8c:06:e6:ae:
67:5e:f0:c1:22:21:58:a2:c8:08:6e:d1:14:48:ec:
e1:6f:34:f6:dc:d7:36:e4:e1:f9:e7:74:e4:6a:d5:
a0:ff:44:1d:d1:71:cc:1b:45:b8:c7:28:17:aa:40:
e0:05:61:74:33:f8:15:b3:4c:31:40:f9:ea:7d:18:
61:d4:32:89:c5:43:62:2d:e0:37:f5:b6:19:e0:62:
0a:dd:d0:64:5a:15:cc:f8:1e:22:b5:e7:b5:01:40:
0a:6e:b1:91:5b:cb:79:76:37:44:25:15:b9:31:0e:
8b:47:98:17:46:b9:82:73:c2:33:46:7d:fe:06:3c:
fe:19:9a:08:80:12:91:fe:7f:4e:e3:77:b3:33:e1:
64:35:db:97:de:1d:5c:bf:63:df:3e:86:bc:4b:54:
4d:0f:c5:0b:89:10:f4:10:19:5a:20:e6:ee:06:d9:
fa:4a:c6:22:35:e4:c4:e3:94:3a:46:c6:12:3e:9a:
c4:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:C3:85:8A:70:4C:D7:C6:AD:BD:8E:85:BF:5E:B5:DA:56:10:A6:60
X509v3 Authority Key Identifier:
keyid:D9:14:DA:56:E1:A9:34:64:9D:A0:29:64:AC:12:EB:A3:4C:5C:B8:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2RTaVuGpNGSdoClkrBLro0xcuE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/4sOFinBM18atvY6Fv1612lYQpmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/2RTaVuGpNGSdoClkrBLro0xcuE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:e3c0::/31
Signature Algorithm: sha256WithRSAEncryption
65:37:cd:e2:15:91:f0:17:e5:d6:e2:f6:a2:cb:50:39:85:27:
d2:3d:f4:b4:90:e2:7e:02:68:68:de:c7:1c:fa:d4:ea:d4:d0:
d7:5e:8a:07:b6:79:9e:14:75:b4:43:4e:7e:76:5c:c0:58:df:
b2:19:9c:a8:d2:cf:e7:3a:c9:60:39:32:0f:f4:5a:8f:e2:d7:
ab:44:11:ad:f3:4b:ea:62:2c:ee:b7:63:36:49:da:05:90:29:
f1:a0:15:5f:f4:0f:25:44:bb:40:2d:3f:af:48:89:a4:62:de:
0f:54:9a:68:64:66:3f:5e:43:fe:0f:16:de:d9:53:e7:7c:b7:
27:45:e4:7b:fe:22:28:51:79:15:75:7c:65:98:10:4c:d2:da:
93:c5:0f:ad:43:dd:7b:20:6b:ae:14:b3:bf:5b:9a:5e:4f:10:
d5:bb:fb:06:22:8b:e3:92:76:e4:c6:1d:5b:d1:19:67:ec:da:
71:e1:ef:0e:d9:af:d1:36:92:fd:5e:6c:58:bc:f5:b2:63:e6:
52:aa:13:0c:d8:32:a1:89:c6:f0:8c:35:46:7b:15:39:3a:fe:
8f:4f:cd:6e:a2:5c:a6:82:c7:77:3e:d9:bb:25:12:4f:fc:bd:
71:cd:1c:72:a6:15:94:b6:7d:50:2e:df:24:dd:2c:17:6f:63:
40:29:cf:45
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQljjhFHVT58+1zD8t7ymKuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MTRkYTU2ZTFhOTM0NjQ5ZGEwMjk2NGFjMTJlYmEzNGM1
Y2I4NGYwHhcNMjUwMTAyMDU0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmMzODU4YTcwNGNkN2M2YWRiZDhlODViZjVlYjVkYTU2MTBhNjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMLd1nSrbDPcllEu13arR6Jc5gpw
PtbQvBdE48TE7JHBZNtmGnaLdiv9FBsICFHUDfjRjZatq1shHCoRUjowaV2o6X5L
PIwG5q5nXvDBIiFYosgIbtEUSOzhbzT23Nc25OH553TkatWg/0Qd0XHMG0W4xygX
qkDgBWF0M/gVs0wxQPnqfRhh1DKJxUNiLeA39bYZ4GIK3dBkWhXM+B4itee1AUAK
brGRW8t5djdEJRW5MQ6LR5gXRrmCc8IzRn3+Bjz+GZoIgBKR/n9O43ezM+FkNduX
3h1cv2PfPoa8S1RND8ULiRD0EBlaIObuBtn6SsYiNeTE45Q6RsYSPprEVQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOLDhYpwTNfGrb2Ohb9etdpWEKZgMB8GA1UdIwQY
MBaAFNkU2lbhqTRknaApZKwS66NMXLhPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlJUYVZ1R3BOR1Nkb0Nsa3JCTHJvMHhjdUU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS83YTExYjUtYTQwNS00MWNiLTgxY2It
ZjZiY2NmMWU1MzFmLzEvNHNPRmluQk0xOGF0dlk2RnYxNjEybFlRcG1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS83YTExYjUtYTQwNS00MWNiLTgxY2ItZjZiY2NmMWU1MzFm
LzEvMlJUYVZ1R3BOR1Nkb0Nsa3JCTHJvMHhjdUU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUBKhPjwDAN
BgkqhkiG9w0BAQsFAAOCAQEAZTfN4hWR8Bfl1uL2ostQOYUn0j30tJDifgJoaN7H
HPrU6tTQ116KB7Z5nhR1tENOfnZcwFjfshmcqNLP5zrJYDkyD/Raj+LXq0QRrfNL
6mIs7rdjNknaBZAp8aAVX/QPJUS7QC0/r0iJpGLeD1SaaGRmP15D/g8W3tlT53y3
J0Xke/4iKFF5FXV8ZZgQTNLak8UPrUPdeyBrrhSzv1uaXk8Q1bv7BiKL45J25MYd
W9EZZ+zaceHvDtmv0TaS/V5sWLz1smPmUqoTDNgyoYnG8Iw1RnsVOTr+j0/NbqJc
poLHdz7ZuyUST/y9cc0ccqYVlLZ9UC7fJN0sF29jQCnPRQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:39:49 2025 by rpki-client