Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/tel6lVo3TN9rbNVDHN3bzJ8vpSE.roa
File: tel6lVo3TN9rbNVDHN3bzJ8vpSE.roa (raw, json)
Hash identifier: lTK3RmV9Tdh/4VrFV+ShUcbw6BOf+mhJXMz78lAM/ok=
Subject key identifier: B5:E9:7A:95:5A:37:4C:DF:6B:6C:D5:43:1C:DD:DB:CC:9F:2F:A5:21
Certificate issuer: /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial: 01955D8348EDC44653C7FA0A4896D26E4F91
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/tel6lVo3TN9rbNVDHN3bzJ8vpSE.roa
Signing time: Mon 03 Mar 2025 19:37:19 +0000
ROA not before: Mon 03 Mar 2025 19:37:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 2a09:6905::/32 maxlen: 32
2a0f:4303::/32 maxlen: 32
2a12:cc03::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 12 Mar 2025 15:56:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5d:83:48:ed:c4:46:53:c7:fa:0a:48:96:d2:6e:4f:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Validity
Not Before: Mar 3 19:37:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5e97a955a374cdf6b6cd5431cdddbcc9f2fa521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:0a:a9:6e:20:91:34:80:de:d1:2c:ed:51:85:
98:b2:30:bf:04:f7:34:c1:f1:ee:2d:47:4c:76:d5:
a5:a5:aa:c9:09:15:3c:1a:d6:85:44:33:5f:03:3e:
27:3f:8c:ce:91:e3:8a:bf:7d:8c:18:72:4b:ca:50:
ad:0f:18:36:bc:df:91:3b:8d:17:50:c3:63:1a:87:
41:65:e2:77:95:15:3d:4c:12:cc:3c:00:ec:b6:1a:
28:2a:7d:f8:44:03:ec:de:ae:55:5e:83:1a:ce:31:
99:df:48:60:2b:ec:f1:54:24:e2:56:d0:51:9b:d3:
fb:87:0a:4c:2a:7b:e5:18:15:93:fc:98:c9:a7:93:
74:5e:66:09:ef:b8:14:45:90:0e:49:18:22:41:c5:
c4:b1:f9:68:48:95:12:d6:f1:78:2a:91:d5:35:37:
70:b6:f2:7f:89:6f:d9:f8:ba:18:2c:5f:81:07:9c:
46:94:e3:3b:3e:20:39:04:8f:0a:7c:12:04:60:6f:
11:b9:9c:d1:33:3f:2c:ef:bb:4b:b0:e6:b7:4c:cb:
8a:70:1a:87:7b:9b:35:83:c7:9a:b4:c9:0f:0a:60:
7b:d6:db:6b:10:45:da:1d:a0:31:23:5e:b0:5f:9f:
9d:f5:dd:81:49:9c:b3:65:5f:06:d8:4f:69:f0:dd:
5a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:E9:7A:95:5A:37:4C:DF:6B:6C:D5:43:1C:DD:DB:CC:9F:2F:A5:21
X509v3 Authority Key Identifier:
keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/tel6lVo3TN9rbNVDHN3bzJ8vpSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:6905::/32
2a0f:4303::/32
2a12:cc03::/32
Signature Algorithm: sha256WithRSAEncryption
93:76:23:2c:39:13:4b:2f:86:14:4d:d9:d7:27:13:cb:6d:98:
cc:f2:87:9e:b6:65:9d:89:cc:f1:eb:fe:13:2d:c1:38:a0:5c:
34:c9:c2:20:61:ef:21:68:2c:0f:52:9b:d6:d8:87:c5:ce:e4:
82:2d:92:e6:ec:72:7f:d1:da:5d:e5:4e:80:3c:05:7f:c5:06:
f4:8a:0e:d6:00:7a:48:77:16:6a:de:28:6a:ad:2e:d1:ff:91:
f4:c3:3a:fa:1b:a3:2f:92:4f:54:87:a5:e6:fe:ee:5a:0d:08:
2a:1a:05:b4:ac:86:56:0b:10:a0:ac:26:a6:35:1e:a1:66:f7:
7b:01:dd:b9:47:85:f5:a4:91:7e:bf:53:f5:a0:5a:24:32:2e:
8c:f0:75:df:82:ef:f7:fa:87:1e:2f:ba:47:7a:06:59:d9:79:
f5:8d:6d:08:fc:7b:42:0e:00:7e:66:ac:88:68:45:03:4d:05:
d4:4a:7f:e8:ab:30:5e:11:25:5c:3c:19:3d:74:aa:41:c0:c3:
44:b1:c3:0e:75:3a:68:02:7c:08:dc:91:f2:08:19:14:47:e5:
4c:bc:a2:fd:53:75:db:c5:e5:20:2e:a9:bc:55:84:e4:67:00:
ef:d8:9b:78:32:77:96:97:ce:df:93:02:d0:15:40:1b:9f:b4:
0c:47:de:5e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZVdg0jtxEZTx/oKSJbSbk+RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjUwMzAzMTkzNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWU5N2E5NTVhMzc0Y2RmNmI2Y2Q1NDMxY2RkZGJjYzlmMmZhNTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6wqpbiCRNIDe0SztUYWYsjC/BPc0
wfHuLUdMdtWlparJCRU8GtaFRDNfAz4nP4zOkeOKv32MGHJLylCtDxg2vN+RO40X
UMNjGodBZeJ3lRU9TBLMPADsthooKn34RAPs3q5VXoMazjGZ30hgK+zxVCTiVtBR
m9P7hwpMKnvlGBWT/JjJp5N0XmYJ77gURZAOSRgiQcXEsfloSJUS1vF4KpHVNTdw
tvJ/iW/Z+LoYLF+BB5xGlOM7PiA5BI8KfBIEYG8RuZzRMz8s77tLsOa3TMuKcBqH
e5s1g8eatMkPCmB71ttrEEXaHaAxI16wX5+d9d2BSZyzZV8G2E9p8N1awQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLXpepVaN0zfa2zVQxzd28yfL6UhMB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEvdGVsNmxWbzNUTjlyYk5WREhOM2J6Sjh2cFNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTctMjE1OTM3NmQzYTY0
LzEvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKglpBQMF
ACoPQwMDBQAqEswDMA0GCSqGSIb3DQEBCwUAA4IBAQCTdiMsORNLL4YUTdnXJxPL
bZjM8oeetmWdiczx6/4TLcE4oFw0ycIgYe8haCwPUpvW2IfFzuSCLZLm7HJ/0dpd
5U6APAV/xQb0ig7WAHpIdxZq3ihqrS7R/5H0wzr6G6Mvkk9Uh6Xm/u5aDQgqGgW0
rIZWCxCgrCamNR6hZvd7Ad25R4X1pJF+v1P1oFokMi6M8HXfgu/3+oceL7pHegZZ
2Xn1jW0I/HtCDgB+ZqyIaEUDTQXUSn/oqzBeESVcPBk9dKpBwMNEscMOdTpoAnwI
3JHyCBkUR+VMvKL9U3XbxeUgLqm8VYTkZwDv2Jt4MneWl87fkwLQFUAbn7QMR95e
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:44:47 2025 by rpki-client