Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/1m3MEq6c2QniI9kUcb0P23kC-6M.roa
File: 1m3MEq6c2QniI9kUcb0P23kC-6M.roa (raw, json)
Hash identifier: oI/fGFeAUxuyl3+z6rXEvxvXm36bophCs+otAfYfvwc=
Subject key identifier: D6:6D:CC:12:AE:9C:D9:09:E2:23:D9:14:71:BD:0F:DB:79:02:FB:A3
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 01963F8D0C207B5485D6BC7E3A13576FC121
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/1m3MEq6c2QniI9kUcb0P23kC-6M.roa
Signing time: Wed 16 Apr 2025 17:02:10 +0000
ROA not before: Wed 16 Apr 2025 17:02:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29182
IP address blocks: 2a0e:13c6::/32 maxlen: 32
2a0e:4346::/32 maxlen: 32
2a0e:67c6::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 17 Apr 2025 09:11:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3f:8d:0c:20:7b:54:85:d6:bc:7e:3a:13:57:6f:c1:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Apr 16 17:02:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d66dcc12ae9cd909e223d91471bd0fdb7902fba3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:05:42:ca:94:42:77:c2:fa:cc:25:79:7f:33:
26:e4:02:02:b1:93:5e:30:8b:88:70:4f:80:d1:3d:
d2:b6:1d:a2:ca:cb:d3:53:b8:e1:95:98:5a:9f:b0:
93:4a:30:c1:60:43:35:e6:b0:e4:00:f4:8d:ab:02:
59:e2:26:4b:2a:82:b7:10:ac:b8:1d:6e:2d:a8:b8:
7c:3d:17:11:1c:04:83:81:ed:ab:15:b8:26:bd:07:
a9:f3:ef:24:56:71:6b:4c:f6:f9:4c:be:84:3d:09:
6e:31:ab:8b:c1:6c:a1:1f:14:ee:13:a1:c0:6a:7b:
9d:60:2b:37:17:70:47:b4:ac:e8:a3:04:de:b1:2f:
47:d5:72:2d:2a:34:ca:26:8e:ec:49:17:cb:1f:d1:
ec:0d:ba:3a:55:17:8d:25:53:6d:a3:d3:b1:50:89:
c8:f0:e2:b7:1d:8a:e0:7f:69:ad:72:d1:0d:06:f2:
ab:20:b9:91:b6:68:fc:d1:1d:a2:4d:f4:92:43:b9:
37:c9:0c:98:aa:43:96:54:29:86:9e:e3:79:69:c2:
78:c7:23:02:cf:db:bb:de:70:cd:a1:e7:05:5f:4c:
c4:ec:b6:30:c3:53:92:e3:63:84:da:57:d3:1a:a7:
19:84:e1:21:a5:69:45:76:ab:84:94:d5:f4:ec:91:
c0:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:6D:CC:12:AE:9C:D9:09:E2:23:D9:14:71:BD:0F:DB:79:02:FB:A3
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/1m3MEq6c2QniI9kUcb0P23kC-6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:13c6::/32
2a0e:4346::/32
2a0e:67c6::/32
Signature Algorithm: sha256WithRSAEncryption
5c:30:30:23:dd:d8:b7:c8:03:79:5a:81:bd:40:78:7f:39:e5:
2b:66:6d:e5:7f:37:38:61:c9:ae:26:d5:d3:07:bf:d8:22:18:
6d:9e:cf:f2:bf:c9:ed:82:90:cf:5d:7a:31:27:52:97:ca:f6:
a5:ab:21:3b:2b:8b:18:e8:6f:09:45:6b:61:01:b2:18:8c:c5:
c7:6f:3a:9c:e4:e9:52:42:04:67:39:ba:db:3f:c2:90:2e:e3:
73:9d:7d:1a:74:a7:19:e6:aa:32:d5:c0:bb:cb:6f:4a:08:64:
0f:8b:be:f3:6d:6f:63:1a:d1:03:e3:35:aa:9f:6f:43:95:b5:
b4:4a:d1:fd:75:3a:db:a3:08:2e:f1:f4:b5:de:47:dd:e9:c1:
4f:8d:68:45:05:2c:fd:34:9a:b8:cc:80:7c:9f:6e:3e:d1:7f:
62:4b:03:fa:f8:86:70:67:36:6c:1e:93:44:b5:4d:29:3d:9e:
65:f2:61:7b:d8:80:49:be:00:fb:50:c7:8a:eb:2d:ac:5b:65:
58:db:17:a7:97:ce:e1:a0:d9:2f:8c:cc:d0:19:b5:d6:18:85:
fe:74:bb:5c:63:eb:4e:67:25:71:71:27:2c:10:47:c3:62:37:
1d:f8:31:31:57:b5:59:66:62:57:24:da:46:66:cb:eb:ae:03:
77:2d:7a:c0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZY/jQwge1SF1rx+OhNXb8EhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwNDE2MTcwMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjZkY2MxMmFlOWNkOTA5ZTIyM2Q5MTQ3MWJkMGZkYjc5MDJmYmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywVCypRCd8L6zCV5fzMm5AICsZNe
MIuIcE+A0T3Sth2iysvTU7jhlZhan7CTSjDBYEM15rDkAPSNqwJZ4iZLKoK3EKy4
HW4tqLh8PRcRHASDge2rFbgmvQep8+8kVnFrTPb5TL6EPQluMauLwWyhHxTuE6HA
anudYCs3F3BHtKzoowTesS9H1XItKjTKJo7sSRfLH9HsDbo6VReNJVNto9OxUInI
8OK3HYrgf2mtctENBvKrILmRtmj80R2iTfSSQ7k3yQyYqkOWVCmGnuN5acJ4xyMC
z9u73nDNoecFX0zE7LYww1OS42OE2lfTGqcZhOEhpWlFdquElNX07JHAWQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNZtzBKunNkJ4iPZFHG9D9t5AvujMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvMW0zTUVxNmMyUW5pSTlrVWNiMFAyM2tDLTZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKg4TxgMF
ACoOQ0YDBQAqDmfGMA0GCSqGSIb3DQEBCwUAA4IBAQBcMDAj3di3yAN5WoG9QHh/
OeUrZm3lfzc4YcmuJtXTB7/YIhhtns/yv8ntgpDPXXoxJ1KXyvalqyE7K4sY6G8J
RWthAbIYjMXHbzqc5OlSQgRnObrbP8KQLuNznX0adKcZ5qoy1cC7y29KCGQPi77z
bW9jGtED4zWqn29DlbW0StH9dTrbowgu8fS13kfd6cFPjWhFBSz9NJq4zIB8n24+
0X9iSwP6+IZwZzZsHpNEtU0pPZ5l8mF72IBJvgD7UMeK6y2sW2VY2xenl87hoNkv
jMzQGbXWGIX+dLtcY+tOZyVxcScsEEfDYjcd+DExV7VZZmJXJNpGZsvrrgN3LXrA
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:03:51 2025 by rpki-client