Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Y0nQQ456xgbv80Xq2oitr8ROt0A.roa
File: Y0nQQ456xgbv80Xq2oitr8ROt0A.roa (raw, json)
Hash identifier: 3L6vJRiUNOm2hioC41earzV9Zxba8FDrm/oFN/THO5U=
Subject key identifier: 63:49:D0:43:8E:7A:C6:06:EF:F3:45:EA:DA:88:AD:AF:C4:4E:B7:40
Certificate issuer: /CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Certificate serial: 01950837B2F9FB39AEAF4DE60259ECE71545
Authority key identifier: 67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Y0nQQ456xgbv80Xq2oitr8ROt0A.roa
Signing time: Sat 15 Feb 2025 06:07:02 +0000
ROA not before: Sat 15 Feb 2025 06:07:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214674
IP address blocks: 2a14:67c1:500::/40 maxlen: 48
2a14:67c1:600::/40 maxlen: 48
Validation: Failed, certificate revoked on Sat 15 Feb 2025 06:27:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:08:37:b2:f9:fb:39:ae:af:4d:e6:02:59:ec:e7:15:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Validity
Not Before: Feb 15 06:07:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6349d0438e7ac606eff345eada88adafc44eb740
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:60:7a:ee:3a:6b:66:89:e7:64:28:71:01:19:
7f:4c:a2:d7:ae:8e:c9:33:00:2f:c4:51:41:37:bb:
42:63:72:6c:15:f1:4f:81:ca:5c:25:f8:bb:30:7d:
e8:de:15:26:14:f1:04:2d:c2:05:00:6f:81:4d:08:
65:e9:9f:01:7e:9b:f9:0d:5a:3f:d7:41:78:e0:af:
5a:83:98:ed:b5:f9:27:86:8e:68:43:47:e2:e7:db:
5e:f7:66:66:36:19:10:d6:b0:8b:7c:a7:c4:d4:0e:
77:d7:52:9d:14:10:c1:c4:6f:2e:30:90:6b:cd:0f:
cd:8a:59:51:d2:dc:05:d7:eb:02:e5:60:e2:08:60:
6f:41:50:9b:fe:49:8c:4d:6f:b3:0f:ca:3d:13:e6:
37:46:12:0e:76:fa:4e:b4:9f:6e:b8:9b:d3:d8:50:
ee:e9:af:06:8e:af:38:6d:9f:7f:a1:67:f4:60:48:
30:7f:37:6f:d8:fb:bf:94:fb:b7:8b:09:d2:fa:49:
20:89:dc:fd:26:53:0f:bf:47:91:8e:c4:61:2b:63:
ff:16:fe:58:f4:ab:bb:e7:89:e0:3a:9c:82:c7:d3:
83:46:5f:3f:ce:16:f7:d3:85:5c:15:73:e2:35:a6:
ef:ee:00:60:c4:5e:ec:d7:71:e6:ef:75:09:92:e1:
67:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:49:D0:43:8E:7A:C6:06:EF:F3:45:EA:DA:88:AD:AF:C4:4E:B7:40
X509v3 Authority Key Identifier:
keyid:67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Y0nQQ456xgbv80Xq2oitr8ROt0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:67c1:500::-2a14:67c1:6ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
ac:f1:dc:32:c5:e2:15:d0:31:ba:5f:97:2c:1b:36:da:f1:df:
13:0b:7e:0d:2d:98:f7:44:5b:e4:dd:31:e4:31:7b:b0:19:31:
03:df:f2:61:76:bb:cb:37:a3:05:56:76:08:13:f1:27:65:3e:
a3:3e:7c:bd:1d:0b:5c:cb:84:ec:75:f2:89:45:94:c3:27:f9:
94:ff:15:c6:78:aa:4a:b7:c6:62:00:c3:ae:2c:82:01:d7:bc:
6b:d3:17:07:ec:eb:dd:d6:e0:79:1c:96:03:89:25:db:af:63:
07:41:9b:77:1e:5e:b0:25:0d:15:d5:62:2b:50:67:e1:a6:58:
f8:86:fb:cd:11:01:eb:ab:b0:67:ba:f0:c5:b6:5c:24:aa:bd:
0b:3a:c8:4d:43:0c:db:03:47:1b:85:1a:a0:d8:70:ab:45:43:
f3:ec:85:3e:9a:fa:af:73:d2:ba:c4:3f:13:cf:05:13:43:4e:
48:64:9a:bc:d4:c0:ea:7a:6f:a3:f4:2e:64:30:98:76:6d:5e:
7f:71:b4:40:bc:78:2d:72:c5:db:25:c2:90:2d:1b:64:7f:35:
73:ce:3f:9a:6d:92:91:8c:53:60:45:ed:64:97:6a:d5:f0:9e:
fd:8b:fe:76:3d:bb:ff:43:de:ad:12:a5:51:c1:45:5d:63:c6:
31:24:8c:5e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZUIN7L5+zmur03mAlns5xVFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZjMxYmRlNDY1MTYzNDdmNGVkZmNiZTMwZWRhYzlhMDll
NGUwZTAwHhcNMjUwMjE1MDYwNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzQ5ZDA0MzhlN2FjNjA2ZWZmMzQ1ZWFkYTg4YWRhZmM0NGViNzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2B67jprZonnZChxARl/TKLXro7J
MwAvxFFBN7tCY3JsFfFPgcpcJfi7MH3o3hUmFPEELcIFAG+BTQhl6Z8Bfpv5DVo/
10F44K9ag5jttfknho5oQ0fi59te92ZmNhkQ1rCLfKfE1A5311KdFBDBxG8uMJBr
zQ/NillR0twF1+sC5WDiCGBvQVCb/kmMTW+zD8o9E+Y3RhIOdvpOtJ9uuJvT2FDu
6a8Gjq84bZ9/oWf0YEgwfzdv2Pu/lPu3iwnS+kkgidz9JlMPv0eRjsRhK2P/Fv5Y
9Ku754ngOpyCx9ODRl8/zhb304VcFXPiNabv7gBgxF7s13Hm73UJkuFnpwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGNJ0EOOesYG7/NF6tqIra/ETrdAMB8GA1UdIwQY
MBaAFGfzG95GUWNH9O38vjDtrJoJ5ODgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYt
ZjZjYzRlZjBmN2RmLzEvWTBuUVE0NTZ4Z2J2ODBYcTJvaXRyOFJPdDBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYtZjZjYzRlZjBmN2Rm
LzEvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBgAqFGfB
BQMGACoUZ8EGMA0GCSqGSIb3DQEBCwUAA4IBAQCs8dwyxeIV0DG6X5csGzba8d8T
C34NLZj3RFvk3THkMXuwGTED3/JhdrvLN6MFVnYIE/EnZT6jPny9HQtcy4TsdfKJ
RZTDJ/mU/xXGeKpKt8ZiAMOuLIIB17xr0xcH7Ovd1uB5HJYDiSXbr2MHQZt3Hl6w
JQ0V1WIrUGfhplj4hvvNEQHrq7BnuvDFtlwkqr0LOshNQwzbA0cbhRqg2HCrRUPz
7IU+mvqvc9K6xD8TzwUTQ05IZJq81MDqem+j9C5kMJh2bV5/cbRAvHgtcsXbJcKQ
LRtkfzVzzj+abZKRjFNgRe1kl2rV8J79i/52Pbv/Q96tEqVRwUVdY8YxJIxe
-----END CERTIFICATE-----
Generated at Mon Apr 28 09:09:29 2025 by rpki-client