Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/h1cVX0LLjz-62TJSRA22YcEs5gI.roa
File: h1cVX0LLjz-62TJSRA22YcEs5gI.roa (raw, json)
Hash identifier: R7j4qk56ruAjI1xlO8XTfwre4voqPzt89r7x3V7j7pc=
Subject key identifier: 87:57:15:5F:42:CB:8F:3F:BA:D9:32:52:44:0D:B6:61:C1:2C:E6:02
Certificate issuer: /CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Certificate serial: 019660CCB455E8F38D6FD335790289C6CD28
Authority key identifier: 67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/h1cVX0LLjz-62TJSRA22YcEs5gI.roa
Signing time: Wed 23 Apr 2025 03:59:10 +0000
ROA not before: Wed 23 Apr 2025 03:59:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210176
IP address blocks: 2a14:67c1:a062::/48 maxlen: 48
2a14:67c1:a100::/44 maxlen: 48
Validation: Failed, certificate revoked on Thu 24 Apr 2025 06:35:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:60:cc:b4:55:e8:f3:8d:6f:d3:35:79:02:89:c6:cd:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Validity
Not Before: Apr 23 03:59:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8757155f42cb8f3fbad93252440db661c12ce602
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:4b:c6:b9:13:4d:04:c2:b5:d1:4f:91:0f:c5:
d8:db:4c:a0:78:e8:3e:57:0f:36:dd:33:e4:83:4c:
27:2a:2b:f4:29:25:a4:35:76:93:08:e2:88:cd:56:
31:18:84:3f:d0:21:35:40:77:2a:36:9a:0c:c5:f3:
f8:28:a3:1e:63:66:9c:54:74:f7:2c:88:f8:80:b8:
18:ea:00:c0:5f:0e:fb:b2:c0:33:f6:c0:b5:d9:9c:
fc:0d:80:d0:cc:1c:40:af:5c:0a:e6:16:e2:82:cb:
41:6f:58:7e:93:a7:66:21:d7:bf:99:c0:a9:19:67:
a5:16:22:b2:d1:fd:d6:44:19:19:d2:37:22:9e:de:
70:c5:2c:5b:e9:b8:0d:68:36:37:6c:f6:50:a3:ec:
3f:18:9a:18:a9:7e:ec:0c:13:b9:25:55:42:b2:68:
d0:9f:e2:72:63:49:5e:fd:2f:51:8f:4a:21:e6:33:
98:a8:4d:f7:99:18:1d:99:17:fc:ac:64:5c:a0:37:
c4:a8:fe:dd:13:e7:75:8b:8c:e3:56:c3:f4:3f:d5:
36:d3:65:2f:2e:5c:1d:f5:27:89:79:0b:1a:88:ba:
15:21:e7:24:8f:29:bc:2f:a6:c4:9d:90:e2:4a:5f:
d5:a4:2b:a4:e2:cb:49:39:20:28:24:87:a3:e6:7c:
b3:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:57:15:5F:42:CB:8F:3F:BA:D9:32:52:44:0D:B6:61:C1:2C:E6:02
X509v3 Authority Key Identifier:
keyid:67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/h1cVX0LLjz-62TJSRA22YcEs5gI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:67c1:a062::/48
2a14:67c1:a100::/44
Signature Algorithm: sha256WithRSAEncryption
06:92:bc:f9:98:99:1a:31:e1:58:38:ed:4e:ed:02:8f:86:8f:
0c:6c:b2:57:85:d0:cc:bf:10:84:fa:29:1e:e1:4e:36:22:01:
66:cb:12:5d:8b:f5:1d:9f:ef:76:6c:e4:0f:b2:96:03:57:67:
c6:ab:98:5e:24:5e:c1:ae:d4:fa:13:99:4d:3f:87:76:0d:6b:
c8:33:bf:5f:d5:e7:98:c5:3e:dc:ff:05:f6:7b:dc:fc:54:a3:
cf:f1:6c:ef:e6:d1:db:7f:25:9d:2b:eb:3b:71:49:7c:7d:92:
89:27:68:29:36:55:50:0c:e4:9b:c5:a7:fa:32:26:3d:ac:c5:
42:5f:49:c1:6e:ab:ce:e5:da:89:84:3e:c0:25:a0:ef:4d:5d:
cc:47:77:7d:be:43:bf:73:3e:11:2c:3c:c1:16:5c:fd:f3:ab:
92:66:fd:e4:2f:e9:76:4b:2d:ad:a7:aa:22:89:39:c4:d0:6a:
92:64:aa:fc:ba:6f:7d:b6:cb:30:87:0f:34:e7:2b:14:1c:7c:
d5:a3:6c:f7:7b:d3:18:82:f8:9e:79:26:6c:c8:96:8c:c7:cf:
1f:7f:f2:ab:d1:d5:9a:8b:a5:cd:2c:cc:ce:b4:cc:77:6b:bc:
7e:31:b4:f5:d2:e9:04:f5:ef:9d:01:ef:67:e0:92:24:2c:b4:
ee:5c:24:7e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZZgzLRV6PONb9M1eQKJxs0oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZjMxYmRlNDY1MTYzNDdmNGVkZmNiZTMwZWRhYzlhMDll
NGUwZTAwHhcNMjUwNDIzMDM1OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzU3MTU1ZjQyY2I4ZjNmYmFkOTMyNTI0NDBkYjY2MWMxMmNlNjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0vGuRNNBMK10U+RD8XY20ygeOg+
Vw823TPkg0wnKiv0KSWkNXaTCOKIzVYxGIQ/0CE1QHcqNpoMxfP4KKMeY2acVHT3
LIj4gLgY6gDAXw77ssAz9sC12Zz8DYDQzBxAr1wK5hbigstBb1h+k6dmIde/mcCp
GWelFiKy0f3WRBkZ0jcint5wxSxb6bgNaDY3bPZQo+w/GJoYqX7sDBO5JVVCsmjQ
n+JyY0le/S9Rj0oh5jOYqE33mRgdmRf8rGRcoDfEqP7dE+d1i4zjVsP0P9U202Uv
Llwd9SeJeQsaiLoVIeckjym8L6bEnZDiSl/VpCuk4stJOSAoJIej5nyzKQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIdXFV9Cy48/utkyUkQNtmHBLOYCMB8GA1UdIwQY
MBaAFGfzG95GUWNH9O38vjDtrJoJ5ODgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYt
ZjZjYzRlZjBmN2RmLzEvaDFjVlgwTExqei02MlRKU1JBMjJZY0VzNWdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYtZjZjYzRlZjBmN2Rm
LzEvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhRnwaBi
AwcEKhRnwaEAMA0GCSqGSIb3DQEBCwUAA4IBAQAGkrz5mJkaMeFYOO1O7QKPho8M
bLJXhdDMvxCE+ike4U42IgFmyxJdi/Udn+92bOQPspYDV2fGq5heJF7BrtT6E5lN
P4d2DWvIM79f1eeYxT7c/wX2e9z8VKPP8Wzv5tHbfyWdK+s7cUl8fZKJJ2gpNlVQ
DOSbxaf6MiY9rMVCX0nBbqvO5dqJhD7AJaDvTV3MR3d9vkO/cz4RLDzBFlz986uS
Zv3kL+l2Sy2tp6oiiTnE0GqSZKr8um99tsswhw805ysUHHzVo2z3e9MYgvieeSZs
yJaMx88ff/Kr0dWai6XNLMzOtMx3a7x+MbT10ukE9e+dAe9n4JIkLLTuXCR+
-----END CERTIFICATE-----
Generated at Mon Apr 28 12:42:06 2025 by rpki-client