Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/BnJF90SQPqJrZcpUf9jmkT7M1lk.roa
File: BnJF90SQPqJrZcpUf9jmkT7M1lk.roa (raw, json)
Hash identifier: 1xm5uLeb4HW8K+DHPwvL3hA3Q4p29z7QENtTogexSHk=
Subject key identifier: 06:72:45:F7:44:90:3E:A2:6B:65:CA:54:7F:D8:E6:91:3E:CC:D6:59
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0197040263D6FFA7141B09AF86A8157BC1BB
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/BnJF90SQPqJrZcpUf9jmkT7M1lk.roa
Signing time: Sat 24 May 2025 20:35:54 +0000
ROA not before: Sat 24 May 2025 20:35:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204868
IP address blocks: 2a05:9a40::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 27 May 2025 09:48:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:04:02:63:d6:ff:a7:14:1b:09:af:86:a8:15:7b:c1:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: May 24 20:35:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=067245f744903ea26b65ca547fd8e6913eccd659
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:2c:f9:4a:54:39:25:5c:f5:95:81:e6:f6:9e:
c4:a0:e0:be:da:e5:66:73:ae:27:4d:86:b7:a2:ce:
f7:57:85:33:db:76:be:7e:a6:7f:ba:b1:f0:de:20:
54:e5:a9:a7:9a:8b:e5:b6:31:1d:28:ed:33:01:3f:
18:09:6c:af:61:7d:52:d2:74:5c:ea:7d:51:90:f8:
ac:64:cf:56:5c:8c:8e:25:67:53:49:7f:c1:92:08:
88:86:46:b1:e8:fc:3a:9c:8b:5a:65:7c:fc:78:4b:
f6:5b:97:41:53:c7:58:e7:f1:18:f5:f2:a5:12:35:
ad:8a:53:bc:1c:df:cc:39:d7:d8:b3:32:18:16:89:
f0:d6:9e:c2:cb:63:7b:6b:79:2e:83:27:78:a2:fa:
8f:8b:e2:3d:a3:4a:0c:28:22:6b:b8:0d:28:01:ce:
cc:ca:10:98:95:00:44:06:07:52:66:01:32:6b:2d:
b9:0b:8b:5c:31:96:2a:66:8b:84:26:46:5d:5e:8c:
77:97:db:ab:a4:03:26:32:0c:37:b2:8e:ea:66:70:
62:06:15:0a:c2:19:f5:4a:60:63:9d:5f:1c:7a:31:
4f:c5:42:30:93:13:56:43:6d:f6:bc:23:ee:1b:a2:
de:6f:ec:8d:82:73:c7:a5:e5:75:cd:e4:1d:c2:83:
f0:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:72:45:F7:44:90:3E:A2:6B:65:CA:54:7F:D8:E6:91:3E:CC:D6:59
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/BnJF90SQPqJrZcpUf9jmkT7M1lk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:9a40::/32
Signature Algorithm: sha256WithRSAEncryption
57:b1:c4:a4:49:bb:1a:a0:8d:98:4f:a9:13:ea:06:03:b7:44:
13:ac:0d:72:6f:1d:87:fc:e8:a0:ea:29:b2:44:98:39:3d:d4:
0b:cb:5e:9b:9d:5d:4b:f2:b5:b9:be:6c:eb:e5:ad:7c:a1:86:
d3:81:c3:84:b8:d3:af:c0:cd:e9:26:83:fd:25:68:7a:d1:96:
5a:31:9c:3d:44:d4:68:68:b5:6c:68:e0:b5:9d:4a:f9:81:43:
ca:fe:ff:c8:52:51:26:d0:8a:2a:7e:58:99:a9:4c:b7:83:e7:
c0:6d:a4:32:09:c6:35:db:21:3c:a2:8b:95:c2:b5:6e:0a:ad:
61:a1:14:9a:61:9b:19:7f:d6:17:98:6c:12:8f:a8:ac:ad:ef:
08:c1:fa:82:e8:b8:fe:0b:ed:57:f3:6a:b4:2c:a8:35:33:f6:
77:fc:b8:0a:1f:32:7a:0d:bf:7c:58:91:10:92:be:41:f3:c2:
63:12:86:dd:5c:b6:de:0a:3c:13:ab:c4:9f:4c:1c:09:22:08:
ba:15:a6:b1:0a:dc:32:6f:57:e1:22:1d:c0:23:81:6a:78:4e:
a5:0a:fd:9a:77:01:1c:1f:e5:d2:f1:29:a0:4e:7d:9f:04:ef:
c2:c5:a7:a5:19:0e:a4:0a:09:8b:fb:e4:ae:08:e0:9b:cb:16:
e2:69:86:ad
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZcEAmPW/6cUGwmvhqgVe8G7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNTI0MjAzNTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjcyNDVmNzQ0OTAzZWEyNmI2NWNhNTQ3ZmQ4ZTY5MTNlY2NkNjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAniz5SlQ5JVz1lYHm9p7EoOC+2uVm
c64nTYa3os73V4Uz23a+fqZ/urHw3iBU5amnmovltjEdKO0zAT8YCWyvYX1S0nRc
6n1RkPisZM9WXIyOJWdTSX/BkgiIhkax6Pw6nItaZXz8eEv2W5dBU8dY5/EY9fKl
EjWtilO8HN/MOdfYszIYFonw1p7Cy2N7a3kugyd4ovqPi+I9o0oMKCJruA0oAc7M
yhCYlQBEBgdSZgEyay25C4tcMZYqZouEJkZdXox3l9urpAMmMgw3so7qZnBiBhUK
whn1SmBjnV8cejFPxUIwkxNWQ232vCPuG6Leb+yNgnPHpeV1zeQdwoPwpQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAZyRfdEkD6ia2XKVH/Y5pE+zNZZMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvQm5KRjkwU1FQcUpyWmNwVWY5am1rVDdNMWxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgWaQDAN
BgkqhkiG9w0BAQsFAAOCAQEAV7HEpEm7GqCNmE+pE+oGA7dEE6wNcm8dh/zooOop
skSYOT3UC8tem51dS/K1ub5s6+WtfKGG04HDhLjTr8DN6SaD/SVoetGWWjGcPUTU
aGi1bGjgtZ1K+YFDyv7/yFJRJtCKKn5YmalMt4PnwG2kMgnGNdshPKKLlcK1bgqt
YaEUmmGbGX/WF5hsEo+orK3vCMH6gui4/gvtV/NqtCyoNTP2d/y4Ch8yeg2/fFiR
EJK+QfPCYxKG3Vy23go8E6vEn0wcCSIIuhWmsQrcMm9X4SIdwCOBanhOpQr9mncB
HB/l0vEpoE59nwTvwsWnpRkOpAoJi/vkrgjgm8sW4mmGrQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 12:24:36 2025 by rpki-client