Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/bsyQ7zDGkE9iDiBLyoDU2Dy-kSg.roa
File: bsyQ7zDGkE9iDiBLyoDU2Dy-kSg.roa (raw, json)
Hash identifier: 8tEYLrRYTsYGuT09frNobstoLYXtejSYTDRBdlY+81M=
Subject key identifier: 6E:CC:90:EF:30:C6:90:4F:62:0E:20:4B:CA:80:D4:D8:3C:BE:91:28
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 019703FFA5EADFA32938B3A5230095E69BD8
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/bsyQ7zDGkE9iDiBLyoDU2Dy-kSg.roa
Signing time: Sat 24 May 2025 20:32:55 +0000
ROA not before: Sat 24 May 2025 20:32:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209944
IP address blocks: 2a06:5fc1::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 27 May 2025 09:50:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:03:ff:a5:ea:df:a3:29:38:b3:a5:23:00:95:e6:9b:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: May 24 20:32:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ecc90ef30c6904f620e204bca80d4d83cbe9128
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:fb:19:1d:b0:de:85:ee:1a:e3:c0:3b:cc:bc:
66:a4:53:0e:f9:5e:d1:75:5d:28:cd:21:a0:6f:cb:
f5:bb:a2:c4:a7:4d:20:7f:7d:62:91:06:e5:f6:87:
c0:75:db:aa:d1:92:4d:59:2d:cc:42:92:73:98:b7:
a4:8e:6f:0f:fc:94:56:89:49:94:03:f0:08:6f:53:
27:69:e9:30:f4:89:b7:02:04:e9:0e:18:f0:04:74:
c5:a7:69:5e:16:be:18:20:2c:62:d5:20:59:83:01:
12:e3:a4:e7:f7:42:5b:92:e5:e1:77:8d:8c:30:ec:
06:20:22:ca:6c:3e:e5:8e:41:88:e7:25:57:ca:be:
6a:4d:03:bf:3e:e5:fc:7c:24:78:32:60:33:c3:2d:
d7:5b:e2:bb:1c:10:15:f8:18:e2:45:d6:73:6a:3f:
60:e9:bc:bf:fb:96:83:d0:60:4b:4f:7d:78:e2:a2:
be:f3:19:fb:80:be:87:cf:9d:ad:d7:5b:77:2e:5c:
96:08:bb:89:91:c5:66:05:39:ee:32:34:98:62:1c:
91:dc:f1:fc:de:78:5d:07:c7:2d:90:2d:94:eb:16:
61:9d:95:49:f8:9b:e8:dc:4b:aa:cf:f2:be:df:00:
eb:7d:86:d3:68:d3:7b:ff:99:9c:0f:86:d8:1f:7a:
89:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:CC:90:EF:30:C6:90:4F:62:0E:20:4B:CA:80:D4:D8:3C:BE:91:28
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/bsyQ7zDGkE9iDiBLyoDU2Dy-kSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:5fc1::/32
Signature Algorithm: sha256WithRSAEncryption
00:0f:ac:b1:03:6c:5d:50:44:7e:b8:7b:83:11:16:69:27:e5:
25:de:1f:b4:29:57:97:22:22:3e:be:ce:ab:37:71:32:5b:75:
9c:8c:dc:26:dd:e2:bc:6e:a8:81:3b:fb:fb:38:bc:a6:55:7d:
0f:7e:5e:32:60:96:49:53:ea:72:18:00:ab:09:4f:f9:61:7f:
43:5a:e6:c6:c8:09:0c:51:89:17:1f:e9:0a:92:2f:bb:6f:1d:
28:89:c9:f7:ed:35:e4:80:27:c4:33:07:46:b3:74:86:fa:44:
34:dc:67:c5:bc:71:68:da:d4:a9:7d:7e:38:57:46:2a:c2:24:
2b:c8:38:a9:09:20:d7:e8:8d:5d:54:5d:ea:c8:3f:66:73:ee:
11:7b:76:20:1b:03:32:40:cb:92:0a:e5:bd:cd:d0:3a:03:19:
79:77:49:af:3a:69:ed:a3:f0:45:79:6e:38:d9:ed:82:24:73:
a6:51:69:3d:85:98:68:64:44:2f:7e:34:13:f1:7b:29:59:79:
4d:03:06:59:80:20:96:6f:e6:8e:f6:c1:24:87:a2:c8:bc:ae:
d0:dc:f7:0e:6d:c9:03:94:e3:71:42:d9:d6:20:4e:3a:9e:22:
6b:67:0a:a6:e3:64:6d:9f:11:e6:b6:b6:98:8d:ec:36:6b:9e:
cc:26:49:2b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZcD/6Xq36MpOLOlIwCV5pvYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNTI0MjAzMjU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWNjOTBlZjMwYzY5MDRmNjIwZTIwNGJjYTgwZDRkODNjYmU5MTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/sZHbDehe4a48A7zLxmpFMO+V7R
dV0ozSGgb8v1u6LEp00gf31ikQbl9ofAdduq0ZJNWS3MQpJzmLekjm8P/JRWiUmU
A/AIb1Mnaekw9Im3AgTpDhjwBHTFp2leFr4YICxi1SBZgwES46Tn90JbkuXhd42M
MOwGICLKbD7ljkGI5yVXyr5qTQO/PuX8fCR4MmAzwy3XW+K7HBAV+BjiRdZzaj9g
6by/+5aD0GBLT3144qK+8xn7gL6Hz52t11t3LlyWCLuJkcVmBTnuMjSYYhyR3PH8
3nhdB8ctkC2U6xZhnZVJ+Jvo3Euqz/K+3wDrfYbTaNN7/5mcD4bYH3qJCwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFG7MkO8wxpBPYg4gS8qA1Ng8vpEoMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvYnN5UTd6REdrRTlpRGlCTHlvRFUyRHkta1NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgZfwTAN
BgkqhkiG9w0BAQsFAAOCAQEAAA+ssQNsXVBEfrh7gxEWaSflJd4ftClXlyIiPr7O
qzdxMlt1nIzcJt3ivG6ogTv7+zi8plV9D35eMmCWSVPqchgAqwlP+WF/Q1rmxsgJ
DFGJFx/pCpIvu28dKInJ9+015IAnxDMHRrN0hvpENNxnxbxxaNrUqX1+OFdGKsIk
K8g4qQkg1+iNXVRd6sg/ZnPuEXt2IBsDMkDLkgrlvc3QOgMZeXdJrzpp7aPwRXlu
ONntgiRzplFpPYWYaGREL340E/F7KVl5TQMGWYAglm/mjvbBJIeiyLyu0Nz3Dm3J
A5TjcULZ1iBOOp4ia2cKpuNkbZ8R5ra2mI3sNmuezCZJKw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 12:23:35 2025 by rpki-client