Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/cJsTrHMMZVJOPuJxfxrLkLk4dU8.roa
File: cJsTrHMMZVJOPuJxfxrLkLk4dU8.roa (raw, json)
Hash identifier: 0XBQ256A24jBjZYzkskVNNWt5pNvVGq1NO2ZjmLVRQM=
Subject key identifier: 70:9B:13:AC:73:0C:65:52:4E:3E:E2:71:7F:1A:CB:90:B9:38:75:4F
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 019704034E6D91F5085E642410D5E6EF2AEA
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/cJsTrHMMZVJOPuJxfxrLkLk4dU8.roa
Signing time: Sat 24 May 2025 20:36:54 +0000
ROA not before: Sat 24 May 2025 20:36:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206535
IP address blocks: 2a05:9a44::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 27 May 2025 09:49:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:04:03:4e:6d:91:f5:08:5e:64:24:10:d5:e6:ef:2a:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: May 24 20:36:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=709b13ac730c65524e3ee2717f1acb90b938754f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d7:a0:55:0b:36:8a:d6:69:63:8c:3f:04:4c:
de:7f:5a:81:ec:ff:4e:c4:c9:fc:02:64:06:95:00:
46:18:af:a2:b7:6d:3b:23:68:cd:6a:43:64:db:17:
04:83:e7:c3:e6:8c:be:dd:72:45:2f:cc:68:74:ef:
a0:0e:8e:d5:65:2d:66:f1:d9:8b:27:96:6d:60:37:
79:09:79:4b:32:6a:35:88:47:76:ec:6a:4e:4e:5d:
33:ff:a0:92:bd:75:ef:d2:d9:59:70:22:1a:88:f0:
f4:51:8e:75:8c:98:58:ca:51:50:f5:b6:2b:16:22:
9e:7b:17:8d:fd:8f:24:e7:f7:e1:fe:44:72:f5:64:
18:ff:a1:5f:6e:7e:24:a3:c1:0f:28:69:fd:46:61:
0b:0e:f9:d8:51:dc:81:1a:ab:6b:60:40:f2:7b:72:
fd:e7:e1:1c:b2:08:9e:78:42:d2:19:05:47:3b:2f:
0f:c1:54:a5:91:9e:03:9d:ac:c0:49:79:6c:05:87:
b1:73:1a:de:59:83:2e:58:fe:dd:7f:5e:ed:5c:2a:
17:a6:84:7a:19:f5:bd:3f:a9:89:3e:31:f4:03:3d:
df:b3:db:30:52:21:30:10:f9:62:03:71:e8:77:aa:
b7:2e:6c:5c:64:54:02:2e:14:d2:59:84:55:1e:5c:
93:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:9B:13:AC:73:0C:65:52:4E:3E:E2:71:7F:1A:CB:90:B9:38:75:4F
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/cJsTrHMMZVJOPuJxfxrLkLk4dU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:9a44::/32
Signature Algorithm: sha256WithRSAEncryption
b7:b8:d7:4b:69:37:8f:96:c8:5c:36:79:51:1d:fc:bc:05:f0:
71:92:0b:a0:1e:7b:e3:2c:e1:eb:93:b1:f8:a8:3b:83:17:bb:
3f:bc:5a:6a:e1:48:dc:08:0d:c9:bb:07:e9:2e:1c:4d:5f:35:
d4:b9:0c:22:9a:35:6e:25:fb:b7:93:94:62:00:d8:67:cf:64:
c7:35:d5:79:7d:9a:d1:8c:16:ed:ee:23:d5:88:ec:cb:80:08:
97:27:1e:2b:80:17:2d:4e:10:0d:65:f5:d6:31:bc:e6:0f:cc:
f6:4f:0e:47:bc:8e:ff:f6:fd:58:39:3c:c1:2b:3e:f9:ae:07:
40:2c:f7:fe:91:ba:25:5e:73:bb:ff:aa:7b:12:bb:d5:55:63:
87:12:91:bc:b0:80:63:e0:d5:ec:a7:aa:42:6c:d2:71:ed:e5:
61:7c:f4:1d:a0:d2:0d:80:f1:f5:58:ee:48:93:6d:fc:bc:ff:
c4:98:be:b7:6e:0b:5d:03:94:7d:00:57:01:15:c4:59:70:14:
ed:03:4f:e5:92:db:0b:ca:04:b4:1d:53:79:1f:2e:ed:fc:63:
bd:f5:e0:c0:1f:39:eb:4e:6b:2e:f8:9c:b4:04:98:7f:7a:16:
db:52:95:6a:b5:c9:55:3d:b3:f1:d6:11:bb:85:d1:12:42:cf:
fd:0f:c4:dd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZcEA05tkfUIXmQkENXm7yrqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNTI0MjAzNjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDliMTNhYzczMGM2NTUyNGUzZWUyNzE3ZjFhY2I5MGI5Mzg3NTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtegVQs2itZpY4w/BEzef1qB7P9O
xMn8AmQGlQBGGK+it207I2jNakNk2xcEg+fD5oy+3XJFL8xodO+gDo7VZS1m8dmL
J5ZtYDd5CXlLMmo1iEd27GpOTl0z/6CSvXXv0tlZcCIaiPD0UY51jJhYylFQ9bYr
FiKeexeN/Y8k5/fh/kRy9WQY/6Ffbn4ko8EPKGn9RmELDvnYUdyBGqtrYEDye3L9
5+EcsgieeELSGQVHOy8PwVSlkZ4DnazASXlsBYexcxreWYMuWP7df17tXCoXpoR6
GfW9P6mJPjH0Az3fs9swUiEwEPliA3Hod6q3LmxcZFQCLhTSWYRVHlyTDwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHCbE6xzDGVSTj7icX8ay5C5OHVPMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvY0pzVHJITU1aVkpPUHVKeGZ4ckxrTGs0ZFU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgWaRDAN
BgkqhkiG9w0BAQsFAAOCAQEAt7jXS2k3j5bIXDZ5UR38vAXwcZILoB574yzh65Ox
+Kg7gxe7P7xaauFI3AgNybsH6S4cTV811LkMIpo1biX7t5OUYgDYZ89kxzXVeX2a
0YwW7e4j1Yjsy4AIlyceK4AXLU4QDWX11jG85g/M9k8OR7yO//b9WDk8wSs++a4H
QCz3/pG6JV5zu/+qexK71VVjhxKRvLCAY+DV7KeqQmzSce3lYXz0HaDSDYDx9Vju
SJNt/Lz/xJi+t24LXQOUfQBXARXEWXAU7QNP5ZLbC8oEtB1TeR8u7fxjvfXgwB85
605rLvictASYf3oW21KVarXJVT2z8dYRu4XREkLP/Q/E3Q==
-----END CERTIFICATE-----
Generated at Sat Jun 14 12:22:48 2025 by rpki-client