Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/fZUEIwga5sb_JyZaxU0U0x2SJpM.roa
File: fZUEIwga5sb_JyZaxU0U0x2SJpM.roa (raw, json)
Hash identifier: nba3Eqml8pesOygQd2oKV+PjG2784pnLXOhe2nwEzRM=
Subject key identifier: 7D:95:04:23:08:1A:E6:C6:FF:27:26:5A:C5:4D:14:D3:1D:92:26:93
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01970400901E875934F8720F745447F204D2
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/fZUEIwga5sb_JyZaxU0U0x2SJpM.roa
Signing time: Sat 24 May 2025 20:33:55 +0000
ROA not before: Sat 24 May 2025 20:33:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206590
IP address blocks: 2a06:5fc4::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 27 May 2025 09:51:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:04:00:90:1e:87:59:34:f8:72:0f:74:54:47:f2:04:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: May 24 20:33:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d950423081ae6c6ff27265ac54d14d31d922693
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:9b:f7:24:f1:49:4f:61:cd:6f:ba:84:14:74:
47:fb:3c:b4:e7:33:6b:a5:df:7d:b5:b4:9a:92:8a:
18:09:87:23:2d:47:04:be:85:93:c2:43:64:16:9c:
bd:70:97:52:47:1f:3c:54:b2:d9:4d:99:54:38:89:
e8:d1:32:68:34:88:75:8e:0a:96:fe:80:a9:8f:96:
94:12:0f:a8:df:3d:0e:9a:58:c3:d3:1e:5b:6c:e7:
e1:43:e0:bd:31:a5:80:72:71:71:9a:0a:ef:b1:ec:
8a:cc:5b:79:ba:a7:dc:64:b4:98:95:d5:55:94:0b:
bc:02:0a:10:55:75:2a:ab:41:94:61:81:35:3a:c2:
0e:59:f2:b1:06:84:a1:50:f1:41:45:71:01:5c:0f:
df:8d:5d:2e:f3:f0:55:01:c8:60:7a:87:cf:c8:e7:
ac:db:ed:78:dc:46:20:1c:a5:5b:4e:bf:bf:bc:ac:
e0:a9:fd:58:d8:cc:46:49:92:9e:c2:fc:3f:7e:e1:
95:3f:38:c2:22:33:cd:0c:6e:8f:ef:4a:3a:af:cc:
08:dc:6c:f6:b7:c5:68:79:c6:e2:47:03:68:ad:9b:
e8:72:15:11:b3:a2:58:70:89:62:0f:9c:b1:ba:9b:
1d:f7:6a:20:34:16:8b:4f:6a:d2:d5:be:f5:d8:91:
4c:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:95:04:23:08:1A:E6:C6:FF:27:26:5A:C5:4D:14:D3:1D:92:26:93
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/fZUEIwga5sb_JyZaxU0U0x2SJpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:5fc4::/32
Signature Algorithm: sha256WithRSAEncryption
bc:2a:12:68:3f:4e:14:23:fc:ef:60:f6:33:2e:ad:ad:af:9c:
e5:57:5c:f5:7f:9a:ab:12:cf:a3:07:f4:b5:ad:c0:cf:8c:55:
2c:c2:a6:69:25:af:52:92:a6:10:ac:e0:e3:cb:b5:08:5f:ef:
47:27:12:f5:32:49:a0:2d:c9:2a:03:a6:bd:ca:73:3c:d4:97:
fe:43:90:56:e9:4a:d4:74:af:af:0a:f4:5d:fe:c4:66:18:94:
c9:30:31:24:d1:02:8e:e6:63:ca:af:65:77:9c:39:6f:3c:64:
fb:d2:91:ed:cd:76:63:11:f2:09:1d:d7:22:da:e8:fe:7f:27:
a0:6b:78:6f:44:cf:db:f8:c0:49:74:1f:b9:91:09:83:dc:88:
2b:6e:c1:3e:c2:54:5a:d1:07:cb:6b:cc:fc:ac:c7:8b:3e:f9:
47:3a:f7:5b:30:74:34:79:42:fa:d2:b9:46:89:37:d6:d3:1b:
e1:5d:e7:c7:11:bd:ef:60:42:94:55:e2:15:40:ef:93:1f:63:
d5:5c:da:8a:3d:a7:66:62:da:12:40:21:96:fc:da:7c:80:6a:
59:5f:3d:ce:01:e1:b6:3b:c7:0a:1e:ca:9f:c9:21:74:e3:72:
58:4f:c0:b2:28:67:b9:fa:91:3d:98:10:f6:cf:b9:de:03:3e:
a5:ab:bf:0d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZcEAJAeh1k0+HIPdFRH8gTSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNTI0MjAzMzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDk1MDQyMzA4MWFlNmM2ZmYyNzI2NWFjNTRkMTRkMzFkOTIyNjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZv3JPFJT2HNb7qEFHRH+zy05zNr
pd99tbSakooYCYcjLUcEvoWTwkNkFpy9cJdSRx88VLLZTZlUOIno0TJoNIh1jgqW
/oCpj5aUEg+o3z0OmljD0x5bbOfhQ+C9MaWAcnFxmgrvseyKzFt5uqfcZLSYldVV
lAu8AgoQVXUqq0GUYYE1OsIOWfKxBoShUPFBRXEBXA/fjV0u8/BVAchgeofPyOes
2+143EYgHKVbTr+/vKzgqf1Y2MxGSZKewvw/fuGVPzjCIjPNDG6P70o6r8wI3Gz2
t8VoecbiRwNorZvochURs6JYcIliD5yxupsd92ogNBaLT2rS1b712JFMWQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFH2VBCMIGubG/ycmWsVNFNMdkiaTMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvZlpVRUl3Z2E1c2JfSnlaYXhVMFUweDJTSnBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgZfxDAN
BgkqhkiG9w0BAQsFAAOCAQEAvCoSaD9OFCP872D2My6tra+c5Vdc9X+aqxLPowf0
ta3Az4xVLMKmaSWvUpKmEKzg48u1CF/vRycS9TJJoC3JKgOmvcpzPNSX/kOQVulK
1HSvrwr0Xf7EZhiUyTAxJNECjuZjyq9ld5w5bzxk+9KR7c12YxHyCR3XItro/n8n
oGt4b0TP2/jASXQfuZEJg9yIK27BPsJUWtEHy2vM/KzHiz75Rzr3WzB0NHlC+tK5
Rok31tMb4V3nxxG972BClFXiFUDvkx9j1Vzaij2nZmLaEkAhlvzafIBqWV89zgHh
tjvHCh7Kn8khdONyWE/AsihnufqRPZgQ9s+53gM+pau/DQ==
-----END CERTIFICATE-----
Generated at Sun Jun 15 04:35:11 2025 by rpki-client