Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/gE5x85WPhlui2dU1xxIwswE-Ywo.roa
File: gE5x85WPhlui2dU1xxIwswE-Ywo.roa (raw, json)
Hash identifier: i/DfH8VkYXAS4ooiXtbcgn8D14I4rtP4f60TCSzfJyQ=
Subject key identifier: 80:4E:71:F3:95:8F:86:5B:A2:D9:D5:35:C7:12:30:B3:01:3E:63:0A
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01965A34C404EEA66ACE7C7A86623537F12A
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/gE5x85WPhlui2dU1xxIwswE-Ywo.roa
Signing time: Mon 21 Apr 2025 21:15:29 +0000
ROA not before: Mon 21 Apr 2025 21:15:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213705
IP address blocks: 2a06:5fc0::/29 maxlen: 29
2a13:c244::/33 maxlen: 33
2a14:1100::/33 maxlen: 33
Validation: Failed, certificate revoked on Thu 01 May 2025 06:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5a:34:c4:04:ee:a6:6a:ce:7c:7a:86:62:35:37:f1:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Apr 21 21:15:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=804e71f3958f865ba2d9d535c71230b3013e630a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:bd:1f:41:96:bf:0e:ae:b5:3e:5b:e4:da:3f:
79:84:dd:b8:96:df:e4:07:ee:86:01:d0:6d:e0:40:
a8:04:b9:d3:97:35:fa:ea:ad:ee:b1:51:1d:d5:84:
f9:ab:70:7c:d3:76:11:fc:e2:49:66:51:e6:ac:80:
54:cd:9f:5d:4c:d4:23:00:a8:ad:d7:a6:5c:f1:60:
e1:b5:46:3b:f8:e6:65:23:a7:11:e6:a4:bd:fe:2e:
07:9f:3f:69:44:d1:cc:d8:04:d6:4f:c0:2f:d9:6c:
68:77:5e:29:a8:e3:60:90:c8:ff:91:0f:fc:99:16:
e4:c2:ba:7b:0c:d2:24:35:a0:23:f1:b9:59:db:b1:
89:44:b8:aa:83:b4:bc:03:8f:69:a1:5a:81:b7:d4:
37:df:c6:14:46:65:a6:cb:18:a4:f1:31:77:df:2e:
31:c1:d9:09:82:e1:59:10:f1:fb:67:67:6a:24:0b:
4c:9e:be:0e:42:7d:a6:1b:23:4a:7e:36:54:32:8b:
51:85:18:ee:b7:fe:6e:75:cd:7f:79:78:5a:b6:32:
36:66:18:a1:06:37:c9:7d:de:9c:3c:d7:15:4c:18:
fa:53:1d:ca:ea:1d:c6:2d:d8:31:89:9f:10:46:d9:
23:86:e2:df:77:8a:05:9e:45:e8:f1:c7:8e:73:30:
a8:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:4E:71:F3:95:8F:86:5B:A2:D9:D5:35:C7:12:30:B3:01:3E:63:0A
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/gE5x85WPhlui2dU1xxIwswE-Ywo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:5fc0::/29
2a13:c244::/33
2a14:1100::/33
Signature Algorithm: sha256WithRSAEncryption
06:34:be:79:cb:95:9f:45:5f:97:b8:5a:0e:8f:ef:10:fc:16:
39:c6:30:3c:53:cf:e5:11:dd:53:9e:89:6e:ca:53:f9:49:44:
3c:7d:d1:a2:d7:51:c3:5d:99:d2:37:92:65:62:96:99:52:93:
37:f8:ab:48:13:f7:59:aa:5a:88:2e:d6:34:12:df:18:44:13:
1f:2f:92:52:90:83:13:29:af:cf:1f:e6:b0:50:d9:17:f1:c0:
93:8e:e1:66:8d:a1:c9:a6:23:ba:bd:12:cb:cd:4b:77:da:15:
c6:a1:1c:ae:34:27:be:25:3f:35:a5:28:8d:a0:60:6b:4e:8d:
f1:29:1a:e7:23:3d:76:db:a8:c4:0b:4c:56:96:9b:ac:c1:77:
af:c6:cc:14:77:8d:99:43:f3:3a:d9:70:31:2a:16:92:0c:04:
30:22:18:47:4c:26:47:2a:cc:8b:6d:90:86:6b:cd:ff:92:30:
7d:64:60:2a:b5:17:1e:b5:f7:76:0a:86:d7:c4:ab:be:83:04:
ca:27:b4:f5:55:00:48:d0:d4:c1:ed:0c:77:16:7c:cc:4d:b0:
bc:22:f9:5b:2d:a9:d2:c2:a1:82:fd:9d:e9:ce:12:09:77:4b:
cd:12:a4:32:12:89:c9:26:f9:b4:58:55:5b:6f:49:a4:e9:d0:
f7:c6:df:f9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZZaNMQE7qZqznx6hmI1N/EqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNDIxMjExNTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDRlNzFmMzk1OGY4NjViYTJkOWQ1MzVjNzEyMzBiMzAxM2U2MzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2L0fQZa/Dq61Plvk2j95hN24lt/k
B+6GAdBt4ECoBLnTlzX66q3usVEd1YT5q3B803YR/OJJZlHmrIBUzZ9dTNQjAKit
16Zc8WDhtUY7+OZlI6cR5qS9/i4Hnz9pRNHM2ATWT8Av2Wxod14pqONgkMj/kQ/8
mRbkwrp7DNIkNaAj8blZ27GJRLiqg7S8A49poVqBt9Q338YURmWmyxik8TF33y4x
wdkJguFZEPH7Z2dqJAtMnr4OQn2mGyNKfjZUMotRhRjut/5udc1/eXhatjI2Zhih
BjfJfd6cPNcVTBj6Ux3K6h3GLdgxiZ8QRtkjhuLfd4oFnkXo8ceOczCoEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIBOcfOVj4ZbotnVNccSMLMBPmMKMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvZ0U1eDg1V1BobHVpMmRVMXh4SXdzd0UtWXdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwUDKgZfwAMG
ByoTwkQAAwYHKhQRAAAwDQYJKoZIhvcNAQELBQADggEBAAY0vnnLlZ9FX5e4Wg6P
7xD8FjnGMDxTz+UR3VOeiW7KU/lJRDx90aLXUcNdmdI3kmVilplSkzf4q0gT91mq
Wogu1jQS3xhEEx8vklKQgxMpr88f5rBQ2RfxwJOO4WaNocmmI7q9EsvNS3faFcah
HK40J74lPzWlKI2gYGtOjfEpGucjPXbbqMQLTFaWm6zBd6/GzBR3jZlD8zrZcDEq
FpIMBDAiGEdMJkcqzIttkIZrzf+SMH1kYCq1Fx6193YKhtfEq76DBMontPVVAEjQ
1MHtDHcWfMxNsLwi+VstqdLCoYL9nenOEgl3S80SpDISickm+bRYVVtvSaTp0PfG
3/k=
-----END CERTIFICATE-----
Generated at Fri May 2 15:36:25 2025 by rpki-client