Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/pamffQ5uOk28QtdNWDJzHTzSa5Y.roa
File: pamffQ5uOk28QtdNWDJzHTzSa5Y.roa (raw, json)
Hash identifier: BGWr6yGr+No9ycZgSkgkzb7d0fWALtQmPBt2wFUWxQE=
Subject key identifier: A5:A9:9F:7D:0E:6E:3A:4D:BC:42:D7:4D:58:32:73:1D:3C:D2:6B:96
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01965A2EFBD4875BF72B133330CD7C177834
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/pamffQ5uOk28QtdNWDJzHTzSa5Y.roa
Signing time: Mon 21 Apr 2025 21:09:10 +0000
ROA not before: Mon 21 Apr 2025 21:09:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2a13:c3c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 24 Apr 2025 21:37:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5a:2e:fb:d4:87:5b:f7:2b:13:33:30:cd:7c:17:78:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Apr 21 21:09:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5a99f7d0e6e3a4dbc42d74d5832731d3cd26b96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:98:9f:89:62:95:04:db:a7:f6:62:49:89:4b:
f9:9c:f7:4b:1b:6c:59:70:21:86:9b:7b:fa:eb:51:
7c:dd:19:4c:3f:a8:eb:6f:79:1f:b7:12:c4:2f:58:
f0:33:66:5c:47:e3:4f:66:57:03:10:e2:d7:8c:18:
e8:9d:be:10:41:19:6c:39:d3:2f:91:e1:df:47:40:
fb:b7:8d:3f:c2:67:74:b8:98:dc:29:4d:de:17:77:
1e:6f:5b:50:53:0d:05:28:3f:f9:71:fe:f0:c8:d0:
ef:51:4c:2c:4c:a9:c4:50:e5:f8:a4:f8:4a:5c:1c:
f2:fd:99:32:8e:19:de:a6:c3:a5:3f:f9:c6:6f:d8:
7d:c4:ec:5b:12:4e:6d:ef:46:43:10:33:08:1e:fb:
c5:cb:a0:f7:e8:13:60:64:4a:5d:58:42:e1:0b:58:
ba:44:ef:d5:f7:b7:10:5e:75:b9:11:82:5d:c1:6e:
0a:4b:c3:4c:d9:df:1b:d8:66:03:82:b7:36:77:f4:
fe:c0:fe:b2:3e:ac:e0:5e:e5:32:77:11:53:0e:67:
56:a9:50:16:cc:f4:90:fd:ee:28:6d:7b:c0:3f:9e:
c7:c9:db:06:34:5d:37:0d:d2:71:42:18:64:97:27:
69:8b:21:be:29:ef:be:b4:5d:fa:12:da:60:49:b2:
53:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:A9:9F:7D:0E:6E:3A:4D:BC:42:D7:4D:58:32:73:1D:3C:D2:6B:96
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/pamffQ5uOk28QtdNWDJzHTzSa5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:c3c0::/29
Signature Algorithm: sha256WithRSAEncryption
72:a9:b9:2d:85:6d:f7:3d:c3:b3:cc:0a:db:ae:b1:e2:a1:3c:
cd:b7:92:d2:e8:32:9d:c8:ba:5d:db:8c:3c:74:4a:8e:46:d1:
22:92:8f:c6:55:69:4c:47:94:d2:b2:65:db:61:cf:6f:ae:5d:
3f:7a:55:e1:13:f3:f5:9d:ae:66:c5:d4:f2:04:03:24:09:88:
6b:13:c4:cc:73:4b:9e:b3:85:01:61:6f:cf:33:7e:3a:22:14:
dd:f8:91:bd:d0:62:e7:e4:71:cc:97:de:89:3e:bd:ee:f4:68:
21:53:af:bb:b9:93:b6:00:14:2b:b1:b9:3d:8c:c6:78:72:96:
9c:50:93:4a:9d:a9:1d:d1:ef:7b:17:8d:05:66:19:c5:0e:db:
5e:bc:1f:7b:30:65:76:f4:98:49:82:81:03:1a:a4:1c:70:df:
2e:d6:c1:1f:94:b9:47:97:b6:f2:a9:0a:8e:9d:d7:e4:84:b1:
3f:d9:f3:7e:12:98:d1:f7:b6:89:d0:89:89:c9:20:ea:5b:6f:
eb:b3:fc:a6:bc:75:58:db:ef:84:72:38:6b:f5:f0:19:25:c2:
10:ff:12:c5:cb:9e:7f:06:a6:d3:40:22:09:62:80:b7:23:5d:
ba:08:9b:8d:ce:6f:70:6a:38:da:fb:70:54:43:08:22:3d:b4:
47:77:4e:52
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZZaLvvUh1v3KxMzMM18F3g0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNDIxMjEwOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWE5OWY3ZDBlNmUzYTRkYmM0MmQ3NGQ1ODMyNzMxZDNjZDI2Yjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15ifiWKVBNun9mJJiUv5nPdLG2xZ
cCGGm3v661F83RlMP6jrb3kftxLEL1jwM2ZcR+NPZlcDEOLXjBjonb4QQRlsOdMv
keHfR0D7t40/wmd0uJjcKU3eF3ceb1tQUw0FKD/5cf7wyNDvUUwsTKnEUOX4pPhK
XBzy/ZkyjhnepsOlP/nGb9h9xOxbEk5t70ZDEDMIHvvFy6D36BNgZEpdWELhC1i6
RO/V97cQXnW5EYJdwW4KS8NM2d8b2GYDgrc2d/T+wP6yPqzgXuUydxFTDmdWqVAW
zPSQ/e4obXvAP57HydsGNF03DdJxQhhklydpiyG+Ke++tF36EtpgSbJTUwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKWpn30ObjpNvELXTVgycx080muWMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvcGFtZmZRNXVPazI4UXRkTldESnpIVHpTYTVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPDwDAN
BgkqhkiG9w0BAQsFAAOCAQEAcqm5LYVt9z3Ds8wK266x4qE8zbeS0ugynci6XduM
PHRKjkbRIpKPxlVpTEeU0rJl22HPb65dP3pV4RPz9Z2uZsXU8gQDJAmIaxPEzHNL
nrOFAWFvzzN+OiIU3fiRvdBi5+RxzJfeiT697vRoIVOvu7mTtgAUK7G5PYzGeHKW
nFCTSp2pHdHvexeNBWYZxQ7bXrwfezBldvSYSYKBAxqkHHDfLtbBH5S5R5e28qkK
jp3X5ISxP9nzfhKY0fe2idCJickg6ltv67P8prx1WNvvhHI4a/XwGSXCEP8Sxcue
fwam00AiCWKAtyNdugibjc5vcGo42vtwVEMIIj20R3dOUg==
-----END CERTIFICATE-----
Generated at Tue Apr 29 03:49:46 2025 by rpki-client