Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/49bbd2-fe36-45d7-8def-81fa874ee2ed/1/9NgAy9WZDhhFLtKR8lhnrSTkhPU.roa
File: 9NgAy9WZDhhFLtKR8lhnrSTkhPU.roa (raw, json)
Hash identifier: bTZXqBrM+C+KcuRYjAVqKAUExd1m9LYWVA8CjRjyZMw=
Subject key identifier: F4:D8:00:CB:D5:99:0E:18:45:2E:D2:91:F2:58:67:AD:24:E4:84:F5
Certificate issuer: /CN=e1257eaabbf604d4570055c2cd8ac249bb29c106
Certificate serial: 018F9F4A1943992FC0D30CBD572929D30C60
Authority key identifier: E1:25:7E:AA:BB:F6:04:D4:57:00:55:C2:CD:8A:C2:49:BB:29:C1:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4SV-qrv2BNRXAFXCzYrCSbspwQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/49bbd2-fe36-45d7-8def-81fa874ee2ed/1/9NgAy9WZDhhFLtKR8lhnrSTkhPU.roa
Signing time: Wed 22 May 2024 07:53:04 +0000
ROA not before: Wed 22 May 2024 07:53:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49217
IP address blocks: 2a14:4c40::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 22 May 2024 09:56:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9f:4a:19:43:99:2f:c0:d3:0c:bd:57:29:29:d3:0c:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1257eaabbf604d4570055c2cd8ac249bb29c106
Validity
Not Before: May 22 07:53:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4d800cbd5990e18452ed291f25867ad24e484f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:37:59:f0:96:69:36:9b:09:f6:73:6a:29:f9:
22:30:55:3a:4e:74:0c:94:e9:23:51:52:86:d1:c3:
4a:9c:f6:35:81:b1:f1:8c:61:ef:fc:02:47:6b:8c:
ba:59:e0:d4:b2:7f:93:2c:f8:f3:bb:9c:4c:65:a4:
49:ed:f2:98:76:a9:dc:88:36:64:73:d2:69:f8:1c:
2d:49:39:5d:61:9c:ce:25:11:f8:14:c5:b4:6a:1f:
be:9e:43:00:98:e8:85:80:23:f3:e1:bc:3d:10:68:
b8:91:d3:10:34:49:8d:65:18:a9:b3:dd:9b:f0:23:
64:38:1e:70:33:b5:99:d5:a8:b9:4a:e7:c6:3a:e8:
a6:bc:47:23:34:4c:eb:52:61:be:4a:56:b0:f2:cd:
b7:99:d9:52:ea:32:6a:82:8b:e3:62:56:b1:df:fc:
cf:07:b9:49:07:dc:bd:ea:3f:0a:99:10:63:0f:82:
89:65:4c:ad:cc:82:46:b4:ee:7d:8a:6d:9c:58:36:
59:41:f4:cd:2e:41:db:21:ee:42:48:67:c2:c3:50:
fe:0b:cd:eb:88:1b:2c:fd:2a:1b:e3:73:7f:ab:74:
fb:24:e6:61:82:26:f4:5a:e9:e6:41:9c:0a:8e:d1:
70:8b:19:b5:20:1d:88:43:27:94:82:a5:50:2b:44:
22:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:D8:00:CB:D5:99:0E:18:45:2E:D2:91:F2:58:67:AD:24:E4:84:F5
X509v3 Authority Key Identifier:
keyid:E1:25:7E:AA:BB:F6:04:D4:57:00:55:C2:CD:8A:C2:49:BB:29:C1:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4SV-qrv2BNRXAFXCzYrCSbspwQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/49bbd2-fe36-45d7-8def-81fa874ee2ed/1/9NgAy9WZDhhFLtKR8lhnrSTkhPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/49bbd2-fe36-45d7-8def-81fa874ee2ed/1/4SV-qrv2BNRXAFXCzYrCSbspwQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:4c40::/32
Signature Algorithm: sha256WithRSAEncryption
09:f6:91:ee:b4:21:55:fb:38:38:eb:93:e6:69:e2:46:18:10:
c9:12:a5:ee:56:23:94:f2:ea:c3:e0:1b:b0:99:20:99:b9:7c:
01:be:2b:d3:88:f8:4c:24:09:27:71:00:42:24:93:b5:c4:3b:
bc:29:63:4f:76:3f:9b:9c:7f:11:ed:c5:52:00:31:1a:00:f1:
f3:15:1d:1c:48:07:d6:2f:df:02:c3:a9:48:36:8d:33:55:4c:
3c:c1:99:f3:ea:b9:91:38:64:89:4b:3c:c9:77:86:9a:b0:4d:
42:ef:86:ca:72:9f:07:29:bb:1e:d3:6a:25:66:71:6c:bf:cb:
a7:21:63:c1:82:58:5b:7c:80:28:a8:e6:e0:1a:bf:18:36:37:
7c:1e:b8:64:9b:12:f6:ff:aa:70:50:99:88:9b:ea:ba:c4:67:
28:0f:6d:4d:10:18:17:fb:d5:2e:af:98:4a:d7:5e:1d:f4:05:
9a:8a:04:2d:4b:9f:8c:59:36:ab:50:fa:09:df:66:b3:06:0d:
36:66:b5:16:a3:90:19:c2:ac:16:10:d6:34:54:67:01:fc:10:
54:76:fe:19:f3:88:a5:a1:d6:60:0f:48:37:e9:a0:b7:cb:9d:
cd:2b:86:b4:e4:3c:2b:16:97:df:4d:05:5b:52:af:84:b1:23:
43:39:16:a0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY+fShlDmS/A0wy9Vykp0wxgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMjU3ZWFhYmJmNjA0ZDQ1NzAwNTVjMmNkOGFjMjQ5YmIy
OWMxMDYwHhcNMjQwNTIyMDc1MzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGQ4MDBjYmQ1OTkwZTE4NDUyZWQyOTFmMjU4NjdhZDI0ZTQ4NGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0zdZ8JZpNpsJ9nNqKfkiMFU6TnQM
lOkjUVKG0cNKnPY1gbHxjGHv/AJHa4y6WeDUsn+TLPjzu5xMZaRJ7fKYdqnciDZk
c9Jp+BwtSTldYZzOJRH4FMW0ah++nkMAmOiFgCPz4bw9EGi4kdMQNEmNZRips92b
8CNkOB5wM7WZ1ai5SufGOuimvEcjNEzrUmG+Slaw8s23mdlS6jJqgovjYlax3/zP
B7lJB9y96j8KmRBjD4KJZUytzIJGtO59im2cWDZZQfTNLkHbIe5CSGfCw1D+C83r
iBss/Sob43N/q3T7JOZhgib0WunmQZwKjtFwixm1IB2IQyeUgqVQK0Qi9QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPTYAMvVmQ4YRS7SkfJYZ60k5IT1MB8GA1UdIwQY
MBaAFOElfqq79gTUVwBVws2Kwkm7KcEGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFNWLXFydjJCTlJYQUZYQ3pZckNTYnNwd1FZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS80OWJiZDItZmUzNi00NWQ3LThkZWYt
ODFmYTg3NGVlMmVkLzEvOU5nQXk5V1pEaGhGTHRLUjhsaG5yU1RraFBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS80OWJiZDItZmUzNi00NWQ3LThkZWYtODFmYTg3NGVlMmVk
LzEvNFNWLXFydjJCTlJYQUZYQ3pZckNTYnNwd1FZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhRMQDAN
BgkqhkiG9w0BAQsFAAOCAQEACfaR7rQhVfs4OOuT5mniRhgQyRKl7lYjlPLqw+Ab
sJkgmbl8Ab4r04j4TCQJJ3EAQiSTtcQ7vCljT3Y/m5x/Ee3FUgAxGgDx8xUdHEgH
1i/fAsOpSDaNM1VMPMGZ8+q5kThkiUs8yXeGmrBNQu+GynKfBym7HtNqJWZxbL/L
pyFjwYJYW3yAKKjm4Bq/GDY3fB64ZJsS9v+qcFCZiJvqusRnKA9tTRAYF/vVLq+Y
StdeHfQFmooELUufjFk2q1D6Cd9mswYNNma1FqOQGcKsFhDWNFRnAfwQVHb+GfOI
paHWYA9IN+mgt8udzSuGtOQ8KxaX300FW1KvhLEjQzkWoA==
-----END CERTIFICATE-----
Generated at Fri May 2 09:09:25 2025 by rpki-client