Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/1Z7ORpHskuzf33Wo6t3jrRDB1IM.roa
File: 1Z7ORpHskuzf33Wo6t3jrRDB1IM.roa (raw, json)
Hash identifier: hP93JArGQP+LwQFCcur8XSmqPjnfAKdxKfVg8IMZeBk=
Subject key identifier: D5:9E:CE:46:91:EC:92:EC:DF:DF:75:A8:EA:DD:E3:AD:10:C1:D4:83
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 019681687C85342152C48878A98C762D9A05
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/1Z7ORpHskuzf33Wo6t3jrRDB1IM.roa
Signing time: Tue 29 Apr 2025 11:57:10 +0000
ROA not before: Tue 29 Apr 2025 11:57:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205745
IP address blocks: 2a14:1101::/33 maxlen: 33
Validation: Failed, certificate revoked on Thu 01 May 2025 06:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:81:68:7c:85:34:21:52:c4:88:78:a9:8c:76:2d:9a:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Apr 29 11:57:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d59ece4691ec92ecdfdf75a8eadde3ad10c1d483
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:b4:01:ba:8a:e3:ef:72:19:d6:b7:ab:df:8b:
1e:02:ba:08:55:1e:ce:9c:b7:56:a3:08:ab:e6:9d:
9d:2e:bc:6d:18:0e:3c:27:30:10:76:f0:e9:9e:6e:
a9:8f:a9:a1:6c:82:d6:08:de:25:d7:a5:37:98:b0:
a0:9a:98:9c:46:d1:17:f8:43:11:83:8b:61:2d:f4:
86:b4:06:c1:49:9b:61:3a:3d:ac:54:16:c4:68:71:
d5:09:c6:98:51:eb:9e:be:50:dc:91:e8:d9:f0:d0:
b1:23:d0:f6:17:ac:df:fc:c8:af:56:17:55:7d:43:
df:34:e6:ae:41:ad:5f:22:22:67:d7:fa:7f:92:7b:
9d:f0:3a:e0:d7:30:ee:de:84:cf:b0:11:74:b4:1b:
e1:76:e3:d4:ed:93:da:2c:ef:59:4e:77:78:51:45:
11:92:84:3f:ac:3a:6f:ba:f8:de:68:a8:a8:90:38:
81:ea:7c:3e:66:45:e1:62:1d:c4:f7:dc:8b:5d:1c:
16:d7:ea:b7:56:a5:aa:ff:72:00:73:c4:65:67:d9:
f2:24:a9:7e:58:ae:58:e4:b0:e8:2b:12:84:df:92:
4f:e9:86:09:8c:00:ba:7c:c6:25:11:d3:d3:26:38:
f0:47:9f:f3:8e:bb:87:db:15:8b:75:cf:d2:37:8f:
49:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:9E:CE:46:91:EC:92:EC:DF:DF:75:A8:EA:DD:E3:AD:10:C1:D4:83
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/1Z7ORpHskuzf33Wo6t3jrRDB1IM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1101::/33
Signature Algorithm: sha256WithRSAEncryption
18:bb:a0:20:73:33:74:3d:ac:8e:e3:62:9e:21:62:98:21:fe:
ac:a9:c1:4e:0c:0b:c6:10:4f:46:e7:72:40:6a:4b:6b:a9:27:
7c:af:c3:1b:c0:7c:8e:9a:f8:c3:44:c4:c9:9e:55:7e:4e:04:
d9:e1:61:02:d4:4e:3a:d7:cd:ab:da:22:38:53:6f:6b:a4:f1:
2d:77:ba:e2:a5:3a:6f:60:11:f9:10:d6:56:5e:d2:20:60:e2:
02:ad:bc:d6:9e:2a:84:f6:1e:32:00:17:3b:de:43:1c:5a:c5:
4e:97:45:2f:2d:46:4b:8f:76:2d:ed:f3:e1:7d:0e:f5:57:15:
dc:c0:7a:ef:16:07:bf:be:6b:9d:b9:62:ec:e3:b8:f9:66:18:
0d:45:ed:22:33:fb:6b:af:c3:07:fa:74:f9:c6:87:e1:5b:19:
4f:34:50:27:a1:ff:75:88:d3:59:3f:c0:63:a8:eb:65:26:0a:
0f:96:8b:c2:e0:27:03:51:e2:8b:71:fb:83:2b:87:c5:84:95:
09:d5:28:4e:20:9b:03:5e:27:0c:49:80:9e:56:be:66:64:83:
89:33:91:2b:d4:0f:1f:09:11:cb:52:89:6e:c4:ab:5b:7c:c6:
90:96:92:41:0c:1c:53:93:1c:75:da:87:ac:bd:ef:92:f7:0e:
4e:6c:05:a6
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZaBaHyFNCFSxIh4qYx2LZoFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNDI5MTE1NzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTllY2U0NjkxZWM5MmVjZGZkZjc1YThlYWRkZTNhZDEwYzFkNDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA67QBuorj73IZ1rer34seAroIVR7O
nLdWowir5p2dLrxtGA48JzAQdvDpnm6pj6mhbILWCN4l16U3mLCgmpicRtEX+EMR
g4thLfSGtAbBSZthOj2sVBbEaHHVCcaYUeuevlDckejZ8NCxI9D2F6zf/MivVhdV
fUPfNOauQa1fIiJn1/p/knud8Drg1zDu3oTPsBF0tBvhduPU7ZPaLO9ZTnd4UUUR
koQ/rDpvuvjeaKiokDiB6nw+ZkXhYh3E99yLXRwW1+q3VqWq/3IAc8RlZ9nyJKl+
WK5Y5LDoKxKE35JP6YYJjAC6fMYlEdPTJjjwR5/zjruH2xWLdc/SN49JZwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNWezkaR7JLs3991qOrd460QwdSDMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvMVo3T1JwSHNrdXpmMzNXbzZ0M2pyUkRCMUlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYHKhQRAQAw
DQYJKoZIhvcNAQELBQADggEBABi7oCBzM3Q9rI7jYp4hYpgh/qypwU4MC8YQT0bn
ckBqS2upJ3yvwxvAfI6a+MNExMmeVX5OBNnhYQLUTjrXzavaIjhTb2uk8S13uuKl
Om9gEfkQ1lZe0iBg4gKtvNaeKoT2HjIAFzveQxxaxU6XRS8tRkuPdi3t8+F9DvVX
FdzAeu8WB7++a525YuzjuPlmGA1F7SIz+2uvwwf6dPnGh+FbGU80UCeh/3WI01k/
wGOo62UmCg+Wi8LgJwNR4otx+4Mrh8WElQnVKE4gmwNeJwxJgJ5WvmZkg4kzkSvU
Dx8JEctSiW7Eq1t8xpCWkkEMHFOTHHXah6y975L3Dk5sBaY=
-----END CERTIFICATE-----
Generated at Mon May 12 20:14:00 2025 by rpki-client