Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/SGQbKWEA2RHOH3WIv-tKFbtyr-E.roa
File: SGQbKWEA2RHOH3WIv-tKFbtyr-E.roa (raw, json)
Hash identifier: ck3TRwljYGoNN48cTFXYlE2T52qMJQ+Rb8NrSsh2rIo=
Subject key identifier: 48:64:1B:29:61:00:D9:11:CE:1F:75:88:BF:EB:4A:15:BB:72:AF:E1
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01965A364E412B3987E5EF434ED204E87CDD
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/SGQbKWEA2RHOH3WIv-tKFbtyr-E.roa
Signing time: Mon 21 Apr 2025 21:17:10 +0000
ROA not before: Mon 21 Apr 2025 21:17:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204335
IP address blocks: 2a13:c245::/33 maxlen: 33
2a14:1101:8000::/33 maxlen: 33
Validation: Failed, certificate revoked on Thu 01 May 2025 06:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5a:36:4e:41:2b:39:87:e5:ef:43:4e:d2:04:e8:7c:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Apr 21 21:17:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=48641b296100d911ce1f7588bfeb4a15bb72afe1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3b:44:59:4c:02:d4:b0:a1:79:71:e6:13:d9:
a6:3d:f8:19:20:49:8b:0e:fa:f2:d1:34:ca:5e:1f:
2b:6e:50:59:fb:da:1a:ed:6e:4a:0a:45:31:2f:1f:
86:b0:ef:46:33:77:84:7b:39:cf:ec:29:be:cf:61:
3b:34:b8:03:27:2a:97:b6:a3:21:1e:a8:61:61:4d:
8c:41:ca:e5:36:8f:b2:f7:e4:23:be:1e:da:aa:ac:
17:66:79:8b:d7:12:5b:90:3a:45:9a:d1:65:21:2e:
87:34:03:c5:77:b8:a3:5b:10:9a:af:86:7e:37:da:
4d:ae:7d:2d:ac:de:87:87:7a:44:cf:68:5f:fe:27:
9c:e2:34:5f:d9:82:4e:71:3d:78:67:a5:81:ef:9b:
a1:20:5b:09:fa:0c:9c:f9:09:e0:f1:42:e4:76:ca:
7b:85:70:6c:b2:7c:f3:a7:f2:a2:4d:6e:9b:7f:8d:
f3:58:2f:b9:85:76:a6:dd:0b:c9:13:e7:a5:20:60:
d0:df:92:e6:d9:9f:55:dd:7b:1f:b0:d6:51:f2:41:
45:39:45:0f:39:b1:df:81:b4:fb:13:d5:45:b6:74:
09:a9:e9:9b:65:a3:a4:44:68:96:fb:5b:12:7a:be:
1d:13:84:52:c7:06:47:1c:d1:97:ab:21:86:37:07:
bd:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:64:1B:29:61:00:D9:11:CE:1F:75:88:BF:EB:4A:15:BB:72:AF:E1
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/SGQbKWEA2RHOH3WIv-tKFbtyr-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:c245::/33
2a14:1101:8000::/33
Signature Algorithm: sha256WithRSAEncryption
14:79:9d:ad:a9:6e:29:16:d5:4e:97:35:dd:2b:78:62:ae:5c:
6e:3c:25:b3:bc:76:4d:39:61:b0:37:72:aa:92:4d:ad:3c:11:
f9:a0:72:0e:ee:1b:76:d1:29:43:8a:39:2d:f7:b5:d6:7a:da:
76:0e:5e:89:54:55:9c:ce:80:29:fa:e0:22:53:f9:d0:8b:88:
6c:bb:c1:72:15:d3:1d:d6:31:03:26:74:69:aa:c7:3c:81:53:
a8:8e:0f:02:12:31:e4:41:f6:53:d8:da:e6:0d:2b:4a:f9:c7:
be:de:99:94:dc:e2:d8:de:13:88:e9:56:1e:02:7d:b3:f9:a8:
55:a0:db:5c:96:39:04:fb:b2:60:87:f5:60:22:7b:70:4e:87:
7e:a8:55:8b:6c:cb:f6:7f:85:be:b2:42:30:40:52:32:f1:c8:
0a:bd:f1:94:46:6a:32:98:69:0e:21:00:19:39:e0:f5:12:1c:
1a:f0:05:5f:e1:7e:85:20:81:2c:a7:31:3c:f6:e9:4e:d0:af:
5a:17:7c:8d:35:5d:7e:16:bd:2e:14:95:65:d0:c5:ed:ff:a7:
c8:f5:18:7b:44:82:3d:dd:15:fc:3a:44:75:63:76:f6:7e:be:
a8:17:d8:3f:09:07:ac:6b:8c:2b:c3:42:03:f1:27:c6:ab:b8:
f9:2c:46:14
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZZaNk5BKzmH5e9DTtIE6HzdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNDIxMjExNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODY0MWIyOTYxMDBkOTExY2UxZjc1ODhiZmViNGExNWJiNzJhZmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTtEWUwC1LCheXHmE9mmPfgZIEmL
Dvry0TTKXh8rblBZ+9oa7W5KCkUxLx+GsO9GM3eEeznP7Cm+z2E7NLgDJyqXtqMh
HqhhYU2MQcrlNo+y9+Qjvh7aqqwXZnmL1xJbkDpFmtFlIS6HNAPFd7ijWxCar4Z+
N9pNrn0trN6Hh3pEz2hf/iec4jRf2YJOcT14Z6WB75uhIFsJ+gyc+Qng8ULkdsp7
hXBssnzzp/KiTW6bf43zWC+5hXam3QvJE+elIGDQ35Lm2Z9V3XsfsNZR8kFFOUUP
ObHfgbT7E9VFtnQJqembZaOkRGiW+1sSer4dE4RSxwZHHNGXqyGGNwe9qQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFEhkGylhANkRzh91iL/rShW7cq/hMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvU0dRYktXRUEyUkhPSDNXSXYtdEtGYnR5ci1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYHKhPCRQAD
BgcqFBEBgDANBgkqhkiG9w0BAQsFAAOCAQEAFHmdraluKRbVTpc13St4Yq5cbjwl
s7x2TTlhsDdyqpJNrTwR+aByDu4bdtEpQ4o5Lfe11nradg5eiVRVnM6AKfrgIlP5
0IuIbLvBchXTHdYxAyZ0aarHPIFTqI4PAhIx5EH2U9ja5g0rSvnHvt6ZlNzi2N4T
iOlWHgJ9s/moVaDbXJY5BPuyYIf1YCJ7cE6HfqhVi2zL9n+FvrJCMEBSMvHICr3x
lEZqMphpDiEAGTng9RIcGvAFX+F+hSCBLKcxPPbpTtCvWhd8jTVdfha9LhSVZdDF
7f+nyPUYe0SCPd0V/DpEdWN29n6+qBfYPwkHrGuMK8NCA/Enxqu4+SxGFA==
-----END CERTIFICATE-----
Generated at Mon May 12 20:48:55 2025 by rpki-client