Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/YZFxY1AsWtlGHL_sw1chL85I1pw.roa
File: YZFxY1AsWtlGHL_sw1chL85I1pw.roa (raw, json)
Hash identifier: cDb6zOo+hs6I4i5RXSC5psaFIz/wL+XBY2+XQybJerw=
Subject key identifier: 61:91:71:63:50:2C:5A:D9:46:1C:BF:EC:C3:57:21:2F:CE:48:D6:9C
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0196816966DF3CB67E1D77244B61714AC0E3
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/YZFxY1AsWtlGHL_sw1chL85I1pw.roa
Signing time: Tue 29 Apr 2025 11:58:10 +0000
ROA not before: Tue 29 Apr 2025 11:58:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 264749
IP address blocks: 2a10:3f80::/29 maxlen: 29
2a13:b4c3::/32 maxlen: 32
2a14:1106:8000::/33 maxlen: 33
Validation: Failed, certificate revoked on Thu 01 May 2025 06:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:81:69:66:df:3c:b6:7e:1d:77:24:4b:61:71:4a:c0:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Apr 29 11:58:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=61917163502c5ad9461cbfecc357212fce48d69c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:25:ae:46:1f:cc:36:a4:74:10:b4:66:88:b9:
96:96:54:64:b7:d4:4e:7f:30:e8:94:43:fd:10:04:
04:9c:da:25:35:5c:cd:fd:7d:7f:fc:21:c2:29:ba:
10:91:de:5c:e5:f6:ca:b4:9b:0b:31:c1:a9:23:23:
51:ca:0c:9d:d5:b4:22:39:a7:1a:85:df:0f:d3:4e:
4c:db:34:53:68:1d:29:ed:d9:df:4f:59:34:4f:07:
87:38:f3:cd:6b:be:c4:9f:c8:1d:1e:4b:7e:94:61:
43:3c:d1:df:56:61:f2:00:b4:2f:37:f9:4c:28:2f:
8e:c3:30:9c:9c:43:25:ee:6c:e3:f3:4a:be:e3:ef:
1d:e4:c3:8d:56:05:39:d5:f7:3e:b7:5d:d2:49:fb:
cd:18:cb:8a:00:8e:bb:01:fa:a5:55:4c:2e:1a:73:
9c:dd:bb:04:77:ca:c3:c6:2f:ee:a3:ab:59:23:31:
08:48:c2:53:03:73:a3:78:79:4e:6f:45:3e:1f:d1:
d1:2e:d2:f0:45:9b:c9:c3:bb:d3:8b:b2:db:88:4b:
e5:11:bc:6a:f4:4b:66:23:7a:88:71:ed:77:cf:37:
2a:9a:bf:a9:43:f5:e7:d7:fb:37:6d:aa:b6:00:7a:
df:17:f3:a5:70:67:27:57:1e:c1:20:cc:94:55:f6:
9f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:91:71:63:50:2C:5A:D9:46:1C:BF:EC:C3:57:21:2F:CE:48:D6:9C
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/YZFxY1AsWtlGHL_sw1chL85I1pw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:3f80::/29
2a13:b4c3::/32
2a14:1106:8000::/33
Signature Algorithm: sha256WithRSAEncryption
13:05:3d:47:00:e0:d9:b7:cd:33:3f:99:7d:46:16:ca:31:f4:
8e:6c:f8:ad:08:ee:0f:df:fe:39:df:ae:69:69:08:91:cb:88:
bc:86:3f:70:75:dd:a4:a2:b5:65:2d:44:e9:fc:e4:01:92:46:
92:92:6a:13:f5:cf:99:2b:20:9d:e1:d6:e1:73:06:a2:c9:d9:
b6:c1:23:99:a3:2c:a8:9d:3e:01:c0:06:d7:88:9a:db:27:3c:
64:f1:ed:3d:06:a7:e7:2c:61:74:8a:2c:80:99:6c:d6:df:30:
20:8e:2e:17:6f:e6:76:e3:01:d7:83:3c:ca:32:8d:30:31:48:
29:9f:cb:a6:69:7f:52:bc:e3:ca:1b:ca:44:cb:c1:be:19:7d:
f7:b9:fe:7b:9a:7e:e4:3b:af:73:b2:b6:d4:d0:08:6e:c7:43:
27:e3:05:97:5d:42:d1:21:47:1f:db:60:a6:5d:11:21:7b:78:
67:5e:26:1a:93:c4:ba:e3:48:54:5f:f8:fa:1c:61:43:48:94:
ce:a2:f4:e4:2a:90:4a:67:24:a4:50:5d:28:e2:73:c3:90:5e:
19:17:bc:0d:7f:a9:63:ec:05:ac:82:45:ff:0a:68:08:d4:75:
85:a9:4d:d1:fd:c7:e7:ec:e5:18:01:71:76:b7:60:73:b6:97:
47:3c:b6:30
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZaBaWbfPLZ+HXckS2FxSsDjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNDI5MTE1ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTkxNzE2MzUwMmM1YWQ5NDYxY2JmZWNjMzU3MjEyZmNlNDhkNjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCWuRh/MNqR0ELRmiLmWllRkt9RO
fzDolEP9EAQEnNolNVzN/X1//CHCKboQkd5c5fbKtJsLMcGpIyNRygyd1bQiOaca
hd8P005M2zRTaB0p7dnfT1k0TweHOPPNa77En8gdHkt+lGFDPNHfVmHyALQvN/lM
KC+OwzCcnEMl7mzj80q+4+8d5MONVgU51fc+t13SSfvNGMuKAI67AfqlVUwuGnOc
3bsEd8rDxi/uo6tZIzEISMJTA3OjeHlOb0U+H9HRLtLwRZvJw7vTi7LbiEvlEbxq
9EtmI3qIce13zzcqmr+pQ/Xn1/s3baq2AHrfF/OlcGcnVx7BIMyUVfafKwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFGGRcWNQLFrZRhy/7MNXIS/OSNacMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvWVpGeFkxQXNXdGxHSExfc3cxY2hMODVJMXB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAcBAIAAjAWAwUDKhA/gAMF
ACoTtMMDBgcqFBEGgDANBgkqhkiG9w0BAQsFAAOCAQEAEwU9RwDg2bfNMz+ZfUYW
yjH0jmz4rQjuD9/+Od+uaWkIkcuIvIY/cHXdpKK1ZS1E6fzkAZJGkpJqE/XPmSsg
neHW4XMGosnZtsEjmaMsqJ0+AcAG14ia2yc8ZPHtPQan5yxhdIosgJls1t8wII4u
F2/mduMB14M8yjKNMDFIKZ/Lpml/UrzjyhvKRMvBvhl997n+e5p+5Duvc7K21NAI
bsdDJ+MFl11C0SFHH9tgpl0RIXt4Z14mGpPEuuNIVF/4+hxhQ0iUzqL05CqQSmck
pFBdKOJzw5BeGRe8DX+pY+wFrIJF/wpoCNR1halN0f3H5+zlGAFxdrdgc7aXRzy2
MA==
-----END CERTIFICATE-----
Generated at Tue May 13 00:20:01 2025 by rpki-client