Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/bMyCfp3r7h5KFsqA7Hk30LzjCVw.roa
File: bMyCfp3r7h5KFsqA7Hk30LzjCVw.roa (raw, json)
Hash identifier: jvHvNnv6RVQkIJMYlj3h0GvwsIBtDLn06qKBi95Je1o=
Subject key identifier: 6C:CC:82:7E:9D:EB:EE:1E:4A:16:CA:80:EC:79:37:D0:BC:E3:09:5C
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01965A365021EA889F6C0FFC2C4B60ADA820
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/bMyCfp3r7h5KFsqA7Hk30LzjCVw.roa
Signing time: Mon 21 Apr 2025 21:17:10 +0000
ROA not before: Mon 21 Apr 2025 21:17:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215819
IP address blocks: 2a13:c246::/33 maxlen: 33
2a14:1102:8000::/33 maxlen: 33
Validation: Failed, certificate revoked on Thu 01 May 2025 06:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5a:36:50:21:ea:88:9f:6c:0f:fc:2c:4b:60:ad:a8:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Apr 21 21:17:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ccc827e9debee1e4a16ca80ec7937d0bce3095c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:09:e4:86:5f:ff:09:a3:51:9d:86:22:d2:49:
65:60:e5:e0:b2:2f:9a:07:94:f0:b3:2d:c0:01:aa:
f6:5b:68:c5:34:6b:c2:ed:b4:e3:54:f2:4b:89:10:
68:45:b3:da:eb:6f:51:f6:63:b5:de:fd:c7:49:fa:
b0:dd:3d:1e:c5:e3:dc:d5:e0:8f:c8:2b:e4:d7:42:
c3:92:fa:e2:9c:fe:43:94:53:e1:57:f6:b2:91:c2:
80:a3:d0:bf:2f:f5:66:11:ee:22:bd:b7:c2:12:96:
fd:e4:79:41:78:d8:53:b0:72:e8:d5:5d:a8:4f:9e:
fb:95:9f:87:38:3e:79:9b:e4:ef:68:a9:41:30:6d:
d0:40:20:9f:10:ef:5a:85:a3:73:c6:ab:d9:4a:be:
6d:64:d1:54:94:66:85:c2:d2:1a:5a:64:66:36:a5:
22:8c:ca:19:b1:f7:bb:ea:39:15:a7:c3:49:ec:14:
63:43:2c:d0:7b:42:42:ee:c7:4a:12:a7:2c:a0:53:
3f:1f:cb:b3:5c:9a:74:cc:79:f6:56:b7:2c:fa:0a:
52:85:9f:67:5c:cf:5a:af:38:c5:74:a9:64:c0:c5:
d1:a1:31:0c:49:b8:9f:33:38:39:ef:7d:49:4c:64:
d9:82:fb:ca:06:15:68:31:b3:71:96:56:98:53:5e:
aa:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:CC:82:7E:9D:EB:EE:1E:4A:16:CA:80:EC:79:37:D0:BC:E3:09:5C
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/bMyCfp3r7h5KFsqA7Hk30LzjCVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:c246::/33
2a14:1102:8000::/33
Signature Algorithm: sha256WithRSAEncryption
45:d7:51:b3:4e:32:13:6c:43:53:07:8e:50:64:78:79:72:12:
33:0a:95:0f:ce:6b:ed:46:ee:45:4c:ec:65:dc:cd:07:2a:66:
fc:fb:a8:db:dc:da:0e:af:d4:88:a5:63:d0:bb:f1:17:01:18:
1b:e3:df:64:7a:b3:d4:ee:85:46:cb:87:d3:34:64:2c:e1:62:
66:14:ac:d4:6e:b2:61:a2:81:19:86:58:c6:e7:13:e0:e9:a9:
93:17:24:29:15:d7:ad:02:07:b8:95:46:a8:9b:b7:46:0a:c8:
9e:dd:a7:0c:61:af:72:87:27:c2:f1:57:8e:38:11:bf:8e:85:
78:93:e6:b6:26:b7:9d:13:3b:3c:6d:96:8e:e9:83:c0:5a:4b:
fe:20:60:aa:e0:42:5c:75:12:42:05:2f:cd:3b:38:cf:8f:55:
eb:ed:f2:4c:17:76:b6:03:16:8a:d3:a7:c7:4e:19:9b:74:f5:
8e:d1:08:26:ec:b8:d2:dd:9f:db:08:31:55:f4:2f:eb:68:ba:
9c:38:e6:9f:a2:bf:b3:ea:c6:0a:8c:29:35:08:69:ff:db:1b:
b7:b3:10:3a:e2:25:77:44:ee:1b:7a:1e:72:1c:38:b0:61:cb:
f1:30:0e:c2:ee:4c:4f:4c:6a:b8:12:ee:eb:9e:c7:6a:37:8a:
7b:f5:bc:1f
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZZaNlAh6oifbA/8LEtgraggMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNDIxMjExNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2NjODI3ZTlkZWJlZTFlNGExNmNhODBlYzc5MzdkMGJjZTMwOTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwnkhl//CaNRnYYi0kllYOXgsi+a
B5Twsy3AAar2W2jFNGvC7bTjVPJLiRBoRbPa629R9mO13v3HSfqw3T0exePc1eCP
yCvk10LDkvrinP5DlFPhV/aykcKAo9C/L/VmEe4ivbfCEpb95HlBeNhTsHLo1V2o
T577lZ+HOD55m+TvaKlBMG3QQCCfEO9ahaNzxqvZSr5tZNFUlGaFwtIaWmRmNqUi
jMoZsfe76jkVp8NJ7BRjQyzQe0JC7sdKEqcsoFM/H8uzXJp0zHn2Vrcs+gpShZ9n
XM9arzjFdKlkwMXRoTEMSbifMzg5731JTGTZgvvKBhVoMbNxllaYU16q1QIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFGzMgn6d6+4eShbKgOx5N9C84wlcMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvYk15Q2ZwM3I3aDVLRnNxQTdIazMwTHpqQ1Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYHKhPCRgAD
BgcqFBECgDANBgkqhkiG9w0BAQsFAAOCAQEARddRs04yE2xDUweOUGR4eXISMwqV
D85r7UbuRUzsZdzNBypm/Puo29zaDq/UiKVj0LvxFwEYG+PfZHqz1O6FRsuH0zRk
LOFiZhSs1G6yYaKBGYZYxucT4OmpkxckKRXXrQIHuJVGqJu3RgrInt2nDGGvcocn
wvFXjjgRv46FeJPmtia3nRM7PG2WjumDwFpL/iBgquBCXHUSQgUvzTs4z49V6+3y
TBd2tgMWitOnx04Zm3T1jtEIJuy40t2f2wgxVfQv62i6nDjmn6K/s+rGCowpNQhp
/9sbt7MQOuIld0TuG3oechw4sGHL8TAOwu5MT0xquBLu657HajeKe/W8Hw==
-----END CERTIFICATE-----
Generated at Tue May 13 01:00:28 2025 by rpki-client