Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/cRGMK52be7K7d6ijojnpmMV1JwU.roa
File: cRGMK52be7K7d6ijojnpmMV1JwU.roa (raw, json)
Hash identifier: Ky2iZROnX6Pwa0lYMEAEhfgvdLFG0vWWrYZtayvazVo=
Subject key identifier: 71:11:8C:2B:9D:9B:7B:B2:BB:77:A8:A3:A2:39:E9:98:C5:75:27:05
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0196816A516CAC71F2E6BE24989106F3F07B
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/cRGMK52be7K7d6ijojnpmMV1JwU.roa
Signing time: Tue 29 Apr 2025 11:59:10 +0000
ROA not before: Tue 29 Apr 2025 11:59:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215568
IP address blocks: 2a13:b4c6::/32 maxlen: 32
2a13:c247:8000::/33 maxlen: 33
Validation: Failed, certificate revoked on Thu 08 May 2025 20:28:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:81:6a:51:6c:ac:71:f2:e6:be:24:98:91:06:f3:f0:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Apr 29 11:59:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=71118c2b9d9b7bb2bb77a8a3a239e998c5752705
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:18:36:84:9d:f1:32:f6:05:64:13:88:1e:ce:
cf:09:9d:3b:5c:b3:38:68:f8:ac:0c:e5:6b:2c:da:
0a:64:a3:50:7b:ff:a2:de:df:c7:b1:c1:f3:78:fb:
1d:97:a5:f0:f0:03:0c:32:85:fb:c7:64:9d:8a:d6:
00:21:98:22:08:d8:18:8b:9e:d6:6c:c1:9e:dc:43:
2b:0f:3e:a4:c7:26:f3:46:63:cd:08:28:77:e4:df:
a2:6f:77:7c:da:b3:0a:12:06:96:25:fc:47:f9:66:
91:20:44:66:dc:c8:46:ff:4f:67:4b:ae:d2:52:76:
f5:04:8f:2a:70:e5:aa:41:35:08:c0:71:3b:4e:d9:
bf:3c:15:2d:0c:d4:b7:1c:a1:fb:ef:17:89:27:83:
2e:40:2c:37:22:1d:6d:eb:7f:23:50:11:9c:0f:9b:
94:2c:85:62:49:0d:23:30:58:8c:17:b2:19:19:af:
fa:fb:93:cb:9d:e9:00:d9:fd:67:54:cc:cb:4e:5a:
44:5f:53:ca:4a:a5:b2:02:d8:2e:7a:9f:e6:ab:62:
8d:3d:f8:10:09:1c:82:7f:bf:35:a9:dc:a9:47:d6:
e0:3f:8c:7a:35:1a:eb:66:01:33:f7:ab:f5:b5:0b:
db:b2:62:fc:15:43:8c:a6:97:d9:66:ab:45:05:3a:
06:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:11:8C:2B:9D:9B:7B:B2:BB:77:A8:A3:A2:39:E9:98:C5:75:27:05
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/cRGMK52be7K7d6ijojnpmMV1JwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:b4c6::/32
2a13:c247:8000::/33
Signature Algorithm: sha256WithRSAEncryption
50:91:a8:c0:9b:24:ed:2a:e3:49:ab:c9:3e:4c:6c:a1:1e:f5:
1b:87:91:60:c6:bb:c1:82:2c:1f:22:21:8f:2b:20:78:99:7b:
16:40:0b:6c:1b:5b:82:8a:3d:7f:65:6f:b7:7d:ad:59:66:4b:
41:23:2c:b2:cd:e1:a4:26:a6:38:15:da:ed:ba:7e:eb:ca:91:
ce:12:7e:38:dc:d6:5c:10:47:6f:3f:db:76:1b:07:ad:81:1a:
2d:84:3f:7d:1d:bc:70:a4:3f:52:c0:ad:d7:2e:42:4f:51:e1:
9b:07:06:b7:6e:2f:8c:8d:cb:31:1b:fa:72:58:7b:60:ea:62:
fc:9c:95:70:6a:14:2b:d6:73:61:6a:8a:71:42:11:6d:46:41:
99:30:3b:eb:bd:81:51:71:49:8d:9c:64:b2:e7:bd:03:0d:89:
d2:7b:6b:0a:d6:89:69:1f:72:c6:b4:3c:db:e6:95:47:9b:ed:
0e:ad:fb:59:3a:ad:ab:ca:d7:b6:54:6d:e7:57:a6:0a:e8:18:
37:b7:e1:ad:92:4d:54:a1:e5:cf:e6:93:2c:ab:66:c1:f1:0c:
63:08:51:9a:55:6c:69:72:5f:d6:26:5d:cd:9e:ad:b6:af:6a:
34:de:27:8c:3c:1e:54:05:d5:dd:71:71:7f:9c:85:35:35:a0:
11:e4:cf:99
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAZaBalFsrHHy5r4kmJEG8/B7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNDI5MTE1OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTExOGMyYjlkOWI3YmIyYmI3N2E4YTNhMjM5ZTk5OGM1NzUyNzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBg2hJ3xMvYFZBOIHs7PCZ07XLM4
aPisDOVrLNoKZKNQe/+i3t/HscHzePsdl6Xw8AMMMoX7x2SditYAIZgiCNgYi57W
bMGe3EMrDz6kxybzRmPNCCh35N+ib3d82rMKEgaWJfxH+WaRIERm3MhG/09nS67S
Unb1BI8qcOWqQTUIwHE7Ttm/PBUtDNS3HKH77xeJJ4MuQCw3Ih1t638jUBGcD5uU
LIViSQ0jMFiMF7IZGa/6+5PLnekA2f1nVMzLTlpEX1PKSqWyAtguep/mq2KNPfgQ
CRyCf781qdypR9bgP4x6NRrrZgEz96v1tQvbsmL8FUOMppfZZqtFBToGPwIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFHERjCudm3uyu3eoo6I56ZjFdScFMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvY1JHTUs1MmJlN0s3ZDZpam9qbnBtTVYxSndVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCgGCCsGAQUFBwEHAQH/BBkwFzAVBAIAAjAPAwUAKhO0xgMG
ByoTwkeAMA0GCSqGSIb3DQEBCwUAA4IBAQBQkajAmyTtKuNJq8k+TGyhHvUbh5Fg
xrvBgiwfIiGPKyB4mXsWQAtsG1uCij1/ZW+3fa1ZZktBIyyyzeGkJqY4Fdrtun7r
ypHOEn443NZcEEdvP9t2GwetgRothD99HbxwpD9SwK3XLkJPUeGbBwa3bi+Mjcsx
G/pyWHtg6mL8nJVwahQr1nNhaopxQhFtRkGZMDvrvYFRcUmNnGSy570DDYnSe2sK
1olpH3LGtDzb5pVHm+0OrftZOq2ryte2VG3nV6YK6Bg3t+Gtkk1UoeXP5pMsq2bB
8QxjCFGaVWxpcl/WJl3Nnq22r2o03ieMPB5UBdXdcXF/nIU1NaAR5M+Z
-----END CERTIFICATE-----
Generated at Mon May 12 20:20:48 2025 by rpki-client