Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/lj5i9m3M-XNclGRuZj7NTPUwDm8.roa
File: lj5i9m3M-XNclGRuZj7NTPUwDm8.roa (raw, json)
Hash identifier: gSFAm8uqX5BkPX5Z4jwvHHzGmdZIACA+rp+Hu51zTuY=
Subject key identifier: 96:3E:62:F6:6D:CC:F9:73:5C:94:64:6E:66:3E:CD:4C:F5:30:0E:6F
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0196816A510F5886C3611F348CB72FAAA436
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/lj5i9m3M-XNclGRuZj7NTPUwDm8.roa
Signing time: Tue 29 Apr 2025 11:59:10 +0000
ROA not before: Tue 29 Apr 2025 11:59:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209709
IP address blocks: 2a13:b4c5::/32 maxlen: 32
2a14:1103::/33 maxlen: 33
Validation: Failed, certificate revoked on Thu 01 May 2025 06:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:81:6a:51:0f:58:86:c3:61:1f:34:8c:b7:2f:aa:a4:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Apr 29 11:59:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=963e62f66dccf9735c94646e663ecd4cf5300e6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e3:23:81:0c:13:3a:e8:09:7b:43:ec:5b:c3:
f1:33:d8:b6:b4:ea:a5:34:8f:a7:0d:e4:f1:02:ed:
e1:20:e0:1f:20:94:49:06:93:b4:06:79:3a:65:11:
b2:d7:f6:9f:e0:d4:a2:2a:5d:a3:08:1b:db:1c:58:
9c:f7:f8:c9:95:fb:53:ea:7c:3c:ec:ff:45:cc:66:
75:1c:f4:c7:ab:da:a6:44:58:96:8f:49:a6:2b:20:
d5:6f:a4:9d:6c:73:4f:d9:51:71:ba:2e:51:d7:cd:
ae:48:00:b9:9d:ec:cf:11:56:72:53:f2:f4:63:a4:
ed:47:ec:8b:e5:7b:56:f9:80:13:d0:b8:60:5f:89:
52:92:06:7e:3b:79:8f:03:0a:67:ed:46:b1:f4:ae:
b0:eb:54:3e:22:87:b2:13:b5:2f:39:72:83:42:7e:
82:d6:d8:58:5f:15:b6:16:93:92:3c:74:55:88:b5:
0c:23:f8:18:ea:0e:44:1c:48:30:b4:06:37:a5:fd:
f8:34:a8:a0:f7:27:9e:30:50:57:71:ca:f6:8a:33:
31:f3:fe:94:fd:db:47:f1:6c:54:ef:cf:2b:ad:91:
d6:d2:e8:38:25:e9:6e:68:e9:9a:70:4d:a8:3b:25:
bd:f5:88:79:57:16:d7:48:16:fa:e7:27:f1:0c:4c:
62:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:3E:62:F6:6D:CC:F9:73:5C:94:64:6E:66:3E:CD:4C:F5:30:0E:6F
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/lj5i9m3M-XNclGRuZj7NTPUwDm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:b4c5::/32
2a14:1103::/33
Signature Algorithm: sha256WithRSAEncryption
14:b3:d2:a0:f1:ff:47:47:55:bc:ed:68:ce:3c:0e:4a:6a:bb:
d8:cf:09:34:77:c8:28:89:dd:11:ea:6c:d2:39:e3:50:a3:12:
a7:a3:2a:83:fd:d2:ad:13:55:26:5c:c4:bd:ff:62:a1:80:2e:
0f:dc:55:97:b4:53:10:93:96:e6:75:c5:a3:95:58:45:7f:89:
d6:5f:b4:36:37:43:fb:b9:d0:2b:e9:58:dc:ac:a8:4f:1f:6f:
b7:4b:e0:cb:e3:df:68:45:c4:71:5c:77:d0:39:db:30:de:f5:
31:49:98:1a:72:df:5d:d6:a8:56:35:c9:71:15:5b:58:2b:99:
7e:b8:55:1c:26:ff:b4:50:8c:b0:24:20:c9:9f:e7:38:80:e2:
7d:d4:ee:7f:a5:49:78:a9:9a:87:bb:bb:7b:57:2c:bf:54:6a:
a4:30:84:7c:e1:67:d9:73:96:9c:8f:31:56:07:29:2f:2d:43:
ce:cf:06:18:42:3c:52:02:8a:e8:2a:f3:95:b5:8f:46:00:49:
44:6a:f5:7e:d5:b8:64:57:15:c4:d6:29:81:27:66:68:58:30:
f9:a3:83:40:5e:b6:29:2e:de:8b:78:2c:fa:0b:dc:63:76:55:
37:ba:0c:1c:58:b7:94:ef:ad:5b:bc:e7:c5:14:b6:c6:f7:81:
0d:55:91:6e
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAZaBalEPWIbDYR80jLcvqqQ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNDI5MTE1OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjNlNjJmNjZkY2NmOTczNWM5NDY0NmU2NjNlY2Q0Y2Y1MzAwZTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuMjgQwTOugJe0PsW8PxM9i2tOql
NI+nDeTxAu3hIOAfIJRJBpO0Bnk6ZRGy1/af4NSiKl2jCBvbHFic9/jJlftT6nw8
7P9FzGZ1HPTHq9qmRFiWj0mmKyDVb6SdbHNP2VFxui5R182uSAC5nezPEVZyU/L0
Y6TtR+yL5XtW+YAT0LhgX4lSkgZ+O3mPAwpn7Uax9K6w61Q+IoeyE7UvOXKDQn6C
1thYXxW2FpOSPHRViLUMI/gY6g5EHEgwtAY3pf34NKig9yeeMFBXccr2ijMx8/6U
/dtH8WxU788rrZHW0ug4JeluaOmacE2oOyW99Yh5VxbXSBb65yfxDExi2QIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFJY+YvZtzPlzXJRkbmY+zUz1MA5vMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvbGo1aTltM00tWE5jbEdSdVpqN05UUFV3RG04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCgGCCsGAQUFBwEHAQH/BBkwFzAVBAIAAjAPAwUAKhO0xQMG
ByoUEQMAMA0GCSqGSIb3DQEBCwUAA4IBAQAUs9Kg8f9HR1W87WjOPA5KarvYzwk0
d8goid0R6mzSOeNQoxKnoyqD/dKtE1UmXMS9/2KhgC4P3FWXtFMQk5bmdcWjlVhF
f4nWX7Q2N0P7udAr6VjcrKhPH2+3S+DL499oRcRxXHfQOdsw3vUxSZgact9d1qhW
NclxFVtYK5l+uFUcJv+0UIywJCDJn+c4gOJ91O5/pUl4qZqHu7t7Vyy/VGqkMIR8
4WfZc5acjzFWBykvLUPOzwYYQjxSAoroKvOVtY9GAElEavV+1bhkVxXE1imBJ2Zo
WDD5o4NAXrYpLt6LeCz6C9xjdlU3ugwcWLeU761bvOfFFLbG94ENVZFu
-----END CERTIFICATE-----
Generated at Mon May 12 23:13:11 2025 by rpki-client