Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/pYqvGukkDLKnyXyHPWq7ZuFa7jo.roa
File: pYqvGukkDLKnyXyHPWq7ZuFa7jo.roa (raw, json)
Hash identifier: B5Tasw0Ks2nGXEAKGP+RDGkINtAdNfiBonaQ+UtMOR0=
Subject key identifier: A5:8A:AF:1A:E9:24:0C:B2:A7:C9:7C:87:3D:6A:BB:66:E1:5A:EE:3A
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01968A87175FD0DD9630A7A1795C26B790E6
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/pYqvGukkDLKnyXyHPWq7ZuFa7jo.roa
Signing time: Thu 01 May 2025 06:27:11 +0000
ROA not before: Thu 01 May 2025 06:27:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209709
IP address blocks: 2a13:b4c5::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 08 May 2025 20:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8a:87:17:5f:d0:dd:96:30:a7:a1:79:5c:26:b7:90:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: May 1 06:27:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a58aaf1ae9240cb2a7c97c873d6abb66e15aee3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e5:3f:29:60:89:e0:45:ca:5e:6e:e3:84:c0:
c2:7e:80:33:eb:15:e4:2b:d3:39:3b:00:49:27:dd:
f3:9e:fa:3d:3a:eb:0f:ae:2d:18:c8:3b:f8:1e:0a:
3e:f7:c7:25:80:59:16:92:35:6d:dd:6f:f3:3c:55:
e0:33:01:1b:de:af:0a:0b:9b:56:b5:b4:41:9b:2e:
1f:d8:f0:60:0f:11:2c:f5:59:89:08:69:98:da:be:
62:b8:8b:23:79:9f:26:3e:0f:64:7e:b8:7c:99:2d:
5c:4d:b6:ac:a2:ff:2c:fb:8b:f5:3d:c6:c7:bf:9c:
60:8a:fd:f2:89:f1:dd:0d:68:10:3f:2a:46:0b:d8:
08:6f:6e:c1:9d:4a:3f:15:4b:db:f8:ec:4c:4c:5b:
04:8c:15:3c:8c:07:d1:03:66:32:31:a1:70:b3:06:
2c:07:6c:9c:02:70:d4:57:24:3e:77:75:1b:33:1a:
a5:b9:e2:2d:62:ac:5a:c9:21:da:63:59:1a:ba:25:
2e:5b:8c:d7:67:5c:86:36:45:55:0e:a2:8f:53:90:
d9:42:9f:43:e3:08:53:f5:3f:91:f8:00:81:0f:b5:
3a:60:9a:88:f3:b7:23:6a:ab:d4:40:77:4c:79:50:
03:e1:5c:60:50:04:b4:99:b3:f9:b7:4b:0e:c1:58:
14:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:8A:AF:1A:E9:24:0C:B2:A7:C9:7C:87:3D:6A:BB:66:E1:5A:EE:3A
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/pYqvGukkDLKnyXyHPWq7ZuFa7jo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:b4c5::/32
Signature Algorithm: sha256WithRSAEncryption
63:32:59:9d:20:62:f3:d4:81:8e:60:f3:f1:3d:48:34:c4:8b:
3e:11:d7:9a:4c:7a:98:8c:0c:ca:8e:c7:36:56:7f:22:56:71:
94:bd:49:b7:92:2d:78:a1:46:76:57:32:1c:97:a8:41:43:89:
f5:aa:04:92:ee:ca:40:fe:d0:9f:8a:b1:7a:02:04:22:ec:92:
60:26:d4:dd:6d:a6:01:da:fd:87:e9:8a:2e:93:27:73:e3:51:
c2:b6:86:8a:2e:47:cc:05:d8:15:9a:2f:d8:6d:bf:51:de:e5:
71:80:2a:ab:af:ad:cb:a7:d4:ba:54:7b:d0:da:88:c9:dd:a2:
2b:ba:38:85:e8:38:eb:a8:8d:1c:e0:e8:5f:87:fa:7a:cd:a0:
c9:ba:81:31:41:4b:93:0e:e2:81:a7:76:a3:40:6a:7c:84:3f:
3e:44:db:db:d9:9f:8b:c7:9a:46:48:41:ee:2d:e9:83:2a:5d:
73:93:e8:a7:b6:1a:d8:52:ae:3b:67:1a:67:b9:28:7b:92:1e:
55:d3:e6:8f:d0:37:eb:d6:67:24:57:8a:db:61:45:d4:ef:18:
21:d4:cf:54:55:4b:08:0e:eb:be:20:bc:7e:94:75:37:f6:81:
a2:71:32:2c:3e:9c:60:41:7c:38:a5:35:34:ec:c7:e3:84:7f:
f3:b3:85:cb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZaKhxdf0N2WMKeheVwmt5DmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNTAxMDYyNzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNThhYWYxYWU5MjQwY2IyYTdjOTdjODczZDZhYmI2NmUxNWFlZTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuU/KWCJ4EXKXm7jhMDCfoAz6xXk
K9M5OwBJJ93znvo9OusPri0YyDv4Hgo+98clgFkWkjVt3W/zPFXgMwEb3q8KC5tW
tbRBmy4f2PBgDxEs9VmJCGmY2r5iuIsjeZ8mPg9kfrh8mS1cTbasov8s+4v1PcbH
v5xgiv3yifHdDWgQPypGC9gIb27BnUo/FUvb+OxMTFsEjBU8jAfRA2YyMaFwswYs
B2ycAnDUVyQ+d3UbMxqlueItYqxaySHaY1kauiUuW4zXZ1yGNkVVDqKPU5DZQp9D
4whT9T+R+ACBD7U6YJqI87cjaqvUQHdMeVAD4VxgUAS0mbP5t0sOwVgU4wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKWKrxrpJAyyp8l8hz1qu2bhWu46MB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvcFlxdkd1a2tETEtueVh5SFBXcTdadUZhN2pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhO0xTAN
BgkqhkiG9w0BAQsFAAOCAQEAYzJZnSBi89SBjmDz8T1INMSLPhHXmkx6mIwMyo7H
NlZ/IlZxlL1Jt5IteKFGdlcyHJeoQUOJ9aoEku7KQP7Qn4qxegIEIuySYCbU3W2m
Adr9h+mKLpMnc+NRwraGii5HzAXYFZov2G2/Ud7lcYAqq6+ty6fUulR70NqIyd2i
K7o4heg466iNHODoX4f6es2gybqBMUFLkw7igad2o0BqfIQ/PkTb29mfi8eaRkhB
7i3pgypdc5Pop7Ya2FKuO2caZ7koe5IeVdPmj9A369ZnJFeK22FF1O8YIdTPVFVL
CA7rviC8fpR1N/aBonEyLD6cYEF8OKU1NOzH44R/87OFyw==
-----END CERTIFICATE-----
Generated at Sat May 10 20:45:25 2025 by rpki-client