Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/tnGYI-VGGOsaJAweU5YOfYQJsT4.roa
File: tnGYI-VGGOsaJAweU5YOfYQJsT4.roa (raw, json)
Hash identifier: SVk6QMBnCzwlNOoarFYKuQbW2z188YbfJqxVgcJTGbo=
Subject key identifier: B6:71:98:23:E5:46:18:EB:1A:24:0C:1E:53:96:0E:7D:84:09:B1:3E
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 019681687C111F4540A3F275C76311363B6C
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/tnGYI-VGGOsaJAweU5YOfYQJsT4.roa
Signing time: Tue 29 Apr 2025 11:57:10 +0000
ROA not before: Tue 29 Apr 2025 11:57:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39690
IP address blocks: 2a13:b4c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 08 May 2025 20:32:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:81:68:7c:11:1f:45:40:a3:f2:75:c7:63:11:36:3b:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Apr 29 11:57:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b6719823e54618eb1a240c1e53960e7d8409b13e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e2:19:ce:05:87:f6:62:55:da:cb:b3:53:0e:
f0:33:55:fe:97:99:00:67:12:32:37:48:82:a2:cf:
4d:81:8f:6d:d8:b4:85:98:98:9f:97:60:99:1c:ae:
0e:25:ca:0c:ad:f2:b8:52:7e:40:1b:a9:cb:73:74:
92:85:b8:4c:91:04:7c:ec:0b:b4:9f:07:98:2f:5b:
c6:54:62:8e:89:b8:c3:cc:de:aa:6c:f2:4d:cd:01:
d6:33:e6:e5:6d:56:2a:b2:a1:b9:b7:93:98:12:75:
a7:fe:6d:4f:97:01:65:d6:8b:cd:f7:1b:34:d7:92:
3d:8b:aa:46:2f:88:87:75:f6:bd:7e:07:fc:a2:5d:
bd:32:20:e3:91:a9:18:fe:d0:8b:cf:77:5d:17:b9:
83:75:bb:4f:ef:b1:ed:98:dd:c3:e0:01:cf:8e:6c:
6d:bb:75:fc:25:2c:25:05:d0:54:82:ad:fe:ed:3f:
0d:20:71:fc:7b:67:b7:38:55:66:f7:29:0f:ed:59:
1b:ff:ef:19:bb:00:72:26:f8:53:b7:c4:01:45:11:
56:06:75:67:10:63:76:eb:75:a9:82:55:2c:cc:b2:
56:b6:04:47:90:1f:6a:3e:ad:23:a2:e5:26:d7:9e:
06:e5:32:bc:af:18:0b:43:99:98:27:3f:cf:9e:f4:
ea:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:71:98:23:E5:46:18:EB:1A:24:0C:1E:53:96:0E:7D:84:09:B1:3E
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/tnGYI-VGGOsaJAweU5YOfYQJsT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:b4c0::/32
Signature Algorithm: sha256WithRSAEncryption
24:2f:12:17:36:03:70:8e:43:8e:5f:89:61:5f:51:04:dc:b3:
29:af:f9:46:b5:38:7d:14:f0:8e:cc:4e:7e:da:f5:73:27:e4:
a5:fe:48:e6:42:7f:27:a3:64:84:4a:8b:44:be:25:c5:a5:86:
4e:0b:ea:34:8e:45:d8:3f:55:6a:93:3a:4f:84:15:af:6b:a3:
81:a8:8e:57:67:57:42:44:23:c1:c8:c5:38:28:6c:a6:35:94:
ee:e0:90:81:5a:94:41:f3:3c:65:d6:4f:38:4c:27:57:a7:24:
ca:c2:5e:f5:c4:8a:a8:e8:2a:fe:ed:87:d0:cc:c8:c7:73:da:
80:5e:4b:96:5c:87:77:64:59:a7:e0:59:7a:1c:13:c1:1c:43:
a9:99:28:ab:94:d1:82:f1:40:2a:94:fe:5e:90:ed:63:b3:a0:
d7:d8:d1:79:7c:6c:0c:c4:6b:3c:15:83:94:1a:65:2c:f4:9b:
e0:07:74:80:bc:1e:d8:87:18:37:13:70:f9:cc:e6:ff:81:82:
35:c3:09:85:82:af:f9:38:e1:03:fb:1c:aa:74:f9:c7:50:fd:
98:f7:02:b4:27:f5:c0:dd:88:1d:f3:fb:f2:91:f2:d8:e1:d9:
07:ad:bb:2d:e0:00:5e:cf:09:84:ab:08:51:dc:38:c7:e3:25:
7e:dd:69:d3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZaBaHwRH0VAo/J1x2MRNjtsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNDI5MTE1NzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjcxOTgyM2U1NDYxOGViMWEyNDBjMWU1Mzk2MGU3ZDg0MDliMTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0OIZzgWH9mJV2suzUw7wM1X+l5kA
ZxIyN0iCos9NgY9t2LSFmJifl2CZHK4OJcoMrfK4Un5AG6nLc3SShbhMkQR87Au0
nweYL1vGVGKOibjDzN6qbPJNzQHWM+blbVYqsqG5t5OYEnWn/m1PlwFl1ovN9xs0
15I9i6pGL4iHdfa9fgf8ol29MiDjkakY/tCLz3ddF7mDdbtP77HtmN3D4AHPjmxt
u3X8JSwlBdBUgq3+7T8NIHH8e2e3OFVm9ykP7Vkb/+8ZuwByJvhTt8QBRRFWBnVn
EGN263WpglUszLJWtgRHkB9qPq0jouUm154G5TK8rxgLQ5mYJz/PnvTqvwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLZxmCPlRhjrGiQMHlOWDn2ECbE+MB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvdG5HWUktVkdHT3NhSkF3ZVU1WU9mWVFKc1Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhO0wDAN
BgkqhkiG9w0BAQsFAAOCAQEAJC8SFzYDcI5Djl+JYV9RBNyzKa/5RrU4fRTwjsxO
ftr1cyfkpf5I5kJ/J6NkhEqLRL4lxaWGTgvqNI5F2D9VapM6T4QVr2ujgaiOV2dX
QkQjwcjFOChspjWU7uCQgVqUQfM8ZdZPOEwnV6ckysJe9cSKqOgq/u2H0MzIx3Pa
gF5LllyHd2RZp+BZehwTwRxDqZkoq5TRgvFAKpT+XpDtY7Og19jReXxsDMRrPBWD
lBplLPSb4Ad0gLwe2IcYNxNw+czm/4GCNcMJhYKv+TjhA/scqnT5x1D9mPcCtCf1
wN2IHfP78pHy2OHZB627LeAAXs8JhKsIUdw4x+Mlft1p0w==
-----END CERTIFICATE-----
Generated at Mon May 12 20:28:36 2025 by rpki-client