Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/wrm60HmJ3g8OHDCspgX1F1W15M8.roa
File: wrm60HmJ3g8OHDCspgX1F1W15M8.roa (raw, json)
Hash identifier: LLr/OCZ9eF2Od3Y5SBb5E6utUlvMHbz6oUQBlxQwzsY=
Subject key identifier: C2:B9:BA:D0:79:89:DE:0F:0E:1C:30:AC:A6:05:F5:17:55:B5:E4:CF
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0196B193B896FC77402EFF7811FC5F26A864
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/wrm60HmJ3g8OHDCspgX1F1W15M8.roa
Signing time: Thu 08 May 2025 20:26:10 +0000
ROA not before: Thu 08 May 2025 20:26:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204335
IP address blocks: 2a10:3f82::/32 maxlen: 32
2a13:c245::/33 maxlen: 33
Validation: Failed, certificate revoked on Wed 14 May 2025 09:04:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b1:93:b8:96:fc:77:40:2e:ff:78:11:fc:5f:26:a8:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: May 8 20:26:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c2b9bad07989de0f0e1c30aca605f51755b5e4cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d4:30:80:05:e7:15:fb:0d:a3:f7:f6:4c:90:
b2:04:ce:e9:fa:e2:44:e4:36:ee:10:5c:45:d9:07:
66:b9:72:60:4c:da:17:97:95:2e:97:8f:16:6c:8c:
0b:21:c9:3d:c0:11:dd:07:a4:1c:d3:45:cc:e6:5d:
0e:a8:a2:96:04:d7:82:6a:4b:07:f9:01:68:fe:5b:
43:53:b7:ea:98:e1:ec:93:90:a2:2a:38:26:02:fa:
75:f8:3a:ac:c5:4b:1c:41:36:62:73:2b:03:5a:96:
f9:0a:17:14:ce:9c:f3:55:26:d9:ba:27:9a:1f:ae:
4e:c0:d7:6b:8f:27:ef:df:61:d3:cf:97:bd:c3:f9:
a3:b7:5d:e0:2d:db:a8:fb:c6:92:c0:66:57:03:80:
d1:37:af:86:bd:dc:d5:65:17:82:97:4f:7d:9a:4b:
bf:24:a8:a1:9d:58:17:78:db:0b:2c:e8:ac:00:23:
33:31:ef:5a:ed:79:bd:62:20:b5:e8:48:60:a1:6b:
de:af:fb:2e:8e:49:f1:c6:70:7e:e6:29:27:c0:d3:
60:6a:d9:5d:71:a8:97:65:98:f0:50:47:19:b5:68:
ab:eb:0d:9b:a7:e0:d0:07:28:b7:e6:7d:f4:4c:d0:
a5:67:46:c6:89:17:a9:e1:f4:0a:01:ad:52:b0:d6:
5a:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:B9:BA:D0:79:89:DE:0F:0E:1C:30:AC:A6:05:F5:17:55:B5:E4:CF
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/wrm60HmJ3g8OHDCspgX1F1W15M8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:3f82::/32
2a13:c245::/33
Signature Algorithm: sha256WithRSAEncryption
a0:d8:99:83:af:ae:8e:cc:e5:ef:ba:35:dd:f0:8f:dd:96:57:
24:5f:e2:ed:b2:8f:3c:99:68:f7:d3:59:03:8a:16:b8:bd:ba:
e8:a8:6a:9f:c4:20:df:32:82:23:56:60:2e:fb:3e:11:0c:28:
e8:44:4c:08:d6:aa:4c:16:45:c5:78:71:53:a5:cb:1b:d0:ad:
95:fb:b0:42:ae:e2:f3:f0:55:b7:ee:03:73:9f:2f:fc:6e:90:
4a:dd:77:11:b9:df:65:5a:21:dc:38:4c:ac:b7:1a:93:a0:e9:
1c:1b:5c:51:66:70:94:75:40:cc:ce:d3:c9:9c:cd:4b:b1:52:
39:97:0b:b0:6f:56:f3:10:d7:ee:f3:83:f4:a9:3b:f5:cc:ae:
47:02:0b:f2:f0:b0:1b:23:3e:fc:e4:af:c8:6a:43:13:dd:dd:
8a:76:46:0a:72:65:8a:e5:ac:ed:47:3c:e7:ea:79:28:5e:a0:
bc:d7:9a:f3:b1:c7:25:bb:08:d1:2c:94:1f:e3:a9:d5:c9:05:
aa:c5:1b:18:c2:08:21:0a:29:e3:0f:95:5f:b7:12:6b:f6:bb:
79:e8:e1:ab:f4:f3:4a:c8:90:03:02:9d:d5:1d:86:d0:26:44:
e6:64:19:01:1b:42:5f:27:fb:6d:87:5a:1b:6e:49:fb:34:36:
e6:24:27:c9
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAZaxk7iW/HdALv94EfxfJqhkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNTA4MjAyNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmI5YmFkMDc5ODlkZTBmMGUxYzMwYWNhNjA1ZjUxNzU1YjVlNGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdQwgAXnFfsNo/f2TJCyBM7p+uJE
5DbuEFxF2QdmuXJgTNoXl5Uul48WbIwLIck9wBHdB6Qc00XM5l0OqKKWBNeCaksH
+QFo/ltDU7fqmOHsk5CiKjgmAvp1+DqsxUscQTZicysDWpb5ChcUzpzzVSbZuiea
H65OwNdrjyfv32HTz5e9w/mjt13gLduo+8aSwGZXA4DRN6+GvdzVZReCl099mku/
JKihnVgXeNsLLOisACMzMe9a7Xm9YiC16EhgoWver/sujknxxnB+5iknwNNgatld
caiXZZjwUEcZtWir6w2bp+DQByi35n30TNClZ0bGiRep4fQKAa1SsNZa8QIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFMK5utB5id4PDhwwrKYF9RdVteTPMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvd3JtNjBIbUozZzhPSERDc3BnWDFGMVcxNU04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCgGCCsGAQUFBwEHAQH/BBkwFzAVBAIAAjAPAwUAKhA/ggMG
ByoTwkUAMA0GCSqGSIb3DQEBCwUAA4IBAQCg2JmDr66OzOXvujXd8I/dllckX+Lt
so88mWj301kDiha4vbroqGqfxCDfMoIjVmAu+z4RDCjoREwI1qpMFkXFeHFTpcsb
0K2V+7BCruLz8FW37gNzny/8bpBK3XcRud9lWiHcOEystxqToOkcG1xRZnCUdUDM
ztPJnM1LsVI5lwuwb1bzENfu84P0qTv1zK5HAgvy8LAbIz785K/IakMT3d2KdkYK
cmWK5aztRzzn6nkoXqC815rzsccluwjRLJQf46nVyQWqxRsYwgghCinjD5VftxJr
9rt56OGr9PNKyJADAp3VHYbQJkTmZBkBG0JfJ/tth1obbkn7NDbmJCfJ
-----END CERTIFICATE-----
Generated at Fri May 16 09:28:07 2025 by rpki-client