Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/yzp7UX5xwoI8HCTxLWNhFIf0sQY.roa
File: yzp7UX5xwoI8HCTxLWNhFIf0sQY.roa (raw, json)
Hash identifier: 98G5U4f4ptjfno0ayDAg5O4t4h9BMRLXSKsTHW8xThQ=
Subject key identifier: CB:3A:7B:51:7E:71:C2:82:3C:1C:24:F1:2D:63:61:14:87:F4:B1:06
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01968A8718646AA148CBBD9A3D6BAAE7ADA7
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/yzp7UX5xwoI8HCTxLWNhFIf0sQY.roa
Signing time: Thu 01 May 2025 06:27:11 +0000
ROA not before: Thu 01 May 2025 06:27:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 264749
IP address blocks: 2a10:3f80::/29 maxlen: 29
2a13:b4c3::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 08 May 2025 20:23:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8a:87:18:64:6a:a1:48:cb:bd:9a:3d:6b:aa:e7:ad:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: May 1 06:27:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb3a7b517e71c2823c1c24f12d63611487f4b106
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:3f:4f:6d:47:d9:7a:27:2a:52:ac:f4:c2:37:
23:cf:d9:b8:a8:4b:c8:57:88:e2:1e:6d:46:e5:23:
ba:e5:e2:6f:91:53:86:c7:e8:ac:e0:da:55:c0:b8:
b0:fc:e3:6f:34:f1:6d:eb:91:ea:5a:d9:a8:1f:f8:
83:25:23:44:a5:b0:79:3a:04:23:cf:a6:9d:7f:c6:
cf:9a:03:53:b4:fe:01:57:dd:36:0e:95:06:2b:e2:
5f:ac:44:32:35:1e:61:b6:6c:4a:3b:49:ff:af:fc:
2d:f9:51:4a:c2:12:4a:59:7d:80:b1:37:80:b1:ed:
9e:1f:b1:a4:dd:6e:11:15:ef:84:31:8e:9e:5b:b8:
44:74:71:73:d9:00:7d:64:92:f4:25:97:cf:c6:17:
80:db:c4:33:49:d7:47:f1:fb:fc:89:ba:a0:d4:2f:
a6:23:be:a9:47:3e:bd:33:38:57:29:86:fd:50:2f:
7a:5f:35:8e:7d:08:ee:47:73:c4:68:4b:f8:e3:57:
4e:28:81:f9:b5:4b:52:f8:d2:1e:12:14:8f:a0:23:
23:6b:8b:2e:69:69:84:4c:87:68:99:5c:b5:99:d2:
d1:06:8c:f1:c4:cf:3e:a8:b1:b5:20:2a:c9:2f:82:
32:59:5b:ce:38:91:52:1d:8d:04:5d:fe:1b:a1:d9:
ee:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:3A:7B:51:7E:71:C2:82:3C:1C:24:F1:2D:63:61:14:87:F4:B1:06
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/yzp7UX5xwoI8HCTxLWNhFIf0sQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:3f80::/29
2a13:b4c3::/32
Signature Algorithm: sha256WithRSAEncryption
31:d3:17:e7:d8:54:2c:89:5f:12:55:a8:80:52:a1:c2:57:c7:
b8:e3:9d:a5:f1:ed:01:91:25:93:ef:02:90:e0:2d:df:af:31:
82:4a:22:50:fa:42:1a:78:ff:db:dd:a9:10:85:a7:8f:75:b5:
5b:b4:cc:00:69:4d:8d:73:2f:2f:10:98:b7:98:df:2d:ca:5d:
04:13:a6:8d:0f:05:74:b2:1d:70:3f:c5:18:58:0a:04:e7:45:
5a:39:52:37:3e:c0:73:fb:b8:e2:f5:be:70:9f:93:a8:a4:74:
99:0b:ed:68:06:d6:d0:c5:9f:12:f6:34:e7:df:1e:dd:00:96:
02:31:ba:43:99:a8:7d:5f:cd:b3:d6:4d:c5:7b:0e:a9:91:21:
4e:34:6a:e0:96:52:ab:45:ba:4d:5d:b8:92:ef:46:7b:4c:ca:
a9:45:3f:bf:9e:58:96:75:d1:9e:c6:7b:f5:13:7d:dc:00:2b:
67:e9:3d:24:b9:ee:aa:6a:14:3b:18:f1:07:97:54:27:40:35:
ac:85:97:41:60:ba:cb:10:f7:e0:fc:f7:91:b6:08:94:08:2e:
93:0c:c5:ba:de:d2:4e:50:d1:a5:bd:f1:30:f7:4a:41:89:ca:
23:b3:56:7a:44:88:a5:54:72:26:c8:ef:86:32:9b:df:ee:79:
05:98:82:55
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZaKhxhkaqFIy72aPWuq562nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNTAxMDYyNzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjNhN2I1MTdlNzFjMjgyM2MxYzI0ZjEyZDYzNjExNDg3ZjRiMTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqT9PbUfZeicqUqz0wjcjz9m4qEvI
V4jiHm1G5SO65eJvkVOGx+is4NpVwLiw/ONvNPFt65HqWtmoH/iDJSNEpbB5OgQj
z6adf8bPmgNTtP4BV902DpUGK+JfrEQyNR5htmxKO0n/r/wt+VFKwhJKWX2AsTeA
se2eH7Gk3W4RFe+EMY6eW7hEdHFz2QB9ZJL0JZfPxheA28QzSddH8fv8ibqg1C+m
I76pRz69MzhXKYb9UC96XzWOfQjuR3PEaEv441dOKIH5tUtS+NIeEhSPoCMja4su
aWmETIdomVy1mdLRBozxxM8+qLG1ICrJL4IyWVvOOJFSHY0EXf4bodnu9QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMs6e1F+ccKCPBwk8S1jYRSH9LEGMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEveXpwN1VYNXh3b0k4SENUeExXTmhGSWYwc1FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhA/gAMF
ACoTtMMwDQYJKoZIhvcNAQELBQADggEBADHTF+fYVCyJXxJVqIBSocJXx7jjnaXx
7QGRJZPvApDgLd+vMYJKIlD6Qhp4/9vdqRCFp491tVu0zABpTY1zLy8QmLeY3y3K
XQQTpo0PBXSyHXA/xRhYCgTnRVo5Ujc+wHP7uOL1vnCfk6ikdJkL7WgG1tDFnxL2
NOffHt0AlgIxukOZqH1fzbPWTcV7DqmRIU40auCWUqtFuk1duJLvRntMyqlFP7+e
WJZ10Z7Ge/UTfdwAK2fpPSS57qpqFDsY8QeXVCdANayFl0FgussQ9+D895G2CJQI
LpMMxbre0k5Q0aW98TD3SkGJyiOzVnpEiKVUcibI74Yym9/ueQWYglU=
-----END CERTIFICATE-----
Generated at Tue May 13 00:34:43 2025 by rpki-client