Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/900cef-6481-4ff8-8e04-3cb8d817e027/1/Ry5fy-ColK3ZZLrQ7bOyBDPNmio.roa
File: Ry5fy-ColK3ZZLrQ7bOyBDPNmio.roa (raw, json)
Hash identifier: jG7KgS+XWyRPQ9zB8stVM2JPaxlg/mOXynpx6QV1TsI=
Subject key identifier: 47:2E:5F:CB:E0:A8:94:AD:D9:64:BA:D0:ED:B3:B2:04:33:CD:9A:2A
Certificate issuer: /CN=80ffd9df456adbe3b1e661ee15626865fe1688c8
Certificate serial: 019638784E6C87D47F39E2BE65A50E00E3C9
Authority key identifier: 80:FF:D9:DF:45:6A:DB:E3:B1:E6:61:EE:15:62:68:65:FE:16:88:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gP_Z30Vq2-Ox5mHuFWJoZf4WiMg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/900cef-6481-4ff8-8e04-3cb8d817e027/1/Ry5fy-ColK3ZZLrQ7bOyBDPNmio.roa
Signing time: Tue 15 Apr 2025 08:02:10 +0000
ROA not before: Tue 15 Apr 2025 08:02:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61992
IP address blocks: 2a14:e900::/29 maxlen: 29
2a14:e900:1000::/48 maxlen: 48
2a14:e900:2000::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 15 Apr 2025 08:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:38:78:4e:6c:87:d4:7f:39:e2:be:65:a5:0e:00:e3:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80ffd9df456adbe3b1e661ee15626865fe1688c8
Validity
Not Before: Apr 15 08:02:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=472e5fcbe0a894add964bad0edb3b20433cd9a2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:57:01:37:27:dc:60:df:96:db:fa:9d:f3:b6:
9b:96:ff:c8:99:b7:a2:5f:d0:54:13:93:1d:de:c0:
80:f1:44:ca:f4:85:ae:62:4c:f3:e9:71:91:03:d3:
9e:dd:0b:82:57:6e:2d:08:f7:6b:04:02:a7:1b:df:
21:5d:23:75:89:a0:7f:84:95:d0:62:7a:59:50:49:
44:fb:79:50:6a:48:36:93:a6:53:26:11:de:b8:5e:
20:0d:4c:2e:26:15:89:78:31:d1:17:b8:8c:f2:cc:
a7:6e:9b:5e:d0:af:6a:f2:da:19:48:c2:23:9b:9e:
d8:44:76:19:eb:b0:d2:e5:00:ee:eb:5b:a5:a3:5f:
df:ea:00:50:b2:44:1d:69:b4:69:0d:11:2f:a4:a2:
25:b6:47:73:d9:87:a2:2c:c7:f0:cd:f2:0b:48:93:
d8:cc:34:b7:f8:d4:e7:d0:8d:b5:83:de:1d:d5:2e:
49:00:a8:b2:a1:3c:bb:5f:08:03:19:3b:f1:96:4f:
f0:46:38:b7:63:37:54:ba:a5:e7:2b:7a:a0:aa:81:
d3:6f:72:36:1d:fd:ea:bb:16:97:58:a8:18:90:d9:
cc:24:e0:61:e1:0c:25:09:c2:48:75:8c:d4:6e:52:
80:9b:46:fc:f9:0e:72:15:a2:26:1b:36:38:85:d8:
36:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:2E:5F:CB:E0:A8:94:AD:D9:64:BA:D0:ED:B3:B2:04:33:CD:9A:2A
X509v3 Authority Key Identifier:
keyid:80:FF:D9:DF:45:6A:DB:E3:B1:E6:61:EE:15:62:68:65:FE:16:88:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gP_Z30Vq2-Ox5mHuFWJoZf4WiMg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/900cef-6481-4ff8-8e04-3cb8d817e027/1/Ry5fy-ColK3ZZLrQ7bOyBDPNmio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/900cef-6481-4ff8-8e04-3cb8d817e027/1/gP_Z30Vq2-Ox5mHuFWJoZf4WiMg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:e900::/29
Signature Algorithm: sha256WithRSAEncryption
7d:c7:e7:05:5e:9e:b4:2d:da:5e:d0:53:2d:0e:e3:d6:85:b8:
df:a6:98:ae:59:70:d2:a4:87:93:77:2e:2b:76:a6:a5:2e:61:
3a:43:4e:a9:d4:5a:09:ce:0f:81:16:07:78:8f:85:9d:52:b2:
87:e4:30:4d:1b:bc:44:1e:16:68:43:7c:02:73:de:35:58:f3:
5a:be:4e:92:00:b3:60:39:92:a8:10:58:72:96:b9:57:f7:d5:
12:8c:0e:d8:05:3a:00:e9:7a:ee:6d:40:40:1c:40:1d:41:5f:
03:0d:03:aa:6c:1f:b5:91:5c:99:38:a5:c1:27:c6:59:c3:46:
bb:c1:92:c6:8b:58:cb:60:08:39:ef:59:73:87:b7:d8:0b:e1:
76:f8:7a:69:7b:57:01:c2:bb:85:15:67:10:50:be:2d:28:21:
d5:2e:43:9e:fe:ad:ec:ba:f1:a4:fb:ea:18:ed:30:86:64:9c:
ba:82:2e:e8:c5:02:35:c5:d2:dc:68:bc:d7:aa:90:c4:9b:91:
a4:b7:50:a0:16:4a:f8:5a:83:84:33:f6:cf:ab:b2:a2:d4:e7:
12:84:4e:50:3b:b3:8b:1d:50:d9:44:cd:0a:11:af:59:f9:c6:
f2:1d:fe:d1:4c:f2:d3:70:c6:f5:42:a6:78:d2:8d:93:8e:dd:
cd:9a:1b:5b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZY4eE5sh9R/OeK+ZaUOAOPJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZmZkOWRmNDU2YWRiZTNiMWU2NjFlZTE1NjI2ODY1ZmUx
Njg4YzgwHhcNMjUwNDE1MDgwMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzJlNWZjYmUwYTg5NGFkZDk2NGJhZDBlZGIzYjIwNDMzY2Q5YTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFcBNyfcYN+W2/qd87ablv/Imbei
X9BUE5Md3sCA8UTK9IWuYkzz6XGRA9Oe3QuCV24tCPdrBAKnG98hXSN1iaB/hJXQ
YnpZUElE+3lQakg2k6ZTJhHeuF4gDUwuJhWJeDHRF7iM8synbpte0K9q8toZSMIj
m57YRHYZ67DS5QDu61ulo1/f6gBQskQdabRpDREvpKIltkdz2YeiLMfwzfILSJPY
zDS3+NTn0I21g94d1S5JAKiyoTy7XwgDGTvxlk/wRji3YzdUuqXnK3qgqoHTb3I2
Hf3quxaXWKgYkNnMJOBh4QwlCcJIdYzUblKAm0b8+Q5yFaImGzY4hdg2HwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEcuX8vgqJSt2WS60O2zsgQzzZoqMB8GA1UdIwQY
MBaAFID/2d9FatvjseZh7hViaGX+FojIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1BfWjMwVnEyLU94NW1IdUZXSm9aZjRXaU1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi85MDBjZWYtNjQ4MS00ZmY4LThlMDQt
M2NiOGQ4MTdlMDI3LzEvUnk1ZnktQ29sSzNaWkxyUTdiT3lCRFBObWlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi85MDBjZWYtNjQ4MS00ZmY4LThlMDQtM2NiOGQ4MTdlMDI3
LzEvZ1BfWjMwVnEyLU94NW1IdUZXSm9aZjRXaU1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhTpADAN
BgkqhkiG9w0BAQsFAAOCAQEAfcfnBV6etC3aXtBTLQ7j1oW436aYrllw0qSHk3cu
K3ampS5hOkNOqdRaCc4PgRYHeI+FnVKyh+QwTRu8RB4WaEN8AnPeNVjzWr5OkgCz
YDmSqBBYcpa5V/fVEowO2AU6AOl67m1AQBxAHUFfAw0DqmwftZFcmTilwSfGWcNG
u8GSxotYy2AIOe9Zc4e32Avhdvh6aXtXAcK7hRVnEFC+LSgh1S5Dnv6t7LrxpPvq
GO0whmScuoIu6MUCNcXS3Gi816qQxJuRpLdQoBZK+FqDhDP2z6uyotTnEoROUDuz
ix1Q2UTNChGvWfnG8h3+0Uzy03DG9UKmeNKNk47dzZobWw==
-----END CERTIFICATE-----
Generated at Tue May 13 20:38:10 2025 by rpki-client