Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/AUMXcf8bFjbjEi7a_J7xzBdo68I.roa
File: AUMXcf8bFjbjEi7a_J7xzBdo68I.roa (raw, json)
Hash identifier: Gm7e43dbS+dI11t6YWkLzxjandfa05xXFGtWhsc5sHA=
Subject key identifier: 01:43:17:71:FF:1B:16:36:E3:12:2E:DA:FC:9E:F1:CC:17:68:EB:C2
Certificate issuer: /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial: 018F310C6C2CF028BBA9CCAC744FE87072A6
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/AUMXcf8bFjbjEi7a_J7xzBdo68I.roa
Signing time: Tue 30 Apr 2024 22:07:28 +0000
ROA not before: Tue 30 Apr 2024 22:07:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215330
IP address blocks: 2a05:4140:49::/48 maxlen: 48
2a05:4140:2500::/40 maxlen: 48
2a05:4140:2600::/40 maxlen: 48
2a05:4140:2700::/40 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:31:0c:6c:2c:f0:28:bb:a9:cc:ac:74:4f:e8:70:72:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Validity
Not Before: Apr 30 22:07:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01431771ff1b1636e3122edafc9ef1cc1768ebc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:e6:3e:ca:02:c0:e3:21:db:2c:b8:ca:41:0c:
33:ff:96:99:ec:6d:e9:07:13:67:30:bf:3f:0c:ec:
0c:38:cb:ee:3c:b0:ae:0a:1a:a2:3a:cf:ce:ad:df:
8c:a1:1a:21:6b:05:9c:82:12:bc:b6:12:48:59:ed:
6b:db:2d:3a:77:88:fa:11:49:cc:91:c5:62:ea:96:
46:06:08:d2:4c:40:95:1e:23:67:54:99:34:c7:c1:
70:e4:ee:bd:d6:25:15:82:96:e7:8f:d0:ea:66:be:
de:cb:4e:b5:f4:4d:8e:84:d5:c1:c0:25:52:80:61:
02:ca:f8:62:27:60:b0:6c:65:b3:17:b6:13:17:66:
61:52:3f:e7:52:db:9c:35:ee:41:30:eb:2b:8f:c3:
82:32:cb:51:99:eb:d3:92:8b:3c:0e:bd:1d:ca:24:
6d:d3:3c:3b:9e:c6:ba:68:3d:4f:d8:42:b2:1c:e5:
0e:0a:6f:32:7f:34:7b:d4:49:a4:d4:72:fa:2b:91:
6f:e1:f6:f0:64:a6:18:83:6f:9f:20:ae:c5:2b:88:
c6:26:a5:bc:7e:af:a1:b8:fd:5b:e2:b6:bc:85:c1:
d3:7b:ad:9c:11:88:17:59:a8:6e:66:ad:7f:b2:36:
10:4c:f1:29:74:bc:1b:bd:5f:b2:13:5c:a0:eb:1f:
8b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:43:17:71:FF:1B:16:36:E3:12:2E:DA:FC:9E:F1:CC:17:68:EB:C2
X509v3 Authority Key Identifier:
keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/AUMXcf8bFjbjEi7a_J7xzBdo68I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:4140:49::/48
2a05:4140:2500::-2a05:4140:27ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
8e:12:ee:63:6e:28:40:b0:f5:12:85:46:73:ce:1c:5c:87:e1:
d7:ba:a1:77:f5:23:ca:5a:e0:18:00:2b:ec:47:bd:85:96:09:
9f:9f:8b:c1:77:b7:99:54:c0:db:b7:41:9e:d0:c3:7a:ff:33:
fe:8f:c2:cd:c9:ae:ae:f2:eb:a9:55:22:6d:55:0f:ec:1c:bf:
f8:8e:4b:28:41:be:13:da:25:31:f5:ca:0f:a6:98:6f:7f:a9:
61:08:f1:2c:eb:b2:2a:7f:d2:eb:fd:68:2b:c4:81:96:27:c4:
08:d2:42:0d:f9:a3:dd:4b:2f:9e:04:1b:ea:3e:c5:0e:09:b8:
fc:ba:a3:d4:1f:64:9a:5d:70:f5:ef:ee:ec:5e:89:b5:6b:27:
65:54:fa:c6:42:27:4d:12:b0:5b:84:85:b8:1c:c8:4d:dc:1c:
7d:13:8f:3b:7f:71:13:bb:56:ea:6f:c5:bc:9b:35:81:43:6d:
f7:2a:4a:54:07:23:86:e2:8d:44:34:44:79:8f:fe:69:d6:88:
a5:30:d8:41:11:ea:88:8d:f2:97:cd:78:71:ab:ab:fc:7e:44:
5b:ba:25:7e:f3:e0:3e:64:14:61:98:ee:13:cf:4b:9e:93:27:
48:60:33:83:eb:db:32:44:b2:64:bf:f1:7c:43:90:ee:ab:81:
51:e6:13:bd
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY8xDGws8Ci7qcysdE/ocHKmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjQwNDMwMjIwNzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTQzMTc3MWZmMWIxNjM2ZTMxMjJlZGFmYzllZjFjYzE3NjhlYmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+Y+ygLA4yHbLLjKQQwz/5aZ7G3p
BxNnML8/DOwMOMvuPLCuChqiOs/Ord+MoRohawWcghK8thJIWe1r2y06d4j6EUnM
kcVi6pZGBgjSTECVHiNnVJk0x8Fw5O691iUVgpbnj9DqZr7ey0619E2OhNXBwCVS
gGECyvhiJ2CwbGWzF7YTF2ZhUj/nUtucNe5BMOsrj8OCMstRmevTkos8Dr0dyiRt
0zw7nsa6aD1P2EKyHOUOCm8yfzR71Emk1HL6K5Fv4fbwZKYYg2+fIK7FK4jGJqW8
fq+huP1b4ra8hcHTe62cEYgXWahuZq1/sjYQTPEpdLwbvV+yE1yg6x+LDwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAFDF3H/GxY24xIu2vye8cwXaOvCMB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvQVVNWGNmOGJGamJqRWk3YV9KN3h6QmRvNjhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgVBQABJ
MBADBgAqBUFAJQMGAyoFQUAgMA0GCSqGSIb3DQEBCwUAA4IBAQCOEu5jbihAsPUS
hUZzzhxch+HXuqF39SPKWuAYACvsR72Flgmfn4vBd7eZVMDbt0Ge0MN6/zP+j8LN
ya6u8uupVSJtVQ/sHL/4jksoQb4T2iUx9coPpphvf6lhCPEs67Iqf9Lr/WgrxIGW
J8QI0kIN+aPdSy+eBBvqPsUOCbj8uqPUH2SaXXD17+7sXom1aydlVPrGQidNErBb
hIW4HMhN3Bx9E487f3ETu1bqb8W8mzWBQ233KkpUByOG4o1ENER5j/5p1oilMNhB
EeqIjfKXzXhxq6v8fkRbuiV+8+A+ZBRhmO4Tz0uekydIYDOD69syRLJkv/F8Q5Du
q4FR5hO9
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:12:42 2025 by rpki-client