Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/7CNCW46mKGrZ6o76tD5IWWkBGZw.roa
File: 7CNCW46mKGrZ6o76tD5IWWkBGZw.roa (raw, json)
Hash identifier: 8UYk6m/vjEjbIZtffTOKuj1YWcYYPpp/BVNFuFa0OT0=
Subject key identifier: EC:23:42:5B:8E:A6:28:6A:D9:EA:8E:FA:B4:3E:48:59:69:01:19:9C
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 018DAC50EDA457A40E9A8161C64D0204AC83
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/7CNCW46mKGrZ6o76tD5IWWkBGZw.roa
Signing time: Thu 15 Feb 2024 10:30:01 +0000
ROA not before: Thu 15 Feb 2024 10:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51395
IP address blocks: 2a0b:7140:4::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ac:50:ed:a4:57:a4:0e:9a:81:61:c6:4d:02:04:ac:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Feb 15 10:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ec23425b8ea6286ad9ea8efab43e48596901199c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:bb:db:ac:21:29:88:54:96:be:bd:25:45:7b:
7b:16:6b:c0:76:8d:7a:b0:f7:08:7a:bb:3b:8e:ff:
fc:af:a2:5d:0b:31:33:ba:e8:b0:68:a6:1e:75:ab:
33:67:07:fc:79:e3:94:61:34:73:68:4b:c9:71:7b:
7e:6d:f9:5f:5a:7a:1b:84:91:52:cb:c8:7d:36:f9:
60:0f:bb:a3:2a:a1:b8:3c:a9:78:2f:fb:3a:b0:ce:
78:87:47:3a:de:3c:ac:57:20:41:b2:36:94:49:e2:
b6:ff:ab:85:7b:f2:30:ae:9d:d9:0c:57:0e:e6:fd:
1c:f3:73:c5:19:0f:99:ff:e7:9c:83:b1:10:3e:9a:
ed:b7:71:3b:9b:d0:d3:9a:25:16:15:04:21:8c:09:
83:06:3d:46:5d:fd:a1:22:c2:51:fe:cf:ca:7a:9d:
c3:a2:da:0f:a7:12:98:9a:94:cf:8f:0e:01:eb:eb:
30:68:59:5f:c1:46:43:70:11:f7:29:d8:46:89:fd:
fd:9b:0e:45:2f:d0:4d:0a:ed:9d:8b:71:94:23:25:
f5:9b:76:b3:8f:7e:32:a0:8b:46:b1:d5:f8:c5:63:
1d:9c:c0:69:45:87:a9:98:df:ee:d9:db:03:98:25:
90:77:26:28:12:3f:f2:dc:48:27:92:88:44:8e:5b:
d5:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:23:42:5B:8E:A6:28:6A:D9:EA:8E:FA:B4:3E:48:59:69:01:19:9C
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/7CNCW46mKGrZ6o76tD5IWWkBGZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:7140:4::/48
Signature Algorithm: sha256WithRSAEncryption
58:e9:ba:cc:82:5e:66:44:58:64:5b:72:6b:36:75:2f:d8:51:
4b:88:3c:b9:de:1e:a0:c1:98:a4:23:c7:3d:e1:78:55:ce:5e:
e3:ca:b9:e6:59:be:b0:c9:b1:bc:44:c8:12:4d:f2:33:9d:51:
14:01:9b:c2:0c:ea:f4:0f:b8:9b:e2:20:07:76:52:1f:80:95:
20:63:cf:a0:80:20:1e:cc:f7:e6:f5:7e:ee:8e:97:39:f4:05:
db:d4:3e:f4:a1:e1:d7:cc:23:07:a0:b9:33:02:19:3c:fd:3e:
83:33:e1:e2:c6:15:0e:a5:11:78:a5:2d:6a:03:80:d4:4e:00:
95:3d:b0:59:87:71:4c:7e:29:68:2e:66:2c:fe:6f:d5:c8:7a:
f2:a1:2e:7c:06:3a:6b:63:15:f2:27:59:f3:83:00:fc:06:b5:
67:c8:4c:2e:80:66:79:66:d9:45:8c:44:9d:f3:7a:86:81:ff:
29:fd:ef:99:4d:60:76:d1:8e:d5:7d:a2:f1:53:9a:94:49:89:
1c:b0:ac:51:72:73:75:73:20:56:71:3b:e9:ac:3b:c9:66:99:
f9:3f:81:2a:f4:28:ff:35:af:34:fe:a3:67:b5:9b:03:fb:ff:
71:50:8e:78:d2:6a:a3:85:67:7b:5d:f4:74:78:87:03:05:c7:
44:84:31:64
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2sUO2kV6QOmoFhxk0CBKyDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy
MWZjZjIwHhcNMjQwMjE1MTAzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzIzNDI1YjhlYTYyODZhZDllYThlZmFiNDNlNDg1OTY5MDExOTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbvbrCEpiFSWvr0lRXt7FmvAdo16
sPcIers7jv/8r6JdCzEzuuiwaKYedaszZwf8eeOUYTRzaEvJcXt+bflfWnobhJFS
y8h9NvlgD7ujKqG4PKl4L/s6sM54h0c63jysVyBBsjaUSeK2/6uFe/Iwrp3ZDFcO
5v0c83PFGQ+Z/+ecg7EQPprtt3E7m9DTmiUWFQQhjAmDBj1GXf2hIsJR/s/Kep3D
otoPpxKYmpTPjw4B6+swaFlfwUZDcBH3KdhGif39mw5FL9BNCu2di3GUIyX1m3az
j34yoItGsdX4xWMdnMBpRYepmN/u2dsDmCWQdyYoEj/y3EgnkohEjlvVxwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOwjQluOpihq2eqO+rQ+SFlpARmcMB8GA1UdIwQY
MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt
Mzk1NTk1OWVhZjgxLzEvN0NOQ1c0Nm1LR3JaNm83NnRENUlXV2tCR1p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx
LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgtxQAAE
MA0GCSqGSIb3DQEBCwUAA4IBAQBY6brMgl5mRFhkW3JrNnUv2FFLiDy53h6gwZik
I8c94XhVzl7jyrnmWb6wybG8RMgSTfIznVEUAZvCDOr0D7ib4iAHdlIfgJUgY8+g
gCAezPfm9X7ujpc59AXb1D70oeHXzCMHoLkzAhk8/T6DM+HixhUOpRF4pS1qA4DU
TgCVPbBZh3FMfiloLmYs/m/VyHryoS58BjprYxXyJ1nzgwD8BrVnyEwugGZ5ZtlF
jESd83qGgf8p/e+ZTWB20Y7VfaLxU5qUSYkcsKxRcnN1cyBWcTvprDvJZpn5P4Eq
9Cj/Na80/qNntZsD+/9xUI540mqjhWd7XfR0eIcDBcdEhDFk
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:16:07 2025 by rpki-client