Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/40cb9c-c426-48ab-9968-a56bdfadb81e/1/tRMwdXbhf73C-8Z5SxZw1YDR_yA.roa
File: tRMwdXbhf73C-8Z5SxZw1YDR_yA.roa (raw, json)
Hash identifier: XVzif5tc3cI7UDThAZTC06W717tfvirL8XCXWRMfE+g=
Subject key identifier: B5:13:30:75:76:E1:7F:BD:C2:FB:C6:79:4B:16:70:D5:80:D1:FF:20
Certificate issuer: /CN=9d6b9774c94876c98321de3201b11b75a1358d19
Certificate serial: 019189A33F75F39802A362C779963A8BC8C4
Authority key identifier: 9D:6B:97:74:C9:48:76:C9:83:21:DE:32:01:B1:1B:75:A1:35:8D:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nWuXdMlIdsmDId4yAbEbdaE1jRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/40cb9c-c426-48ab-9968-a56bdfadb81e/1/tRMwdXbhf73C-8Z5SxZw1YDR_yA.roa
Signing time: Sun 25 Aug 2024 13:04:22 +0000
ROA not before: Sun 25 Aug 2024 13:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214402
IP address blocks: 2a0d:8140:5fff::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 22 Sep 2024 15:59:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:89:a3:3f:75:f3:98:02:a3:62:c7:79:96:3a:8b:c8:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d6b9774c94876c98321de3201b11b75a1358d19
Validity
Not Before: Aug 25 13:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b513307576e17fbdc2fbc6794b1670d580d1ff20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a9:d0:5d:ef:04:83:bb:1e:75:b5:60:dc:78:
e0:ec:e9:1c:07:be:92:ea:8d:c9:7c:71:41:2f:5f:
dd:5d:42:f9:54:97:cd:7f:a8:ec:8b:5c:de:3b:7c:
38:2c:c0:e1:42:8b:b1:ff:90:5a:07:7c:6e:1a:7f:
b9:c9:f3:4c:27:35:6e:e3:76:c0:58:80:13:48:70:
29:7e:c7:94:0b:15:76:19:c1:dc:60:a4:2a:46:ca:
31:6d:1b:ef:9d:ed:ca:df:0b:30:77:f7:19:16:eb:
84:00:49:74:33:51:32:68:bb:5a:cc:ac:56:2f:86:
ae:33:fa:ef:8a:39:f7:61:f7:18:a3:f1:1f:73:9a:
b4:5a:19:d8:f2:b4:86:4d:b0:26:37:c3:43:e0:ba:
bf:88:0b:16:57:ea:ee:cb:2b:cb:92:b8:42:94:67:
da:86:e1:1e:ec:67:07:5b:e5:a5:22:d8:37:e3:55:
e5:2a:a9:f7:5a:81:aa:b4:40:0a:78:26:8e:a2:70:
a8:cf:39:25:a8:f2:0a:a9:d3:61:a7:8d:03:0d:3a:
28:2c:91:34:5a:66:67:e6:6e:73:1c:28:85:a4:84:
4d:99:33:8d:c2:04:a1:ca:aa:b2:df:0c:06:57:36:
42:ed:46:62:45:3c:30:21:92:13:72:d8:a0:26:af:
88:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:13:30:75:76:E1:7F:BD:C2:FB:C6:79:4B:16:70:D5:80:D1:FF:20
X509v3 Authority Key Identifier:
keyid:9D:6B:97:74:C9:48:76:C9:83:21:DE:32:01:B1:1B:75:A1:35:8D:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nWuXdMlIdsmDId4yAbEbdaE1jRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/40cb9c-c426-48ab-9968-a56bdfadb81e/1/tRMwdXbhf73C-8Z5SxZw1YDR_yA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/40cb9c-c426-48ab-9968-a56bdfadb81e/1/nWuXdMlIdsmDId4yAbEbdaE1jRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:8140:5fff::/48
Signature Algorithm: sha256WithRSAEncryption
72:f3:06:38:7f:c6:62:e2:f2:5f:4c:91:c6:24:bd:40:80:91:
57:d2:07:ad:7a:01:34:6c:30:44:b1:db:db:e7:56:f2:66:d6:
7d:bf:89:41:dc:9f:17:09:3f:06:de:87:c3:87:ec:23:8f:b6:
55:69:e9:31:98:89:d8:ff:c6:06:76:fc:cb:d8:62:9c:41:10:
00:c7:a3:e9:78:3d:13:c4:64:22:fb:3d:1e:94:4f:ef:97:81:
67:9e:3b:b9:8f:78:05:e2:ef:b8:14:32:d6:48:88:9e:66:00:
3d:27:76:48:73:e4:2d:99:d7:59:15:16:44:41:3a:67:6d:e4:
fd:d9:63:7e:c9:34:53:08:7c:b6:3b:2e:51:ae:d7:51:a3:54:
1e:1f:fc:62:a8:21:b4:70:c2:02:a5:84:7c:87:8f:42:3f:4e:
6e:7b:2c:d2:52:4d:88:00:33:ed:c3:fb:dc:85:91:bc:1c:b2:
9f:c3:12:50:28:5b:a5:be:37:3a:62:ab:d3:2b:50:48:eb:dc:
b9:3a:24:85:70:22:47:6a:77:fd:9c:0c:6f:74:b3:ca:bf:b4:
b1:52:d5:57:04:79:08:81:66:f7:a7:2d:3e:f2:1d:41:43:4f:
ab:68:55:61:8e:ba:0c:66:30:09:c9:14:cd:e1:81:06:c0:5f:
66:a2:55:e0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZGJoz9185gCo2LHeZY6i8jEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNmI5Nzc0Yzk0ODc2Yzk4MzIxZGUzMjAxYjExYjc1YTEz
NThkMTkwHhcNMjQwODI1MTMwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTEzMzA3NTc2ZTE3ZmJkYzJmYmM2Nzk0YjE2NzBkNTgwZDFmZjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqnQXe8Eg7sedbVg3Hjg7OkcB76S
6o3JfHFBL1/dXUL5VJfNf6jsi1zeO3w4LMDhQoux/5BaB3xuGn+5yfNMJzVu43bA
WIATSHApfseUCxV2GcHcYKQqRsoxbRvvne3K3wswd/cZFuuEAEl0M1EyaLtazKxW
L4auM/rvijn3YfcYo/Efc5q0WhnY8rSGTbAmN8ND4Lq/iAsWV+ruyyvLkrhClGfa
huEe7GcHW+WlItg341XlKqn3WoGqtEAKeCaOonCozzklqPIKqdNhp40DDTooLJE0
WmZn5m5zHCiFpIRNmTONwgShyqqy3wwGVzZC7UZiRTwwIZITctigJq+IjQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLUTMHV24X+9wvvGeUsWcNWA0f8gMB8GA1UdIwQY
MBaAFJ1rl3TJSHbJgyHeMgGxG3WhNY0ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbld1WGRNbElkc21ESWQ0eUFiRWJkYUUxalJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS80MGNiOWMtYzQyNi00OGFiLTk5Njgt
YTU2YmRmYWRiODFlLzEvdFJNd2RYYmhmNzNDLThaNVN4WncxWURSX3lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS80MGNiOWMtYzQyNi00OGFiLTk5NjgtYTU2YmRmYWRiODFl
LzEvbld1WGRNbElkc21ESWQ0eUFiRWJkYUUxalJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg2BQF//
MA0GCSqGSIb3DQEBCwUAA4IBAQBy8wY4f8Zi4vJfTJHGJL1AgJFX0getegE0bDBE
sdvb51byZtZ9v4lB3J8XCT8G3ofDh+wjj7ZVaekxmInY/8YGdvzL2GKcQRAAx6Pp
eD0TxGQi+z0elE/vl4Fnnju5j3gF4u+4FDLWSIieZgA9J3ZIc+QtmddZFRZEQTpn
beT92WN+yTRTCHy2Oy5RrtdRo1QeH/xiqCG0cMICpYR8h49CP05ueyzSUk2IADPt
w/vchZG8HLKfwxJQKFulvjc6YqvTK1BI69y5OiSFcCJHanf9nAxvdLPKv7SxUtVX
BHkIgWb3py0+8h1BQ0+raFVhjroMZjAJyRTN4YEGwF9molXg
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:56:49 2025 by rpki-client