Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/cCqhlRe8G0ntxednPeyVcpnO6Pg.roa
File: cCqhlRe8G0ntxednPeyVcpnO6Pg.roa (raw, json)
Hash identifier: /j8OC0e6FRywLZqO91Y0YknknUwgb9c7rQHaywooSmg=
Subject key identifier: 70:2A:A1:95:17:BC:1B:49:ED:C5:E7:67:3D:EC:95:72:99:CE:E8:F8
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 0193FD731929A023D5495B808E0315A249C9
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/cCqhlRe8G0ntxednPeyVcpnO6Pg.roa
Signing time: Wed 25 Dec 2024 10:53:18 +0000
ROA not before: Wed 25 Dec 2024 10:53:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212477
IP address blocks: 2001:3380::/29 maxlen: 29
2a0b:3e00::/29 maxlen: 29
2a13:b840::/29 maxlen: 29
2a13:ddc0::/29 maxlen: 29
2a14:35c0::/29 maxlen: 29
2a14:5840::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 28 Dec 2024 14:12:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:fd:73:19:29:a0:23:d5:49:5b:80:8e:03:15:a2:49:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Dec 25 10:53:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=702aa19517bc1b49edc5e7673dec957299cee8f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:60:94:63:17:94:94:0e:e3:5f:3b:e7:83:b1:
3d:d8:98:d1:8a:f7:70:eb:e4:97:da:62:8f:06:ef:
b5:dd:bb:0b:52:44:89:58:59:af:6f:fa:0a:f9:84:
8a:7a:91:6f:23:9c:c3:e0:d7:72:fc:0e:2f:64:5a:
8f:88:39:f1:d6:ce:1f:60:96:f8:90:7c:31:c1:b2:
c3:68:20:c4:8b:4e:10:0c:43:d5:a1:b6:e4:ec:3e:
f2:d9:cb:3d:ec:92:64:8b:a4:65:3c:d0:6c:e2:3e:
7f:94:a8:53:47:3c:e5:30:e5:6e:0a:88:d9:e4:ae:
de:55:8e:2d:bf:dd:27:79:ba:ba:f8:64:12:bf:55:
e1:12:d8:f6:3e:2c:c1:42:27:da:f7:bb:3a:a6:df:
ea:c2:75:34:37:83:aa:1b:e7:d4:7e:17:32:04:a9:
ec:dd:08:f8:73:58:58:0b:4f:de:d6:80:0b:82:5c:
5b:c5:6a:5e:a2:1f:01:3f:6f:50:89:79:a1:61:d8:
32:52:01:9f:e5:c8:de:86:cf:d9:b7:79:dc:e6:d7:
ba:6a:b0:be:1d:ec:2a:42:8e:49:82:ed:b0:d7:68:
68:12:c1:d4:31:74:a3:5c:50:cc:cd:61:e3:46:92:
5c:ec:13:eb:bc:45:70:e7:ab:94:32:7e:5d:e1:47:
ff:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:2A:A1:95:17:BC:1B:49:ED:C5:E7:67:3D:EC:95:72:99:CE:E8:F8
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/cCqhlRe8G0ntxednPeyVcpnO6Pg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3380::/29
2a0b:3e00::/29
2a13:b840::/29
2a13:ddc0::/29
2a14:35c0::/29
2a14:5840::/29
Signature Algorithm: sha256WithRSAEncryption
02:ce:7f:4e:7b:8e:a2:a3:e1:56:14:8b:0d:1a:0d:3c:2b:a6:
f2:bd:7b:d3:01:0d:77:7b:c3:0e:a3:c8:e3:2a:92:96:d2:e4:
c0:df:0d:19:44:5b:66:f8:87:13:5e:1f:2a:4a:28:87:65:47:
68:67:d0:ab:65:3a:dd:46:f8:71:86:a5:53:bc:98:c8:5c:49:
45:3a:bf:6e:3c:7d:95:59:49:66:5f:c7:31:eb:34:9c:74:1c:
e6:7d:1b:d4:73:5a:a8:33:96:32:76:aa:be:1f:3e:f0:1e:6e:
86:32:00:69:98:6e:1b:66:2e:8d:3e:0e:31:c8:27:0f:03:ff:
8c:eb:29:1a:ed:d7:20:fa:d8:47:11:f6:fb:07:91:62:8e:54:
48:75:d7:86:8d:ca:18:65:8e:ba:eb:c9:20:a1:db:d5:a2:ec:
6b:39:99:a6:ed:ef:76:73:4b:d3:23:37:c9:b5:98:30:be:4e:
c2:b6:61:41:7d:4b:09:1d:c6:2f:f4:fd:ed:90:5e:1f:c1:7f:
86:bb:0b:01:b5:11:27:3a:24:ca:5a:86:e5:81:7a:15:0c:e6:
60:ac:b9:94:c4:04:2a:2a:6e:bf:28:8c:87:41:9b:58:d0:b4:
48:ee:4d:e8:ba:af:70:4e:0d:75:01:06:49:23:3b:e8:58:b1:
1a:55:db:fb
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZP9cxkpoCPVSVuAjgMVoknJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjQxMjI1MTA1MzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDJhYTE5NTE3YmMxYjQ5ZWRjNWU3NjczZGVjOTU3Mjk5Y2VlOGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmCUYxeUlA7jXzvng7E92JjRivdw
6+SX2mKPBu+13bsLUkSJWFmvb/oK+YSKepFvI5zD4Ndy/A4vZFqPiDnx1s4fYJb4
kHwxwbLDaCDEi04QDEPVobbk7D7y2cs97JJki6RlPNBs4j5/lKhTRzzlMOVuCojZ
5K7eVY4tv90nebq6+GQSv1XhEtj2PizBQifa97s6pt/qwnU0N4OqG+fUfhcyBKns
3Qj4c1hYC0/e1oALglxbxWpeoh8BP29QiXmhYdgyUgGf5cjehs/Zt3nc5te6arC+
HewqQo5Jgu2w12hoEsHUMXSjXFDMzWHjRpJc7BPrvEVw56uUMn5d4Uf/8wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHAqoZUXvBtJ7cXnZz3slXKZzuj4MB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvY0NxaGxSZThHMG50eGVkblBleVZjcG5PNlBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDIAEzgAMF
AyoLPgADBQMqE7hAAwUDKhPdwAMFAyoUNcADBQMqFFhAMA0GCSqGSIb3DQEBCwUA
A4IBAQACzn9Oe46io+FWFIsNGg08K6byvXvTAQ13e8MOo8jjKpKW0uTA3w0ZRFtm
+IcTXh8qSiiHZUdoZ9CrZTrdRvhxhqVTvJjIXElFOr9uPH2VWUlmX8cx6zScdBzm
fRvUc1qoM5Yydqq+Hz7wHm6GMgBpmG4bZi6NPg4xyCcPA/+M6yka7dcg+thHEfb7
B5FijlRIddeGjcoYZY6668kgodvVouxrOZmm7e92c0vTIzfJtZgwvk7CtmFBfUsJ
HcYv9P3tkF4fwX+GuwsBtREnOiTKWoblgXoVDOZgrLmUxAQqKm6/KIyHQZtY0LRI
7k3ouq9wTg11AQZJIzvoWLEaVdv7
-----END CERTIFICATE-----
Generated at Thu Apr 17 18:21:58 2025 by rpki-client