Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/CGMHbdzCTcIGZ7EqW66MM_IR68M.roa
File: CGMHbdzCTcIGZ7EqW66MM_IR68M.roa (raw, json)
Hash identifier: npsJWpqM4QJJJAw/Bcf8ZpXHvvu96mToGfo4i6+6agw=
Subject key identifier: 08:63:07:6D:DC:C2:4D:C2:06:67:B1:2A:5B:AE:8C:33:F2:11:EB:C3
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 01938206488E57F8B67F9016940F284568C3
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/CGMHbdzCTcIGZ7EqW66MM_IR68M.roa
Signing time: Sun 01 Dec 2024 11:41:10 +0000
ROA not before: Sun 01 Dec 2024 11:41:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210464
IP address blocks: 2a0a:79c7:f7d0::/44 maxlen: 44
2a0a:79c7:f7e0::/44 maxlen: 44
2a0a:79c7:f7f0::/44 maxlen: 44
2a0a:79c7:f800::/48 maxlen: 48
2a0a:79c7:f898::/48 maxlen: 48
2a0a:79c7:f899::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:82:06:48:8e:57:f8:b6:7f:90:16:94:0f:28:45:68:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Dec 1 11:41:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0863076ddcc24dc20667b12a5bae8c33f211ebc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:fa:35:ba:96:f7:3d:e9:76:db:4c:4a:7d:45:
02:86:32:59:1b:f4:3d:9d:64:1c:11:f8:ae:25:6e:
9f:20:7a:c1:02:47:69:96:d3:ef:8a:71:97:1c:6c:
b8:51:2d:ca:1a:1d:8c:85:8e:41:37:6a:10:e3:d6:
a5:75:32:70:a2:8b:0f:fb:be:fe:4b:bd:12:73:19:
1a:ee:c5:cc:d2:6b:02:ea:c9:fb:67:db:1d:c1:00:
72:97:b4:f8:f6:46:fc:00:5a:c8:e7:93:87:5c:a1:
2f:51:6b:e4:d5:be:cc:dc:ce:f8:d3:57:0f:12:53:
00:4c:60:26:36:53:5b:20:84:8b:3a:5e:27:7f:28:
8b:e5:12:6e:d4:07:85:03:e5:88:0d:32:fd:af:1c:
a6:1f:44:46:c3:3e:37:6c:f6:ff:2c:c4:0b:b2:07:
0f:6c:06:b2:a0:3b:8e:9a:44:00:0e:bd:fa:29:27:
a0:fe:71:63:d1:8f:e0:6d:0f:a5:99:28:b8:43:c8:
87:0d:ec:b5:64:2c:5a:58:d7:b7:8b:9c:90:45:47:
4c:0f:05:2a:5e:ff:cc:6e:ee:9a:af:8b:df:dd:3d:
f6:72:ee:a5:7a:f8:a4:2e:37:3f:31:c2:1c:5f:e3:
82:62:7b:60:41:1c:e5:ce:5f:88:0f:a2:aa:40:c2:
5a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:63:07:6D:DC:C2:4D:C2:06:67:B1:2A:5B:AE:8C:33:F2:11:EB:C3
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/CGMHbdzCTcIGZ7EqW66MM_IR68M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:79c7:f7d0::-2a0a:79c7:f800:ffff:ffff:ffff:ffff:ffff
2a0a:79c7:f898::/47
Signature Algorithm: sha256WithRSAEncryption
0f:7b:e3:bd:54:78:25:e5:cd:4d:23:03:89:0d:de:ab:fc:e8:
c8:59:9c:4e:d5:09:29:44:64:63:da:64:63:7d:7f:94:a1:44:
ee:b3:65:1b:2b:97:e9:9a:5b:75:81:23:fc:63:4d:44:1a:2e:
e2:2c:f0:ff:79:68:73:a3:f5:6f:99:d2:71:7e:99:5a:41:bd:
76:e2:2b:35:0b:6e:5b:b3:a7:40:c9:b8:28:d1:93:15:1d:03:
a9:05:e1:ab:9d:d7:a7:ca:1a:62:1b:89:5f:69:1e:fc:d4:09:
5d:61:50:be:3f:6c:87:54:e1:d4:62:31:4d:76:a5:29:50:8f:
0d:a4:7d:3e:98:f3:28:8e:a4:9a:b4:6a:45:99:23:70:56:91:
d1:7f:a1:4c:c1:75:c8:7b:62:db:27:6e:41:d8:a1:66:df:06:
38:08:09:bf:8c:e3:cb:55:eb:ce:39:6e:25:6e:aa:e0:c3:37:
e5:45:fb:e5:ce:a7:05:7f:73:5c:38:59:bb:74:a0:71:fd:e6:
f6:47:b0:7b:0e:a5:6e:ad:cc:af:97:c2:60:1d:3a:a1:15:d6:
85:8b:aa:b3:f7:c6:a4:b7:2c:30:65:61:ff:3c:ec:48:c9:f2:
39:88:4e:ad:fd:79:8b:eb:cd:17:d8:52:0a:d0:76:76:48:ac:
55:e9:56:15
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZOCBkiOV/i2f5AWlA8oRWjDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjQxMjAxMTE0MTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODYzMDc2ZGRjYzI0ZGMyMDY2N2IxMmE1YmFlOGMzM2YyMTFlYmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPo1upb3Pel220xKfUUChjJZG/Q9
nWQcEfiuJW6fIHrBAkdpltPvinGXHGy4US3KGh2MhY5BN2oQ49aldTJwoosP+77+
S70Scxka7sXM0msC6sn7Z9sdwQByl7T49kb8AFrI55OHXKEvUWvk1b7M3M7401cP
ElMATGAmNlNbIISLOl4nfyiL5RJu1AeFA+WIDTL9rxymH0RGwz43bPb/LMQLsgcP
bAayoDuOmkQADr36KSeg/nFj0Y/gbQ+lmSi4Q8iHDey1ZCxaWNe3i5yQRUdMDwUq
Xv/Mbu6ar4vf3T32cu6levikLjc/McIcX+OCYntgQRzlzl+ID6KqQMJa5wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFAhjB23cwk3CBmexKluujDPyEevDMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvQ0dNSGJkekNUY0lHWjdFcVc2Nk1NX0lSNjhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdMBIDBwQqCnnH
99ADBwAqCnnH+AADBwEqCnnH+JgwDQYJKoZIhvcNAQELBQADggEBAA97471UeCXl
zU0jA4kN3qv86MhZnE7VCSlEZGPaZGN9f5ShRO6zZRsrl+maW3WBI/xjTUQaLuIs
8P95aHOj9W+Z0nF+mVpBvXbiKzULbluzp0DJuCjRkxUdA6kF4aud16fKGmIbiV9p
HvzUCV1hUL4/bIdU4dRiMU12pSlQjw2kfT6Y8yiOpJq0akWZI3BWkdF/oUzBdch7
YtsnbkHYoWbfBjgICb+M48tV6845biVuquDDN+VF++XOpwV/c1w4Wbt0oHH95vZH
sHsOpW6tzK+XwmAdOqEV1oWLqrP3xqS3LDBlYf887EjJ8jmITq39eYvrzRfYUgrQ
dnZIrFXpVhU=
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:17:07 2025 by rpki-client