Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/0GIuAAeanjK9YIiwnaZSxy7YC2k.roa
File: 0GIuAAeanjK9YIiwnaZSxy7YC2k.roa (raw, json)
Hash identifier: FrXsAzA3fXySHXpdp7x9tpEAKliIPTWdJeSyHvQYDVk=
Subject key identifier: D0:62:2E:00:07:9A:9E:32:BD:60:88:B0:9D:A6:52:C7:2E:D8:0B:69
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0193AB6C9F5DA5DA4901BF6E7AB715B835C7
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/0GIuAAeanjK9YIiwnaZSxy7YC2k.roa
Signing time: Mon 09 Dec 2024 12:37:22 +0000
ROA not before: Mon 09 Dec 2024 12:37:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54852
IP address blocks: 2a0e:8880::/29 maxlen: 29
2a0f:1640::/29 maxlen: 29
2a11:7440::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 10 Dec 2024 08:57:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ab:6c:9f:5d:a5:da:49:01:bf:6e:7a:b7:15:b8:35:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 9 12:37:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0622e00079a9e32bd6088b09da652c72ed80b69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:2c:b5:83:0f:1f:26:2b:6c:eb:4a:9b:f8:04:
c8:d6:91:ec:2b:b7:c6:a1:9f:94:33:e9:68:6e:74:
7d:99:9e:eb:33:db:1f:9f:e3:64:a6:c6:ed:2e:59:
cd:c8:23:78:ad:55:6c:ca:33:ee:64:4e:a2:42:01:
6a:ff:4d:b5:ed:97:56:43:84:77:bf:96:c1:3d:22:
38:97:5f:cd:3b:5c:77:3d:8c:92:c4:86:3b:85:96:
9e:5d:83:6b:df:03:2c:f6:45:3b:8c:ef:43:f4:85:
95:e6:e4:46:a3:de:5f:f1:c0:6f:46:fd:68:fb:f9:
f0:ff:90:8a:0e:aa:e3:b9:ba:b9:89:be:e8:95:96:
55:82:70:1c:ea:41:f3:e9:fd:d5:15:a2:68:d4:a7:
2c:1d:53:ea:10:f3:70:84:55:bf:3b:29:0b:fe:1b:
39:89:05:6e:aa:af:19:67:03:a6:92:8f:85:c8:44:
14:b3:c6:fd:4d:6e:9c:0f:c3:1c:e0:86:e7:b3:68:
08:58:bd:37:12:9f:24:d0:a2:41:9c:94:fa:c0:f5:
26:8e:9c:df:53:b6:ac:87:aa:26:a4:8f:30:ec:af:
35:58:91:f3:78:d2:53:85:d9:bf:73:a9:85:b6:f2:
02:1a:d7:b2:76:9c:98:cf:b3:b2:0b:42:34:f6:09:
29:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:62:2E:00:07:9A:9E:32:BD:60:88:B0:9D:A6:52:C7:2E:D8:0B:69
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/0GIuAAeanjK9YIiwnaZSxy7YC2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8880::/29
2a0f:1640::/29
2a11:7440::/29
Signature Algorithm: sha256WithRSAEncryption
aa:36:64:55:40:a9:a2:0b:ff:20:51:0d:96:cf:25:d0:c1:3b:
91:51:ee:d0:a5:a9:93:1b:cb:78:dc:77:b2:1c:46:4b:10:3a:
2f:00:5a:18:32:b6:21:bc:94:87:31:12:f8:40:54:9d:3c:20:
bc:9c:d7:4f:43:7a:d1:82:e8:bd:ad:74:1c:04:04:38:df:46:
28:b4:b4:bd:80:a7:bd:e6:b3:fa:ae:47:9f:eb:e1:3c:34:8a:
12:f4:51:01:7d:41:6e:c8:59:08:34:82:9a:d1:56:80:5c:14:
9e:b8:57:78:9c:f3:b7:c5:b3:af:2d:db:38:05:9a:c7:50:80:
36:60:46:26:13:75:78:c8:64:15:e1:fe:cd:f4:2b:d4:eb:d0:
97:b9:f2:d2:78:24:35:d3:16:6e:99:ae:d9:af:b4:ee:44:a7:
a3:a8:ce:a0:4f:97:ff:55:bd:fc:98:ce:81:7e:81:7d:99:fd:
0d:11:02:77:99:96:e1:c5:ce:97:70:eb:50:62:34:55:f7:a9:
80:05:fc:7d:51:fc:e6:b1:43:46:a3:97:3a:67:f0:04:6e:55:
d9:f6:31:80:30:ec:b9:cd:f2:24:8f:53:71:aa:52:38:27:80:
57:8e:fd:35:01:10:b8:2c:b0:d8:16:76:91:7f:ad:22:6d:8c:
c2:b5:2a:d4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZOrbJ9dpdpJAb9uercVuDXHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMjA5MTIzNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDYyMmUwMDA3OWE5ZTMyYmQ2MDg4YjA5ZGE2NTJjNzJlZDgwYjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Sy1gw8fJits60qb+ATI1pHsK7fG
oZ+UM+lobnR9mZ7rM9sfn+NkpsbtLlnNyCN4rVVsyjPuZE6iQgFq/0217ZdWQ4R3
v5bBPSI4l1/NO1x3PYySxIY7hZaeXYNr3wMs9kU7jO9D9IWV5uRGo95f8cBvRv1o
+/nw/5CKDqrjubq5ib7olZZVgnAc6kHz6f3VFaJo1KcsHVPqEPNwhFW/OykL/hs5
iQVuqq8ZZwOmko+FyEQUs8b9TW6cD8Mc4Ibns2gIWL03Ep8k0KJBnJT6wPUmjpzf
U7ash6ompI8w7K81WJHzeNJThdm/c6mFtvICGteydpyYz7OyC0I09gkp9QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNBiLgAHmp4yvWCIsJ2mUscu2AtpMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMEdJdUFBZWFuaks5WUlpd25hWlN4eTdZQzJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg6IgAMF
AyoPFkADBQMqEXRAMA0GCSqGSIb3DQEBCwUAA4IBAQCqNmRVQKmiC/8gUQ2WzyXQ
wTuRUe7QpamTG8t43HeyHEZLEDovAFoYMrYhvJSHMRL4QFSdPCC8nNdPQ3rRgui9
rXQcBAQ430YotLS9gKe95rP6rkef6+E8NIoS9FEBfUFuyFkINIKa0VaAXBSeuFd4
nPO3xbOvLds4BZrHUIA2YEYmE3V4yGQV4f7N9CvU69CXufLSeCQ10xZuma7Zr7Tu
RKejqM6gT5f/Vb38mM6BfoF9mf0NEQJ3mZbhxc6XcOtQYjRV96mABfx9UfzmsUNG
o5c6Z/AEblXZ9jGAMOy5zfIkj1NxqlI4J4BXjv01ARC4LLDYFnaRf60ibYzCtSrU
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:13:09 2025 by rpki-client