Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/0cci5zRZEd7Oh5k9DgVXbiEcgsk.roa
File: 0cci5zRZEd7Oh5k9DgVXbiEcgsk.roa (raw, json)
Hash identifier: q8WXskR1IZnCHc8zPUeikHCVYjWoAen+fPRxTk74GC4=
Subject key identifier: D1:C7:22:E7:34:59:11:DE:CE:87:99:3D:0E:05:57:6E:21:1C:82:C9
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01912BDB194C2A792C036C3FC33D2A06B0D3
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/0cci5zRZEd7Oh5k9DgVXbiEcgsk.roa
Signing time: Wed 07 Aug 2024 08:01:04 +0000
ROA not before: Wed 07 Aug 2024 08:01:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 2a0e:15c0:5::/48 maxlen: 48
2a0f:2d80:1292::/48 maxlen: 48
2a0f:bc00:a1c4::/48 maxlen: 48
2a0f:e7c5:98bc::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2b:db:19:4c:2a:79:2c:03:6c:3f:c3:3d:2a:06:b0:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 7 08:01:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1c722e7345911dece87993d0e05576e211c82c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6a:ac:2c:08:a3:a9:ee:4c:a9:e6:07:a5:97:
18:9f:bd:25:9f:78:58:a8:69:f2:b9:90:74:12:27:
02:3f:ca:ed:64:d8:bf:94:31:44:5f:7a:37:7b:4c:
aa:0a:9a:ab:8b:f7:28:91:24:a9:1f:c3:31:51:cc:
a3:5c:d5:b7:18:99:08:8c:f7:97:df:b3:43:6a:91:
e2:eb:79:dc:02:7e:91:47:f6:91:05:b8:89:e7:19:
c2:d1:94:da:b5:5d:cf:2d:61:b7:c1:5a:7f:ee:25:
5e:c2:77:84:17:c9:6c:b0:02:b4:57:cf:ce:23:da:
cf:d2:b3:a7:aa:e1:48:48:b1:f8:27:90:be:50:53:
49:79:43:c1:d1:0a:f4:22:9b:d1:bd:38:8b:8e:13:
a3:d2:92:9e:98:17:cd:f1:c2:83:ac:86:12:52:85:
4c:89:e5:ec:2d:8d:e9:09:9c:b7:5d:99:1d:27:09:
47:e9:3c:07:bc:73:c2:ba:48:2e:23:28:31:37:7a:
30:df:42:ed:a1:5a:bd:87:42:ea:51:ad:d6:12:43:
d3:4a:71:8c:a0:0d:ba:4a:c2:8d:4a:eb:a4:e0:a1:
62:71:2f:fa:95:66:83:e5:d0:30:e5:3d:00:29:ee:
73:23:c8:85:92:46:6e:6f:85:54:ed:1b:29:e2:63:
d9:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:C7:22:E7:34:59:11:DE:CE:87:99:3D:0E:05:57:6E:21:1C:82:C9
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/0cci5zRZEd7Oh5k9DgVXbiEcgsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:15c0:5::/48
2a0f:2d80:1292::/48
2a0f:bc00:a1c4::/48
2a0f:e7c5:98bc::/48
Signature Algorithm: sha256WithRSAEncryption
96:29:e3:df:35:20:73:ca:bc:40:43:d5:2e:a4:54:d8:e9:06:
7f:69:8d:2a:86:91:eb:4a:be:4d:99:d3:3b:12:50:2d:13:a3:
a8:1f:1a:4a:5b:c8:61:de:35:bb:8c:b6:32:57:d7:3d:1d:09:
1a:8f:16:79:51:66:ae:98:79:c9:d8:74:ee:c1:24:53:97:c3:
69:1e:c9:6f:83:e4:a5:15:ed:6f:3e:63:13:ef:f2:ad:2d:52:
1e:8e:62:9c:78:04:9f:c6:73:62:66:26:97:09:2b:27:7d:7f:
8f:17:c9:9a:da:d9:c4:e8:27:dd:e1:5b:8a:c5:5e:82:b3:5a:
a1:c2:42:13:b7:e9:44:d8:8c:ba:9a:7b:66:e7:23:5f:1a:33:
55:c2:60:c4:41:a8:ae:1c:eb:9d:99:0e:40:35:4d:2a:6c:d4:
dd:fe:a9:19:95:1f:66:97:7f:8a:93:db:0e:1c:76:70:3d:d6:
4a:b3:74:46:a0:ff:76:ec:4d:2e:d0:4e:fd:8c:9a:e9:a2:7c:
b5:2c:57:5a:8f:a7:3d:42:0b:ba:40:fb:13:4c:58:23:87:b0:
9a:23:3b:f6:ce:04:2e:03:1f:e8:e7:ca:1a:51:fc:3d:c3:12:
26:18:80:f5:ec:71:09:56:60:27:43:92:72:f6:87:08:1b:21:
a4:a9:a5:d4
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZEr2xlMKnksA2w/wz0qBrDTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwODA3MDgwMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWM3MjJlNzM0NTkxMWRlY2U4Nzk5M2QwZTA1NTc2ZTIxMWM4MmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2qsLAijqe5MqeYHpZcYn70ln3hY
qGnyuZB0EicCP8rtZNi/lDFEX3o3e0yqCpqri/cokSSpH8MxUcyjXNW3GJkIjPeX
37NDapHi63ncAn6RR/aRBbiJ5xnC0ZTatV3PLWG3wVp/7iVewneEF8lssAK0V8/O
I9rP0rOnquFISLH4J5C+UFNJeUPB0Qr0IpvRvTiLjhOj0pKemBfN8cKDrIYSUoVM
ieXsLY3pCZy3XZkdJwlH6TwHvHPCukguIygxN3ow30LtoVq9h0LqUa3WEkPTSnGM
oA26SsKNSuuk4KFicS/6lWaD5dAw5T0AKe5zI8iFkkZub4VU7Rsp4mPZ+wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNHHIuc0WRHezoeZPQ4FV24hHILJMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMGNjaTV6UlpFZDdPaDVrOURnVlhiaUVjZ3NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAKg4VwAAF
AwcAKg8tgBKSAwcAKg+8AKHEAwcAKg/nxZi8MA0GCSqGSIb3DQEBCwUAA4IBAQCW
KePfNSBzyrxAQ9UupFTY6QZ/aY0qhpHrSr5NmdM7ElAtE6OoHxpKW8hh3jW7jLYy
V9c9HQkajxZ5UWaumHnJ2HTuwSRTl8NpHslvg+SlFe1vPmMT7/KtLVIejmKceASf
xnNiZiaXCSsnfX+PF8ma2tnE6Cfd4VuKxV6Cs1qhwkITt+lE2Iy6mntm5yNfGjNV
wmDEQaiuHOudmQ5ANU0qbNTd/qkZlR9ml3+Kk9sOHHZwPdZKs3RGoP927E0u0E79
jJrpony1LFdaj6c9Qgu6QPsTTFgjh7CaIzv2zgQuAx/o58oaUfw9wxImGID17HEJ
VmAnQ5Jy9ocIGyGkqaXU
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:35:29 2025 by rpki-client