Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/0sdIfkFQ6wAxyQCwTeAwQ4bimN0.roa
File: 0sdIfkFQ6wAxyQCwTeAwQ4bimN0.roa (raw, json)
Hash identifier: lREXgHLch1KTG7P8fnnW3YkwGwGVip9Df3kzbgcjP98=
Subject key identifier: D2:C7:48:7E:41:50:EB:00:31:C9:00:B0:4D:E0:30:43:86:E2:98:DD
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018EE7436ED78386AB8B9018A1FFB78506C2
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/0sdIfkFQ6wAxyQCwTeAwQ4bimN0.roa
Signing time: Tue 16 Apr 2024 14:15:39 +0000
ROA not before: Tue 16 Apr 2024 14:15:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 152697
IP address blocks: 2a0e:9b00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 14 May 2024 20:51:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e7:43:6e:d7:83:86:ab:8b:90:18:a1:ff:b7:85:06:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 16 14:15:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2c7487e4150eb0031c900b04de0304386e298dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:eb:2e:7a:93:87:26:a3:c7:59:07:02:7a:35:
fa:76:74:37:09:d6:5b:0c:df:7e:d7:70:c1:bc:6e:
d1:ba:11:f7:17:ac:2e:53:a4:50:8f:bf:52:b8:80:
56:94:39:4f:e8:66:6d:b5:40:a2:00:b1:77:ad:8e:
b2:46:03:b3:a5:75:86:b4:c3:26:0d:f5:cf:a8:bc:
df:68:a4:ef:f7:74:4f:1d:6a:47:9e:e9:92:dd:f0:
c2:e4:56:95:ef:07:20:3f:00:81:b9:ad:3e:51:c1:
a5:2e:a2:1a:77:60:bf:d4:35:a1:3d:cf:fd:25:1b:
1c:19:fd:a0:de:ba:15:68:8d:d4:b2:00:74:bf:79:
cc:e5:2d:cd:31:4d:88:10:89:e0:5f:71:da:6f:b1:
c7:2d:6c:85:ca:d9:76:83:d9:43:6b:b2:a7:1a:48:
1a:f5:27:eb:36:59:eb:42:31:58:49:bd:62:b7:e5:
cc:4d:e1:8c:49:4d:d1:7b:0a:88:04:05:2e:fe:37:
e7:3f:54:a1:8e:17:41:a7:98:45:61:f7:8c:05:94:
55:33:3b:a0:6c:c9:34:df:aa:7f:b7:c2:62:3b:62:
02:51:5c:f4:a8:24:06:be:8c:2e:ce:90:61:dc:d3:
f9:72:79:d6:7d:45:5d:b8:5f:0c:b9:c4:93:6b:07:
f9:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:C7:48:7E:41:50:EB:00:31:C9:00:B0:4D:E0:30:43:86:E2:98:DD
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/0sdIfkFQ6wAxyQCwTeAwQ4bimN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:9b00::/29
Signature Algorithm: sha256WithRSAEncryption
5b:c1:6e:27:03:10:66:19:9a:51:9a:9c:51:96:ea:69:21:45:
df:3d:df:f8:70:d8:e8:f4:95:d0:96:fe:a7:90:d5:7d:dc:2f:
3c:a8:e0:53:7e:44:d7:b9:90:ef:c9:48:84:34:67:f8:43:e0:
73:ec:78:38:45:73:3d:89:fe:33:fd:27:27:92:f8:66:f7:79:
82:64:e7:27:cb:08:b9:9f:3c:cd:b1:61:ce:ec:cc:83:d8:2f:
77:cb:ac:77:db:a8:db:ad:2f:a7:15:ba:46:6f:ab:cc:b7:56:
21:9f:d5:38:78:ab:a7:f3:4f:9a:ac:02:44:17:39:95:f6:0f:
a8:da:fe:da:e0:d3:8b:97:d1:92:d1:4f:12:ab:d0:6d:cb:e2:
71:74:a4:20:81:5d:e1:b8:47:a3:f2:89:88:df:52:97:3a:3d:
e0:71:94:2d:1a:81:fa:f4:7c:d2:f8:c8:ae:91:b1:5e:10:fd:
68:33:d1:67:a8:50:7c:e5:e8:5a:e2:83:f0:ae:04:aa:5d:b6:
97:92:6b:2c:3a:05:bd:e9:a9:65:f1:2d:d5:64:eb:57:b3:b0:
29:11:c3:c8:c2:3e:03:62:0e:41:3e:64:38:3c:13:61:91:b8:
70:2b:b0:bc:71:d0:88:8c:6f:84:50:38:38:57:7b:90:e2:e6:
ba:a6:90:1c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY7nQ27Xg4ari5AYof+3hQbCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNDE2MTQxNTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmM3NDg3ZTQxNTBlYjAwMzFjOTAwYjA0ZGUwMzA0Mzg2ZTI5OGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+suepOHJqPHWQcCejX6dnQ3CdZb
DN9+13DBvG7RuhH3F6wuU6RQj79SuIBWlDlP6GZttUCiALF3rY6yRgOzpXWGtMMm
DfXPqLzfaKTv93RPHWpHnumS3fDC5FaV7wcgPwCBua0+UcGlLqIad2C/1DWhPc/9
JRscGf2g3roVaI3UsgB0v3nM5S3NMU2IEIngX3Hab7HHLWyFytl2g9lDa7KnGkga
9SfrNlnrQjFYSb1it+XMTeGMSU3RewqIBAUu/jfnP1ShjhdBp5hFYfeMBZRVMzug
bMk036p/t8JiO2ICUVz0qCQGvowuzpBh3NP5cnnWfUVduF8MucSTawf53QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNLHSH5BUOsAMckAsE3gMEOG4pjdMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMHNkSWZrRlE2d0F4eVFDd1RlQXdRNGJpbU4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg6bADAN
BgkqhkiG9w0BAQsFAAOCAQEAW8FuJwMQZhmaUZqcUZbqaSFF3z3f+HDY6PSV0Jb+
p5DVfdwvPKjgU35E17mQ78lIhDRn+EPgc+x4OEVzPYn+M/0nJ5L4Zvd5gmTnJ8sI
uZ88zbFhzuzMg9gvd8usd9uo260vpxW6Rm+rzLdWIZ/VOHirp/NPmqwCRBc5lfYP
qNr+2uDTi5fRktFPEqvQbcvicXSkIIFd4bhHo/KJiN9Slzo94HGULRqB+vR80vjI
rpGxXhD9aDPRZ6hQfOXoWuKD8K4Eql22l5JrLDoFvempZfEt1WTrV7OwKRHDyMI+
A2IOQT5kODwTYZG4cCuwvHHQiIxvhFA4OFd7kOLmuqaQHA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:13:15 2025 by rpki-client