Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1DjEmVNwXp4FtbKtMYdU59p15Oc.roa
File: 1DjEmVNwXp4FtbKtMYdU59p15Oc.roa (raw, json)
Hash identifier: U+ZvdVE+zF4EhM95n5ChcgORLa2DYYEr6nxrJMmQ4fg=
Subject key identifier: D4:38:C4:99:53:70:5E:9E:05:B5:B2:AD:31:87:54:E7:DA:75:E4:E7
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018D120FFCEEA9134DF2D5D5C011A8EC18B1
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1DjEmVNwXp4FtbKtMYdU59p15Oc.roa
Signing time: Tue 16 Jan 2024 11:37:34 +0000
ROA not before: Tue 16 Jan 2024 11:37:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198571
IP address blocks: 2a0c:9240::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 23 Sep 2024 09:32:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:12:0f:fc:ee:a9:13:4d:f2:d5:d5:c0:11:a8:ec:18:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 16 11:37:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d438c49953705e9e05b5b2ad318754e7da75e4e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:1e:fe:9d:67:42:3e:47:cf:f7:14:da:fd:59:
ff:60:b1:ab:28:0e:0e:8e:8e:71:80:48:9b:79:37:
de:6e:31:b6:c3:b3:73:7e:08:76:90:aa:43:7c:db:
d9:51:a2:92:8b:80:1b:29:2f:13:49:5d:cd:f5:0f:
40:1b:84:70:2c:e0:fc:6c:02:d0:fc:e1:76:75:46:
34:7d:64:d1:d1:0b:5a:1f:e4:0d:35:dd:8a:42:09:
cb:c2:3a:e1:4e:a7:27:e9:da:4c:e1:4c:39:1f:7b:
41:1d:42:ae:1b:0e:8a:25:3c:67:6f:6e:f3:f8:20:
a3:97:ee:cf:82:f6:66:ad:eb:56:4b:4a:a6:48:70:
7d:d0:ae:59:02:d4:db:0b:0a:c4:5e:0c:0f:02:c1:
19:5a:81:50:08:1f:13:f2:0c:f8:e7:dd:80:d3:93:
f4:4e:30:c6:2f:54:8b:df:58:5f:72:ea:5b:56:2c:
d4:47:91:62:ad:12:db:f5:b6:4b:51:c4:78:23:42:
a0:92:a6:dd:5b:ce:11:eb:c1:7f:4c:08:57:e3:96:
f8:85:80:e8:04:41:89:31:f6:8f:39:41:e7:46:94:
69:59:66:30:49:ca:d2:46:48:98:4c:b6:9e:10:ef:
f5:86:98:c5:88:4c:b6:31:70:f4:ad:c7:a6:5a:f1:
6f:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:38:C4:99:53:70:5E:9E:05:B5:B2:AD:31:87:54:E7:DA:75:E4:E7
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1DjEmVNwXp4FtbKtMYdU59p15Oc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9240::/29
Signature Algorithm: sha256WithRSAEncryption
5f:ce:27:d2:91:e4:55:d1:4f:e9:8f:6d:1d:11:8d:34:9b:f0:
bd:c6:8c:9f:6b:84:b8:b5:f1:53:21:c1:37:84:48:87:18:0a:
05:55:2d:cd:51:db:27:27:56:66:5c:c8:40:92:e7:2c:08:07:
7c:bd:80:c4:11:63:ed:e2:3e:70:71:42:d6:54:7c:bc:ec:9e:
d5:fb:fa:b3:5e:0d:11:e6:1f:b8:20:b1:89:10:04:a0:0d:46:
e6:5d:46:1e:ed:08:0f:93:12:82:4c:11:d6:cb:31:84:af:6b:
ba:e9:a9:a4:3f:f2:ea:8a:f7:f6:2b:de:cf:93:17:5c:f4:cd:
73:93:08:90:8c:61:38:04:69:12:db:1b:6e:0f:3b:31:ca:5e:
ec:c9:6b:84:39:5d:f5:97:c2:35:38:92:e9:26:76:28:12:8c:
c4:23:8e:77:5c:01:a5:39:21:80:ef:d1:8b:da:d5:ca:7a:7d:
a4:6b:6c:8b:e6:34:34:65:f2:ea:f5:a1:79:80:04:f4:f7:9a:
65:0f:2a:20:78:7b:3a:af:74:49:f6:cc:28:36:9f:6a:e2:cd:
94:be:fb:0d:e8:e2:96:ab:60:2c:46:27:78:d7:45:4b:40:3d:
d7:21:24:47:f3:c5:9c:4c:1f:83:3f:31:22:26:10:a6:5b:44:
6b:98:e6:26
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY0SD/zuqRNN8tXVwBGo7BixMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMTE2MTEzNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDM4YzQ5OTUzNzA1ZTllMDViNWIyYWQzMTg3NTRlN2RhNzVlNGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1R7+nWdCPkfP9xTa/Vn/YLGrKA4O
jo5xgEibeTfebjG2w7Nzfgh2kKpDfNvZUaKSi4AbKS8TSV3N9Q9AG4RwLOD8bALQ
/OF2dUY0fWTR0QtaH+QNNd2KQgnLwjrhTqcn6dpM4Uw5H3tBHUKuGw6KJTxnb27z
+CCjl+7PgvZmretWS0qmSHB90K5ZAtTbCwrEXgwPAsEZWoFQCB8T8gz4592A05P0
TjDGL1SL31hfcupbVizUR5FirRLb9bZLUcR4I0KgkqbdW84R68F/TAhX45b4hYDo
BEGJMfaPOUHnRpRpWWYwScrSRkiYTLaeEO/1hpjFiEy2MXD0rcemWvFvsQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNQ4xJlTcF6eBbWyrTGHVOfadeTnMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMURqRW1WTndYcDRGdGJLdE1ZZFU1OXAxNU9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgySQDAN
BgkqhkiG9w0BAQsFAAOCAQEAX84n0pHkVdFP6Y9tHRGNNJvwvcaMn2uEuLXxUyHB
N4RIhxgKBVUtzVHbJydWZlzIQJLnLAgHfL2AxBFj7eI+cHFC1lR8vOye1fv6s14N
EeYfuCCxiRAEoA1G5l1GHu0ID5MSgkwR1ssxhK9ruumppD/y6or39ivez5MXXPTN
c5MIkIxhOARpEtsbbg87Mcpe7MlrhDld9ZfCNTiS6SZ2KBKMxCOOd1wBpTkhgO/R
i9rVynp9pGtsi+Y0NGXy6vWheYAE9PeaZQ8qIHh7Oq90SfbMKDafauLNlL77Deji
lqtgLEYneNdFS0A91yEkR/PFnEwfgz8xIiYQpltEa5jmJg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:00:39 2025 by rpki-client