Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/2ahBO_PFhkti7okO1geidLrRpYE.roa
File: 2ahBO_PFhkti7okO1geidLrRpYE.roa (raw, json)
Hash identifier: SDwFX6fwwRUWCgTF4ujlrPMj5f2N5hxLhB+7hLmyZOs=
Subject key identifier: D9:A8:41:3B:F3:C5:86:4B:62:EE:89:0E:D6:07:A2:74:BA:D1:A5:81
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0193A2F409A36A4E5C770C5B8BF37A7240D4
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/2ahBO_PFhkti7okO1geidLrRpYE.roa
Signing time: Sat 07 Dec 2024 21:08:42 +0000
ROA not before: Sat 07 Dec 2024 21:08:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 2a09:17c0:1000::/48 maxlen: 48
2a0a:2d02::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 10 Dec 2024 09:59:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a2:f4:09:a3:6a:4e:5c:77:0c:5b:8b:f3:7a:72:40:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 7 21:08:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9a8413bf3c5864b62ee890ed607a274bad1a581
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:13:5c:cc:0f:70:95:80:d5:b4:ae:48:ee:b4:
ba:d3:29:72:2f:b6:32:ed:ca:a4:63:d9:9b:59:d7:
e1:2a:49:8b:e6:fe:9e:d0:b4:2b:b1:7c:4e:06:83:
dc:4b:ef:7b:cd:f1:bf:09:68:61:16:c5:e1:10:99:
6c:a9:45:31:ed:ab:e5:0f:61:31:1c:25:07:c7:7c:
17:e1:a4:40:49:11:d9:66:8d:eb:c1:f4:0d:c5:64:
76:37:f1:9a:83:fa:3a:1d:42:26:65:81:df:2c:89:
c9:57:ea:a3:7b:ba:32:6a:83:05:69:c3:30:fc:b1:
05:0a:ba:05:04:bf:d9:fe:88:ec:16:42:80:75:12:
30:4b:c3:0d:81:02:85:3e:5a:4c:bd:28:59:33:79:
13:41:25:f3:d0:97:90:ae:78:aa:e2:ae:6e:9c:ef:
ae:46:8b:bd:33:25:ac:1b:6b:6c:d2:df:37:92:1a:
05:c1:e4:ee:7c:1b:7f:79:af:f7:45:3d:9b:cc:4b:
c3:47:ba:b6:56:12:b9:36:fe:b5:1c:52:f4:ea:a0:
39:00:53:0d:63:bb:42:6e:22:29:f2:8e:ae:cc:46:
4e:bb:dd:e2:28:60:f5:f8:da:35:d5:17:b4:6a:d6:
b2:ad:0d:98:5c:c4:09:e1:2d:8a:dd:a5:93:c7:84:
31:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:A8:41:3B:F3:C5:86:4B:62:EE:89:0E:D6:07:A2:74:BA:D1:A5:81
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/2ahBO_PFhkti7okO1geidLrRpYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:17c0:1000::/48
2a0a:2d02::/32
Signature Algorithm: sha256WithRSAEncryption
95:57:f3:d2:e4:43:ee:4a:be:a1:9c:35:4d:29:4f:ed:02:22:
98:a9:55:aa:70:08:7c:89:c5:f7:a0:b7:62:ea:38:f9:6c:0d:
94:4d:08:96:b8:77:8b:9d:f5:6f:06:c1:b6:82:60:28:eb:97:
af:e5:a4:b8:74:f6:bc:ac:bb:be:90:aa:f4:48:0a:02:d7:cb:
eb:6b:ac:c6:02:7b:9b:3f:c2:fb:ea:48:e2:cc:26:81:c4:10:
a4:68:71:4f:16:e1:74:30:fb:2b:34:73:64:00:46:c5:f2:9a:
72:2a:c3:26:67:4c:53:90:2e:14:ee:9e:ca:9b:39:82:85:b5:
15:36:68:b6:af:3c:b1:da:20:83:86:2c:52:4f:38:cc:45:75:
c0:32:03:98:ea:59:56:49:39:6c:54:b1:37:86:3e:99:36:45:
b5:84:97:4e:db:04:26:08:f4:65:f1:2d:8f:95:59:d3:f6:ad:
3b:63:7c:0f:0b:16:05:a3:bd:53:e1:f8:03:f9:49:b1:28:26:
93:63:0e:aa:09:42:e2:f7:92:e3:41:98:b0:b8:a2:bd:39:ce:
2d:e2:15:2f:d9:2c:d9:ea:f2:83:ff:df:46:11:32:ea:0a:c4:
5f:2b:2a:a8:e9:4f:af:4b:6d:1f:9b:0e:62:23:46:78:6d:fe:
d8:e8:d3:cb
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZOi9Amjak5cdwxbi/N6ckDUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMjA3MjEwODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWE4NDEzYmYzYzU4NjRiNjJlZTg5MGVkNjA3YTI3NGJhZDFhNTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxNczA9wlYDVtK5I7rS60ylyL7Yy
7cqkY9mbWdfhKkmL5v6e0LQrsXxOBoPcS+97zfG/CWhhFsXhEJlsqUUx7avlD2Ex
HCUHx3wX4aRASRHZZo3rwfQNxWR2N/Gag/o6HUImZYHfLInJV+qje7oyaoMFacMw
/LEFCroFBL/Z/ojsFkKAdRIwS8MNgQKFPlpMvShZM3kTQSXz0JeQrniq4q5unO+u
Rou9MyWsG2ts0t83khoFweTufBt/ea/3RT2bzEvDR7q2VhK5Nv61HFL06qA5AFMN
Y7tCbiIp8o6uzEZOu93iKGD1+No11Re0atayrQ2YXMQJ4S2K3aWTx4QxpQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFNmoQTvzxYZLYu6JDtYHonS60aWBMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMmFoQk9fUEZoa3RpN29rTzFnZWlkTHJScFlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwcAKgkXwBAA
AwUAKgotAjANBgkqhkiG9w0BAQsFAAOCAQEAlVfz0uRD7kq+oZw1TSlP7QIimKlV
qnAIfInF96C3Yuo4+WwNlE0Ilrh3i531bwbBtoJgKOuXr+WkuHT2vKy7vpCq9EgK
AtfL62usxgJ7mz/C++pI4swmgcQQpGhxTxbhdDD7KzRzZABGxfKacirDJmdMU5Au
FO6eyps5goW1FTZotq88sdogg4YsUk84zEV1wDIDmOpZVkk5bFSxN4Y+mTZFtYSX
TtsEJgj0ZfEtj5VZ0/atO2N8DwsWBaO9U+H4A/lJsSgmk2MOqglC4veS40GYsLii
vTnOLeIVL9ks2eryg//fRhEy6grEXysqqOlPr0ttH5sOYiNGeG3+2OjTyw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:22:50 2025 by rpki-client