Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/2stgBo9ninrPFpMMrhkYnQypjoc.roa
File: 2stgBo9ninrPFpMMrhkYnQypjoc.roa (raw, json)
Hash identifier: Xes3N8KGD9rl5eAWJgIolc1JUepxEBrRPlZT+Ci+Xbs=
Subject key identifier: DA:CB:60:06:8F:67:8A:7A:CF:16:93:0C:AE:19:18:9D:0C:A9:8E:87
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018CC9BC2AE1C498C2EF53E3EE91D64632E1
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/2stgBo9ninrPFpMMrhkYnQypjoc.roa
Signing time: Tue 02 Jan 2024 10:33:21 +0000
ROA not before: Tue 02 Jan 2024 10:33:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 2a13:f900::/29 maxlen: 29
2a0c:d384::/30 maxlen: 30
2a13:9480::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 03 Jan 2024 11:06:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:2a:e1:c4:98:c2:ef:53:e3:ee:91:d6:46:32:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 2 10:33:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dacb60068f678a7acf16930cae19189d0ca98e87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:0c:31:7a:39:2f:e2:06:ef:08:4f:5d:18:0b:
3e:06:30:29:94:7b:06:9f:7f:5c:ec:67:be:57:1a:
6f:91:c9:f8:23:eb:f1:e3:89:90:50:31:34:a3:58:
d3:16:04:8b:f5:6b:98:f0:53:03:27:94:e8:84:e7:
14:52:3c:70:8e:64:7e:fe:8b:c4:61:6e:6c:5b:a8:
cf:da:3e:a1:49:d1:a0:3e:3f:b9:38:a1:3b:e3:b4:
a6:be:c4:32:24:03:cb:36:51:f3:b8:4f:75:62:fa:
16:3e:23:6b:c8:1e:b7:f3:74:35:2e:6a:4c:67:db:
da:57:bd:e0:95:8c:cd:3c:b3:fe:53:4e:48:67:b3:
97:66:ad:4b:83:35:9f:65:c6:9f:fc:a8:52:21:3e:
6d:0e:a3:bb:90:bd:4f:44:19:43:b0:8a:de:8c:25:
28:28:40:9d:18:cb:77:03:2d:2c:16:8e:eb:07:dd:
61:a3:85:cc:70:32:7c:cf:91:57:ea:3c:a5:05:85:
d9:9c:8d:a8:fc:b9:1a:e8:91:4f:22:ca:e8:8b:b6:
60:6c:6d:27:11:1f:b4:66:a2:0c:fb:0b:4b:be:07:
1d:aa:1a:49:82:29:b4:68:87:52:89:39:fb:70:7a:
36:2e:79:90:3e:99:ce:c5:cf:01:1b:ed:29:8f:12:
ae:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:CB:60:06:8F:67:8A:7A:CF:16:93:0C:AE:19:18:9D:0C:A9:8E:87
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/2stgBo9ninrPFpMMrhkYnQypjoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:d384::/30
2a13:9480::/29
2a13:f900::/29
Signature Algorithm: sha256WithRSAEncryption
bc:e8:33:84:06:3b:ff:f6:df:35:2b:7a:ee:30:10:96:e8:50:
01:f8:d8:7f:1e:be:5d:0f:0e:08:6d:1c:7c:e6:c7:85:c9:46:
57:21:bc:b6:3d:ef:48:0f:a2:b8:81:d3:aa:d8:96:f5:95:4f:
96:3a:a1:a5:24:a5:ea:f9:d5:1a:7e:f2:bf:28:8c:18:bd:64:
20:3b:38:6f:cc:53:77:7c:e6:af:9f:15:7c:4d:10:8c:08:07:
5e:f1:ca:83:74:41:00:83:52:63:5e:ff:41:a0:80:48:50:fa:
9d:b1:c8:ad:6e:75:a1:8f:5c:35:cb:95:2b:d9:4f:45:0c:66:
48:21:4d:ef:68:3c:cd:c9:07:72:73:0a:cf:a2:b8:8b:f1:1a:
d2:4f:d4:e3:b7:45:b7:f5:f8:77:0e:af:27:fe:66:01:96:57:
dd:51:d1:4f:3f:c1:d5:c7:6f:3d:ee:64:6b:20:85:d2:46:d8:
35:b4:56:af:88:a7:62:36:13:09:e6:af:60:6c:91:8e:5d:50:
55:2a:38:7e:54:f8:e1:d9:b3:85:99:d1:9c:3f:da:2e:2a:6e:
80:3e:c4:5e:0e:67:ca:61:09:5e:83:a2:a4:02:8c:ec:99:84:
50:e5:04:f1:44:0f:39:d0:e3:44:3b:6c:fe:46:ce:97:11:b0:
3b:db:73:1c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJvCrhxJjC71Pj7pHWRjLhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMTAyMTAzMzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWNiNjAwNjhmNjc4YTdhY2YxNjkzMGNhZTE5MTg5ZDBjYTk4ZTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygwxejkv4gbvCE9dGAs+BjAplHsG
n39c7Ge+Vxpvkcn4I+vx44mQUDE0o1jTFgSL9WuY8FMDJ5TohOcUUjxwjmR+/ovE
YW5sW6jP2j6hSdGgPj+5OKE747SmvsQyJAPLNlHzuE91YvoWPiNryB6383Q1LmpM
Z9vaV73glYzNPLP+U05IZ7OXZq1LgzWfZcaf/KhSIT5tDqO7kL1PRBlDsIrejCUo
KECdGMt3Ay0sFo7rB91ho4XMcDJ8z5FX6jylBYXZnI2o/Lka6JFPIsroi7ZgbG0n
ER+0ZqIM+wtLvgcdqhpJgim0aIdSiTn7cHo2LnmQPpnOxc8BG+0pjxKuOQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNrLYAaPZ4p6zxaTDK4ZGJ0MqY6HMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMnN0Z0JvOW5pbnJQRnBNTXJoa1luUXlwam9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUCKgzThAMF
AyoTlIADBQMqE/kAMA0GCSqGSIb3DQEBCwUAA4IBAQC86DOEBjv/9t81K3ruMBCW
6FAB+Nh/Hr5dDw4IbRx85seFyUZXIby2Pe9ID6K4gdOq2Jb1lU+WOqGlJKXq+dUa
fvK/KIwYvWQgOzhvzFN3fOavnxV8TRCMCAde8cqDdEEAg1JjXv9BoIBIUPqdscit
bnWhj1w1y5Ur2U9FDGZIIU3vaDzNyQdycwrPoriL8RrST9Tjt0W39fh3Dq8n/mYB
llfdUdFPP8HVx2897mRrIIXSRtg1tFaviKdiNhMJ5q9gbJGOXVBVKjh+VPjh2bOF
mdGcP9ouKm6APsReDmfKYQleg6KkAozsmYRQ5QTxRA850ONEO2z+Rs6XEbA723Mc
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:05:09 2025 by rpki-client