Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/3-q_ikgAEmv1Vee0dwDKT8vqgGI.roa
File: 3-q_ikgAEmv1Vee0dwDKT8vqgGI.roa (raw, json)
Hash identifier: 8AF5Qjeahx13r68SMOMEOfLjeW3n3ZHxG7Mxkks/oi8=
Subject key identifier: DF:EA:BF:8A:48:00:12:6B:F5:55:E7:B4:77:00:CA:4F:CB:EA:80:62
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0190DE3870776CE2C250FBB967D47E1E4347
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/3-q_ikgAEmv1Vee0dwDKT8vqgGI.roa
Signing time: Tue 23 Jul 2024 06:12:39 +0000
ROA not before: Tue 23 Jul 2024 06:12:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214734
IP address blocks: 2a0a:2940::/29 maxlen: 29
2a10:3340::/29 maxlen: 29
2a10:3440::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 07 Aug 2024 09:49:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:de:38:70:77:6c:e2:c2:50:fb:b9:67:d4:7e:1e:43:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 23 06:12:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dfeabf8a4800126bf555e7b47700ca4fcbea8062
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e9:3f:96:d6:5a:f1:12:f2:e2:c6:c6:b2:b5:
b9:ee:bd:89:8d:3b:23:35:ce:7d:c9:2a:8b:5e:52:
00:95:67:4d:72:24:41:1a:05:cc:75:e2:ef:05:79:
b3:2b:99:e9:79:d8:0e:e1:7e:9c:e1:be:0f:5d:21:
51:f2:45:bd:55:7e:c7:71:60:e8:81:c0:4c:c2:6d:
8c:00:d2:e2:44:b4:d2:5d:6e:2b:1c:85:0f:f0:d2:
8d:b2:73:be:8f:39:1c:4e:73:04:80:9f:b6:e2:86:
8a:fb:d7:93:96:c4:76:d2:30:06:3e:41:6e:6d:04:
69:f4:9a:e2:15:70:0e:ff:78:12:dd:a9:27:79:9a:
3a:b8:89:85:1d:53:d7:4d:31:24:d4:a2:c0:f7:f0:
4f:06:4a:d0:e4:b7:8e:7e:36:6e:c1:77:86:5a:4f:
ee:bd:63:9e:6c:04:01:31:a6:8c:0b:cb:2f:0b:5d:
fc:0f:39:5e:49:0d:28:27:a7:83:93:e6:8a:55:21:
3f:10:30:cc:46:9a:73:59:0e:98:e8:0f:c5:3c:d6:
65:12:e8:80:71:c5:e8:96:2a:9b:8a:7f:08:67:b1:
ee:63:51:38:8c:12:d8:76:24:24:f5:77:d8:4a:13:
05:f3:d0:d7:33:11:67:41:d1:13:e9:48:ba:cc:b5:
64:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:EA:BF:8A:48:00:12:6B:F5:55:E7:B4:77:00:CA:4F:CB:EA:80:62
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/3-q_ikgAEmv1Vee0dwDKT8vqgGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2940::/29
2a10:3340::/29
2a10:3440::/29
Signature Algorithm: sha256WithRSAEncryption
4f:9b:ff:19:2d:ca:08:13:59:72:ce:9d:23:b2:85:45:41:2e:
fb:0f:f7:f0:9a:e5:60:e3:33:0a:d1:27:08:86:09:76:c3:83:
04:e1:03:2f:77:07:32:d5:ea:a8:10:34:86:c5:ec:3c:bf:f6:
0a:c5:53:91:68:fc:f1:20:65:d3:fb:6b:47:04:1b:a1:59:0a:
1d:bb:f0:05:5d:e3:4c:82:6a:9f:31:30:90:d7:b6:41:11:70:
53:8b:37:b3:b0:ce:0b:95:41:72:02:34:8c:49:aa:84:05:33:
96:9d:e7:5d:95:ae:93:ae:ba:7d:0a:90:05:e8:01:f9:c2:4f:
c3:da:30:6d:e6:a8:7a:52:f6:73:c7:e6:5b:cb:e1:d2:3a:1b:
29:46:29:8a:a0:38:3b:1c:69:82:28:61:18:c8:4b:36:58:5d:
36:43:74:ad:e2:59:e6:30:49:41:ab:d1:1a:a7:fe:53:24:0f:
31:35:10:1d:e8:68:d7:f1:b7:09:46:ce:28:90:ea:65:93:5c:
32:ea:1d:92:91:f4:00:d4:a0:bf:b1:48:2f:72:10:b8:73:58:
9c:0b:91:86:73:e6:6b:74:c7:de:a2:07:b2:bb:a0:35:48:37:
3e:03:e2:b3:e4:4e:ce:ab:f3:8c:f0:9c:a0:76:e2:81:ab:69:
fa:86:c3:f3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZDeOHB3bOLCUPu5Z9R+HkNHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNzIzMDYxMjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmVhYmY4YTQ4MDAxMjZiZjU1NWU3YjQ3NzAwY2E0ZmNiZWE4MDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvek/ltZa8RLy4sbGsrW57r2JjTsj
Nc59ySqLXlIAlWdNciRBGgXMdeLvBXmzK5npedgO4X6c4b4PXSFR8kW9VX7HcWDo
gcBMwm2MANLiRLTSXW4rHIUP8NKNsnO+jzkcTnMEgJ+24oaK+9eTlsR20jAGPkFu
bQRp9JriFXAO/3gS3akneZo6uImFHVPXTTEk1KLA9/BPBkrQ5LeOfjZuwXeGWk/u
vWOebAQBMaaMC8svC138DzleSQ0oJ6eDk+aKVSE/EDDMRppzWQ6Y6A/FPNZlEuiA
ccXoliqbin8IZ7HuY1E4jBLYdiQk9XfYShMF89DXMxFnQdET6Ui6zLVkDQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN/qv4pIABJr9VXntHcAyk/L6oBiMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMy1xX2lrZ0FFbXYxVmVlMGR3REtUOHZxZ0dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgopQAMF
AyoQM0ADBQMqEDRAMA0GCSqGSIb3DQEBCwUAA4IBAQBPm/8ZLcoIE1lyzp0jsoVF
QS77D/fwmuVg4zMK0ScIhgl2w4ME4QMvdwcy1eqoEDSGxew8v/YKxVORaPzxIGXT
+2tHBBuhWQodu/AFXeNMgmqfMTCQ17ZBEXBTizezsM4LlUFyAjSMSaqEBTOWnedd
la6Trrp9CpAF6AH5wk/D2jBt5qh6UvZzx+Zby+HSOhspRimKoDg7HGmCKGEYyEs2
WF02Q3St4lnmMElBq9Eap/5TJA8xNRAd6GjX8bcJRs4okOplk1wy6h2SkfQA1KC/
sUgvchC4c1icC5GGc+ZrdMfeogeyu6A1SDc+A+Kz5E7Oq/OM8JygduKBq2n6hsPz
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:11:46 2025 by rpki-client