Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/32XtFMVPp-2YEl_f7Mdj8EfxhJc.roa
File: 32XtFMVPp-2YEl_f7Mdj8EfxhJc.roa (raw, json)
Hash identifier: dJ9DVhZX3AHVr11cl32Zw9QEgLTR3XVevHrCtX6O8Hs=
Subject key identifier: DF:65:ED:14:C5:4F:A7:ED:98:12:5F:DF:EC:C7:63:F0:47:F1:84:97
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0192535010EA64D7EDD8EF45729E7BF24E75
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/32XtFMVPp-2YEl_f7Mdj8EfxhJc.roa
Signing time: Thu 03 Oct 2024 16:56:49 +0000
ROA not before: Thu 03 Oct 2024 16:56:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21738
IP address blocks: 2a0e:e980::/29 maxlen: 29
2a0f:140::/29 maxlen: 29
2a0f:e740::/29 maxlen: 29
2a10:5200::/29 maxlen: 29
2a10:6f00::/29 maxlen: 29
2a10:7f00::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 04 Oct 2024 15:06:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:53:50:10:ea:64:d7:ed:d8:ef:45:72:9e:7b:f2:4e:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 3 16:56:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df65ed14c54fa7ed98125fdfecc763f047f18497
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:27:dc:e4:1e:a3:23:ab:50:a6:c0:02:f6:2a:
c4:d2:e1:cb:57:32:52:16:44:d1:34:4d:1f:33:6e:
e4:58:11:8a:1d:a3:1f:42:15:4e:a0:49:81:7a:69:
d2:36:48:c2:a8:21:29:21:7f:b6:e7:12:ff:30:1e:
c1:55:a1:21:bc:14:3e:3b:38:b7:a6:09:59:2a:8b:
d6:f9:a5:15:33:b9:b5:57:82:31:f1:47:c8:2a:f4:
18:bd:5e:0a:3b:35:c4:c2:7b:d7:38:b4:3d:66:72:
90:04:1d:34:a3:2c:41:48:21:de:38:a9:d4:55:fc:
f2:85:e4:cd:54:fd:90:b2:91:61:4b:5b:0b:2d:fe:
bf:93:76:ed:01:78:24:52:60:ad:6c:93:06:38:df:
58:15:43:40:3a:b0:bc:9e:38:26:c5:b9:3b:ed:f9:
04:2b:d6:98:de:65:06:b3:58:7c:65:f0:e7:96:c5:
7a:ba:94:1f:32:20:f5:91:00:90:ad:a2:33:e3:06:
86:2c:e5:2a:85:dd:7c:af:52:d7:13:62:5b:23:1b:
7e:c3:8c:d1:cd:83:e5:91:cf:c1:d7:7b:4f:39:65:
dc:f4:d6:b7:ac:58:1f:90:ba:eb:08:34:56:d0:2b:
a8:34:5f:c4:60:d1:8c:e0:aa:4e:c7:a8:4d:55:31:
53:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:65:ED:14:C5:4F:A7:ED:98:12:5F:DF:EC:C7:63:F0:47:F1:84:97
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/32XtFMVPp-2YEl_f7Mdj8EfxhJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:e980::/29
2a0f:140::/29
2a0f:e740::/29
2a10:5200::/29
2a10:6f00::/29
2a10:7f00::/29
Signature Algorithm: sha256WithRSAEncryption
88:f2:8b:5e:23:9f:63:e5:56:a1:7e:ad:b8:11:b5:d0:eb:15:
f0:bf:fb:85:23:0d:bc:bf:21:8b:f9:34:99:7f:67:ba:3d:7f:
39:d0:0a:67:5a:f8:54:11:9a:4c:e1:4a:a1:86:03:29:2a:8e:
56:0e:00:a2:ea:52:21:12:77:99:ea:82:bd:3e:41:0f:cd:e4:
fb:ef:9d:ee:28:f7:7f:11:30:9b:79:7d:22:98:95:35:ed:89:
1d:de:d6:35:99:41:1a:19:ed:2a:18:78:a6:91:ba:d6:f2:17:
35:5c:aa:19:bb:60:87:8d:84:f6:21:bf:10:4b:97:7a:7a:e3:
65:a1:49:77:87:b7:b9:47:c2:3a:e4:64:c4:15:01:9d:f5:c4:
ff:5c:78:c1:8f:7b:62:dd:06:a9:93:b6:4d:c7:12:8e:b4:e2:
62:d6:be:ab:ce:11:6d:84:80:e6:22:3e:34:bc:64:31:2f:8d:
be:7e:35:90:ee:a6:95:1b:f6:97:8c:33:6a:fb:45:94:fb:3c:
af:00:5a:39:78:f8:e8:4a:52:3f:6c:65:36:bf:5a:52:ca:4b:
4c:62:25:ff:3e:e0:54:fa:80:03:4c:75:06:3f:f7:8d:ad:b2:
ba:ee:ad:5e:fa:6c:ef:e7:8e:8e:7a:8d:c7:33:fe:28:7a:75:
1d:c4:66:93
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZJTUBDqZNft2O9Fcp578k51MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMDAzMTY1NjQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjY1ZWQxNGM1NGZhN2VkOTgxMjVmZGZlY2M3NjNmMDQ3ZjE4NDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyifc5B6jI6tQpsAC9irE0uHLVzJS
FkTRNE0fM27kWBGKHaMfQhVOoEmBemnSNkjCqCEpIX+25xL/MB7BVaEhvBQ+Ozi3
pglZKovW+aUVM7m1V4Ix8UfIKvQYvV4KOzXEwnvXOLQ9ZnKQBB00oyxBSCHeOKnU
VfzyheTNVP2QspFhS1sLLf6/k3btAXgkUmCtbJMGON9YFUNAOrC8njgmxbk77fkE
K9aY3mUGs1h8ZfDnlsV6upQfMiD1kQCQraIz4waGLOUqhd18r1LXE2JbIxt+w4zR
zYPlkc/B13tPOWXc9Na3rFgfkLrrCDRW0CuoNF/EYNGM4KpOx6hNVTFThQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFN9l7RTFT6ftmBJf3+zHY/BH8YSXMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMzJYdEZNVlBwLTJZRWxfZjdNZGo4RWZ4aEpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKg7pgAMF
AyoPAUADBQMqD+dAAwUDKhBSAAMFAyoQbwADBQMqEH8AMA0GCSqGSIb3DQEBCwUA
A4IBAQCI8oteI59j5Vahfq24EbXQ6xXwv/uFIw28vyGL+TSZf2e6PX850ApnWvhU
EZpM4UqhhgMpKo5WDgCi6lIhEneZ6oK9PkEPzeT7753uKPd/ETCbeX0imJU17Ykd
3tY1mUEaGe0qGHimkbrW8hc1XKoZu2CHjYT2Ib8QS5d6euNloUl3h7e5R8I65GTE
FQGd9cT/XHjBj3ti3Qapk7ZNxxKOtOJi1r6rzhFthIDmIj40vGQxL42+fjWQ7qaV
G/aXjDNq+0WU+zyvAFo5ePjoSlI/bGU2v1pSyktMYiX/PuBU+oADTHUGP/eNrbK6
7q1e+mzv546Oeo3HM/4oenUdxGaT
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:57:50 2025 by rpki-client