Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/3SwRkRoeYsthr40VJ10p-93XAZw.roa
File: 3SwRkRoeYsthr40VJ10p-93XAZw.roa (raw, json)
Hash identifier: 1jS9XO99jKPs6Hv1l/8gf58Ow41m3rKtNxeo8xSKwjA=
Subject key identifier: DD:2C:11:91:1A:1E:62:CB:61:AF:8D:15:27:5D:29:FB:DD:D7:01:9C
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0193FDF1724272ED62F738EE48D5D8C9D0DC
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/3SwRkRoeYsthr40VJ10p-93XAZw.roa
Signing time: Wed 25 Dec 2024 13:11:19 +0000
ROA not before: Wed 25 Dec 2024 13:11:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6079
IP address blocks: 2a0d:8f80::/29 maxlen: 29
2a0e:1a86::/32 maxlen: 32
2a0e:f500::/29 maxlen: 29
2a10:37c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:fd:f1:72:42:72:ed:62:f7:38:ee:48:d5:d8:c9:d0:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 25 13:11:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd2c11911a1e62cb61af8d15275d29fbddd7019c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:26:90:80:07:cf:08:13:31:2c:10:3a:b4:d8:
65:1e:49:fb:3e:8f:22:22:21:91:2f:d9:81:8a:9c:
34:39:00:9b:65:2f:c9:2c:bb:ab:91:cd:fd:15:58:
ca:c4:03:13:ad:f3:8b:17:50:94:f6:c8:07:e4:0e:
8f:6c:7a:c0:ff:7b:d1:7d:67:85:31:8c:95:69:7e:
5d:68:ec:59:32:36:42:e8:0c:45:71:b1:73:07:92:
21:d4:80:55:31:49:f7:44:b9:f4:d2:c1:2b:7a:99:
ba:13:a4:e9:2c:56:6c:08:8e:ff:08:bd:ca:ca:ee:
6c:e6:04:32:71:80:4c:22:53:3d:6e:bb:f2:c9:15:
38:f8:d3:b4:3f:64:81:ad:9e:36:64:36:73:4d:d4:
2b:36:6a:29:d9:d1:b3:b6:03:44:60:a7:fd:f2:64:
b7:ba:16:b3:d9:4a:c5:b1:e0:d6:ac:af:c3:05:1e:
71:d9:e0:f1:a4:96:65:d0:2c:e5:47:13:5b:1a:9a:
e7:78:5b:20:c7:8a:cc:6f:4e:dc:19:dc:af:d6:b0:
b2:4f:69:03:35:99:fd:87:4f:39:aa:b9:e3:30:2f:
2f:c7:ef:96:7f:71:33:63:ee:db:81:a7:7a:f8:08:
7f:61:1f:03:02:59:cc:cd:de:48:e3:f2:12:a0:1e:
a8:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:2C:11:91:1A:1E:62:CB:61:AF:8D:15:27:5D:29:FB:DD:D7:01:9C
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/3SwRkRoeYsthr40VJ10p-93XAZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:8f80::/29
2a0e:1a86::/32
2a0e:f500::/29
2a10:37c0::/29
Signature Algorithm: sha256WithRSAEncryption
9e:e9:cf:74:07:20:1a:86:87:dc:ab:5e:8c:1a:0e:b2:f3:7b:
cc:04:1f:1e:e3:9b:c9:33:c3:2d:89:a7:f5:0a:a0:1f:7d:d6:
13:84:18:a7:f6:5b:d2:11:30:65:74:33:1c:4a:15:f6:e2:58:
42:27:5a:b4:ca:31:f5:c4:cd:40:5a:6e:8a:c2:42:ab:e0:aa:
80:0c:3e:64:c7:e5:56:af:2f:89:7d:28:60:b1:cb:a2:2f:11:
4d:c8:7e:99:69:5e:4b:d0:b8:45:45:42:80:05:0d:62:ba:1f:
e3:e3:fe:b2:8e:98:36:af:fa:50:ab:4a:b1:11:dd:68:71:03:
07:e6:9a:11:29:14:13:d4:df:d2:b1:f3:fe:59:e7:2a:69:2b:
56:a8:6e:c7:ef:44:f7:fe:c0:cf:73:fc:8c:ae:db:51:fb:60:
c6:59:08:5b:39:6a:8c:08:7b:23:7a:1e:3f:0d:6f:8a:5d:3e:
2f:cc:67:a2:5d:ff:3a:b9:32:88:ee:2b:d1:45:76:e7:89:7a:
6a:17:cb:41:4c:c7:4a:0d:a5:7e:d7:09:4e:f8:fb:94:6b:83:
7c:44:c6:00:58:be:fd:f6:c3:f9:5b:c6:cb:2f:e7:cb:32:28:
8a:a0:6a:82:8a:20:fa:48:95:54:ac:c5:0e:b4:bb:92:f4:b9:
20:af:6d:2a
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZP98XJCcu1i9zjuSNXYydDcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMjI1MTMxMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDJjMTE5MTFhMWU2MmNiNjFhZjhkMTUyNzVkMjlmYmRkZDcwMTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSaQgAfPCBMxLBA6tNhlHkn7Po8i
IiGRL9mBipw0OQCbZS/JLLurkc39FVjKxAMTrfOLF1CU9sgH5A6PbHrA/3vRfWeF
MYyVaX5daOxZMjZC6AxFcbFzB5Ih1IBVMUn3RLn00sErepm6E6TpLFZsCI7/CL3K
yu5s5gQycYBMIlM9brvyyRU4+NO0P2SBrZ42ZDZzTdQrNmop2dGztgNEYKf98mS3
uhaz2UrFseDWrK/DBR5x2eDxpJZl0CzlRxNbGprneFsgx4rMb07cGdyv1rCyT2kD
NZn9h085qrnjMC8vx++Wf3EzY+7bgad6+Ah/YR8DAlnMzd5I4/ISoB6ozwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFN0sEZEaHmLLYa+NFSddKfvd1wGcMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvM1N3UmtSb2VZc3RocjQwVkoxMHAtOTNYQVp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKg2PgAMF
ACoOGoYDBQMqDvUAAwUDKhA3wDANBgkqhkiG9w0BAQsFAAOCAQEAnunPdAcgGoaH
3KtejBoOsvN7zAQfHuObyTPDLYmn9QqgH33WE4QYp/Zb0hEwZXQzHEoV9uJYQida
tMox9cTNQFpuisJCq+CqgAw+ZMflVq8viX0oYLHLoi8RTch+mWleS9C4RUVCgAUN
Yrof4+P+so6YNq/6UKtKsRHdaHEDB+aaESkUE9Tf0rHz/lnnKmkrVqhux+9E9/7A
z3P8jK7bUftgxlkIWzlqjAh7I3oePw1vil0+L8xnol3/OrkyiO4r0UV254l6ahfL
QUzHSg2lftcJTvj7lGuDfETGAFi+/fbD+VvGyy/nyzIoiqBqgoog+kiVVKzFDrS7
kvS5IK9tKg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:15:23 2025 by rpki-client