Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4UdDcfedUcyeixgYLw4-Nn36WNA.roa
File: 4UdDcfedUcyeixgYLw4-Nn36WNA.roa (raw, json)
Hash identifier: iWlcvwT3y9mTFl4heDH+RRgzBE0SUUw+Fbw8mLm03a4=
Subject key identifier: E1:47:43:71:F7:9D:51:CC:9E:8B:18:18:2F:0E:3E:36:7D:FA:58:D0
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0192993AAC02FE8765FA3091004099F1EC7A
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4UdDcfedUcyeixgYLw4-Nn36WNA.roa
Signing time: Thu 17 Oct 2024 06:46:52 +0000
ROA not before: Thu 17 Oct 2024 06:46:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 152697
IP address blocks: 2a0e:9b00::/29 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:99:3a:ac:02:fe:87:65:fa:30:91:00:40:99:f1:ec:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 17 06:46:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1474371f79d51cc9e8b18182f0e3e367dfa58d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:00:f0:b5:b9:5a:1b:b3:ae:d8:8f:9a:6c:ee:
a5:ad:2e:f5:a6:57:64:b7:56:7f:6d:54:26:61:7e:
66:f5:bd:ef:95:15:0a:a0:3e:c2:c0:7f:5e:2f:5b:
1e:99:6c:d7:ed:5a:75:70:9f:3d:2c:23:a9:5d:57:
28:11:82:3a:09:f4:5b:a8:9a:e5:42:97:59:ce:bd:
9a:df:c3:a2:61:23:ba:6a:05:56:14:e9:28:e0:4d:
a7:98:f0:ff:16:ed:4a:d0:ac:4c:45:39:a7:b2:73:
b0:8e:06:b8:c2:5c:03:35:43:c2:ca:c4:83:62:e5:
d5:2f:c5:34:85:50:81:8c:7c:e3:2b:4f:95:94:e5:
02:10:4f:a4:7b:aa:9b:ac:86:75:c0:5d:73:7e:ef:
09:75:77:bd:76:e1:7a:eb:47:66:60:91:b3:2d:e4:
51:e8:1a:19:93:54:00:16:50:a1:f0:8a:a4:e6:ae:
6e:33:49:a7:f8:bc:69:9f:c5:b3:3d:80:0a:32:82:
2a:61:e2:e6:ea:bf:c0:09:42:aa:5b:ef:60:05:df:
6c:77:2b:28:6d:2f:eb:73:95:69:c8:c9:9f:ba:42:
83:b1:60:ff:cf:79:20:88:a5:cd:81:79:51:ea:27:
90:60:51:92:3a:89:80:c0:c4:a7:43:a7:03:30:4f:
ec:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:47:43:71:F7:9D:51:CC:9E:8B:18:18:2F:0E:3E:36:7D:FA:58:D0
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4UdDcfedUcyeixgYLw4-Nn36WNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:9b00::/29
Signature Algorithm: sha256WithRSAEncryption
1c:3f:e8:e7:c7:e3:14:15:0d:38:f1:5b:53:dd:cc:7e:8f:2f:
8f:98:8e:62:88:c0:03:a1:37:86:2f:4a:b0:62:e7:84:ea:62:
94:38:00:f6:8c:ef:97:18:44:78:4f:6c:21:f1:3b:6a:c9:44:
68:c7:2a:03:9a:6f:9f:d9:98:cb:69:c8:15:88:0d:65:1f:37:
1e:b4:eb:47:22:99:13:85:1c:eb:51:de:13:58:56:a8:4d:07:
94:aa:fe:df:b7:20:56:4a:6b:62:1a:cd:85:37:cc:99:01:ae:
f0:12:32:05:33:8c:8e:6e:23:9f:9d:44:16:d4:06:a6:af:c3:
ab:46:7c:81:10:df:f6:37:47:45:50:99:a8:08:05:b6:87:59:
de:bd:8c:40:f7:72:9d:13:5c:db:e9:63:56:54:f8:83:07:57:
f0:2a:df:9e:8c:10:8e:a1:40:b1:29:6b:e2:50:28:c6:b2:44:
04:e1:67:81:b7:fc:be:c4:b2:8c:ce:98:1a:97:7d:a6:4c:dc:
cc:3d:a8:3d:a9:b7:33:e8:77:de:c4:12:a2:7b:6c:49:02:af:
50:23:27:5f:8f:92:9b:ab:ef:32:4c:70:b3:e8:e3:e7:b4:89:
e2:06:54:7e:cb:04:98:a9:2a:95:bf:16:ee:f8:e3:7a:63:b2:
72:d8:d1:9a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZKZOqwC/odl+jCRAECZ8ex6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMDE3MDY0NjUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTQ3NDM3MWY3OWQ1MWNjOWU4YjE4MTgyZjBlM2UzNjdkZmE1OGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgDwtblaG7Ou2I+abO6lrS71pldk
t1Z/bVQmYX5m9b3vlRUKoD7CwH9eL1semWzX7Vp1cJ89LCOpXVcoEYI6CfRbqJrl
QpdZzr2a38OiYSO6agVWFOko4E2nmPD/Fu1K0KxMRTmnsnOwjga4wlwDNUPCysSD
YuXVL8U0hVCBjHzjK0+VlOUCEE+ke6qbrIZ1wF1zfu8JdXe9duF660dmYJGzLeRR
6BoZk1QAFlCh8Iqk5q5uM0mn+Lxpn8WzPYAKMoIqYeLm6r/ACUKqW+9gBd9sdyso
bS/rc5VpyMmfukKDsWD/z3kgiKXNgXlR6ieQYFGSOomAwMSnQ6cDME/sAwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOFHQ3H3nVHMnosYGC8OPjZ9+ljQMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvNFVkRGNmZWRVY3llaXhnWUx3NC1ObjM2V05BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg6bADAN
BgkqhkiG9w0BAQsFAAOCAQEAHD/o58fjFBUNOPFbU93Mfo8vj5iOYojAA6E3hi9K
sGLnhOpilDgA9ozvlxhEeE9sIfE7aslEaMcqA5pvn9mYy2nIFYgNZR83HrTrRyKZ
E4Uc61HeE1hWqE0HlKr+37cgVkprYhrNhTfMmQGu8BIyBTOMjm4jn51EFtQGpq/D
q0Z8gRDf9jdHRVCZqAgFtodZ3r2MQPdynRNc2+ljVlT4gwdX8CrfnowQjqFAsSlr
4lAoxrJEBOFngbf8vsSyjM6YGpd9pkzczD2oPam3M+h33sQSontsSQKvUCMnX4+S
m6vvMkxws+jj57SJ4gZUfssEmKkqlb8W7vjjemOyctjRmg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:02:40 2025 by rpki-client