Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/5A18cmSJrFb6YcZZrGaijLypD7Y.roa
File: 5A18cmSJrFb6YcZZrGaijLypD7Y.roa (raw, json)
Hash identifier: 8MA1K2C/Oh3oH9h06kpYBorerPeMjZLKf7J9y9H6Rdg=
Subject key identifier: E4:0D:7C:72:64:89:AC:56:FA:61:C6:59:AC:66:A2:8C:BC:A9:0F:B6
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018E0FEFDB07736DB593AA66C1AF7758EB6F
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/5A18cmSJrFb6YcZZrGaijLypD7Y.roa
Signing time: Tue 05 Mar 2024 18:46:01 +0000
ROA not before: Tue 05 Mar 2024 18:46:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 151814
IP address blocks: 2a0f:2100::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 08 Jul 2024 13:26:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0f:ef:db:07:73:6d:b5:93:aa:66:c1:af:77:58:eb:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 5 18:46:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e40d7c726489ac56fa61c659ac66a28cbca90fb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:95:6c:25:6d:dc:c8:e4:ff:4b:41:af:de:14:
bd:48:3e:25:49:fb:32:cd:99:d4:66:56:3f:ad:ed:
dc:93:80:6f:79:0f:15:81:23:d3:0e:62:3a:b2:2e:
cc:ff:2e:b6:68:4f:29:01:c7:5e:2f:0f:9a:0f:3f:
cd:75:a0:51:25:15:b6:03:7d:fb:98:19:54:79:bf:
d6:1b:25:46:e1:b0:f0:3e:26:81:53:44:7a:75:fc:
4d:ca:38:e6:e0:70:02:ae:46:72:4d:b0:85:78:65:
f4:30:67:cc:a1:0e:79:d8:8e:72:f7:50:81:79:8f:
21:ec:a2:4c:d5:af:fe:12:44:dc:95:9e:a7:b2:99:
1f:d8:ab:68:bc:96:f6:65:d1:f6:d0:f8:96:94:43:
11:77:43:c9:b2:94:4f:48:19:8c:dd:83:a2:b2:2b:
4c:43:b3:fe:dd:46:72:f7:f8:81:ce:64:3a:5a:59:
9a:f8:7d:5a:54:79:49:46:91:ca:c1:1d:bb:bd:f9:
b7:a3:f2:b5:31:a7:af:06:d3:91:94:af:58:16:a4:
c7:11:5f:9d:70:9f:b6:5b:db:e3:67:53:31:5b:86:
74:0a:e0:86:e4:1a:6d:be:a1:ee:d9:aa:f4:dc:8c:
55:e3:ad:7a:f0:e4:55:41:8d:7e:2f:e4:51:a3:da:
80:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:0D:7C:72:64:89:AC:56:FA:61:C6:59:AC:66:A2:8C:BC:A9:0F:B6
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/5A18cmSJrFb6YcZZrGaijLypD7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:2100::/29
Signature Algorithm: sha256WithRSAEncryption
08:d7:f2:d3:32:20:06:b6:74:fb:6f:a7:f3:d2:22:23:5c:10:
1a:4f:d3:a9:92:16:e0:19:6a:81:56:0a:75:31:69:2b:0c:e7:
ef:0d:8d:9c:99:7b:22:09:89:0a:29:25:af:40:7b:e8:c1:4c:
5a:0f:e4:db:4b:51:9a:9e:bb:4d:28:81:98:6f:b6:42:4c:a1:
4a:0c:7b:d4:04:6a:8c:4a:b0:dd:c8:1b:28:44:9f:5f:58:b7:
32:ed:58:d5:ff:1a:17:fc:33:ce:48:9a:70:e5:63:64:73:f0:
ef:20:5a:a6:d4:42:69:3b:0b:d2:ee:fa:de:2e:2d:ee:eb:38:
ad:d8:f3:c2:23:1b:d6:e1:7a:e8:1b:cb:c9:75:a7:a6:47:d8:
80:84:1c:60:4a:c9:8a:ad:f0:2d:3d:10:89:2c:0e:28:f0:dd:
96:fe:bd:1a:a2:99:84:df:5f:93:ce:5a:96:11:a2:f5:6f:f1:
9c:58:a2:ff:8f:82:ff:7b:67:20:7c:74:45:34:f2:55:3a:0b:
84:53:12:db:30:3f:be:b2:78:bc:66:0d:a8:2e:6a:63:91:65:
ff:41:2d:be:9d:e6:25:d5:8e:19:ea:b0:d3:4b:41:65:62:82:
83:08:47:ba:fb:7e:9c:4e:f0:42:48:f3:35:fa:2b:12:04:92:
66:71:ce:35
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY4P79sHc221k6pmwa93WOtvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMzA1MTg0NjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDBkN2M3MjY0ODlhYzU2ZmE2MWM2NTlhYzY2YTI4Y2JjYTkwZmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5VsJW3cyOT/S0Gv3hS9SD4lSfsy
zZnUZlY/re3ck4BveQ8VgSPTDmI6si7M/y62aE8pAcdeLw+aDz/NdaBRJRW2A337
mBlUeb/WGyVG4bDwPiaBU0R6dfxNyjjm4HACrkZyTbCFeGX0MGfMoQ552I5y91CB
eY8h7KJM1a/+EkTclZ6nspkf2KtovJb2ZdH20PiWlEMRd0PJspRPSBmM3YOisitM
Q7P+3UZy9/iBzmQ6Wlma+H1aVHlJRpHKwR27vfm3o/K1MaevBtORlK9YFqTHEV+d
cJ+2W9vjZ1MxW4Z0CuCG5BptvqHu2ar03IxV46168ORVQY1+L+RRo9qAEwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOQNfHJkiaxW+mHGWaxmooy8qQ+2MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvNUExOGNtU0pyRmI2WWNaWnJHYWlqTHlwRDdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg8hADAN
BgkqhkiG9w0BAQsFAAOCAQEACNfy0zIgBrZ0+2+n89IiI1wQGk/TqZIW4BlqgVYK
dTFpKwzn7w2NnJl7IgmJCiklr0B76MFMWg/k20tRmp67TSiBmG+2QkyhSgx71ARq
jEqw3cgbKESfX1i3Mu1Y1f8aF/wzzkiacOVjZHPw7yBaptRCaTsL0u763i4t7us4
rdjzwiMb1uF66BvLyXWnpkfYgIQcYErJiq3wLT0QiSwOKPDdlv69GqKZhN9fk85a
lhGi9W/xnFii/4+C/3tnIHx0RTTyVToLhFMS2zA/vrJ4vGYNqC5qY5Fl/0Etvp3m
JdWOGeqw00tBZWKCgwhHuvt+nE7wQkjzNforEgSSZnHONQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:14:52 2025 by rpki-client