Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/5NzaNJz0IlcsrOUTqxNCoxt1o_0.roa
File: 5NzaNJz0IlcsrOUTqxNCoxt1o_0.roa (raw, json)
Hash identifier: nNv+LFn2stMqOzlqm9vyMWRq5dBvG6XjdJaeP2DBcus=
Subject key identifier: E4:DC:DA:34:9C:F4:22:57:2C:AC:E5:13:AB:13:42:A3:1B:75:A3:FD
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0190E397095BD8B64CFF1FC5619F147DA725
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/5NzaNJz0IlcsrOUTqxNCoxt1o_0.roa
Signing time: Wed 24 Jul 2024 07:14:04 +0000
ROA not before: Wed 24 Jul 2024 07:14:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60647
IP address blocks: 2a0f:1201::/32 maxlen: 32
2a0f:3d84::/32 maxlen: 32
2a12:ecc0:271::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 27 Jul 2024 09:26:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e3:97:09:5b:d8:b6:4c:ff:1f:c5:61:9f:14:7d:a7:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 24 07:14:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4dcda349cf422572cace513ab1342a31b75a3fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:77:d5:e8:78:72:2a:a9:c0:15:9b:41:aa:c4:
db:46:f7:ba:5a:db:9f:ac:78:cd:6b:35:7b:e7:3a:
1e:8a:61:27:89:7c:1b:db:b2:0b:13:8c:35:ed:f7:
0d:16:d1:33:77:44:2e:07:3f:6e:ca:d2:8e:1e:86:
6a:5e:68:13:4d:7b:4a:78:fb:31:fe:2f:8d:25:21:
86:ea:e2:9a:9b:e0:52:09:d5:e7:29:ac:58:9b:66:
57:00:19:1c:75:e1:23:5d:2e:b6:94:39:af:00:6b:
06:e4:93:18:8d:e8:c9:76:1c:20:b0:d6:b2:85:e4:
73:39:e0:69:a2:7c:1d:99:25:53:83:44:74:c0:aa:
a7:ef:26:e8:31:42:6c:b5:cf:e1:df:ae:13:ff:82:
ae:bc:2b:42:8e:09:ea:56:71:f8:c0:69:2c:37:02:
24:05:5d:d6:0a:9c:51:30:2c:2f:4a:fb:f8:35:a9:
13:d2:8c:48:82:fc:bb:2c:b6:dd:55:5f:05:4a:31:
9e:89:95:87:cc:75:ea:64:5d:29:76:c7:ca:7c:82:
61:66:e3:84:15:1e:6f:bb:7a:16:e5:08:63:0e:b0:
df:f5:15:68:0f:b0:0b:dd:66:ac:c3:e5:98:c3:33:
3e:82:37:b0:cb:4e:ea:75:1b:7f:ce:a1:77:8e:38:
10:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:DC:DA:34:9C:F4:22:57:2C:AC:E5:13:AB:13:42:A3:1B:75:A3:FD
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/5NzaNJz0IlcsrOUTqxNCoxt1o_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1201::/32
2a0f:3d84::/32
2a12:ecc0:271::/48
Signature Algorithm: sha256WithRSAEncryption
42:06:3c:6a:3c:75:b0:c8:b9:8f:73:ea:db:a0:a8:e6:6e:76:
70:c8:13:bf:bd:fa:bb:b1:dc:4f:0d:26:4f:25:c1:c9:a3:f3:
5f:f4:6a:40:85:1b:fc:49:ef:2a:29:e9:ea:d8:ec:e8:02:00:
11:82:45:67:9a:00:33:be:55:b3:bf:4b:21:66:b4:99:97:a0:
62:6c:8d:68:e3:4d:cc:1d:d2:64:fc:01:3b:df:d8:12:dc:dc:
47:8f:6a:05:02:44:45:2a:ce:a2:67:fe:4e:2a:00:ae:96:a4:
ed:6e:2c:99:ee:ac:54:a7:36:76:96:93:8b:e6:97:e3:a7:d4:
55:c3:db:65:d2:c1:b8:39:c4:57:fa:23:60:b4:e6:1f:a4:c4:
fb:31:94:32:b2:2c:16:80:e2:2d:fc:c1:4d:18:2f:89:9b:d1:
d4:eb:6a:1b:72:bd:9e:41:a6:2d:ac:f2:2f:e2:cf:b4:04:3d:
48:af:0a:51:77:e5:14:5b:d3:45:f4:9c:81:53:66:93:45:81:
f5:19:40:32:5c:f5:f1:1e:31:4f:4d:bc:e0:0f:44:6c:39:a0:
88:54:61:c0:c9:61:03:9e:32:4a:64:29:cb:89:80:b7:c5:3d:
37:e2:24:19:5d:cb:a2:92:7e:91:4e:18:90:87:0a:15:c9:18:
e4:aa:1b:56
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZDjlwlb2LZM/x/FYZ8UfaclMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNzI0MDcxNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGRjZGEzNDljZjQyMjU3MmNhY2U1MTNhYjEzNDJhMzFiNzVhM2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXfV6HhyKqnAFZtBqsTbRve6Wtuf
rHjNazV75zoeimEniXwb27ILE4w17fcNFtEzd0QuBz9uytKOHoZqXmgTTXtKePsx
/i+NJSGG6uKam+BSCdXnKaxYm2ZXABkcdeEjXS62lDmvAGsG5JMYjejJdhwgsNay
heRzOeBponwdmSVTg0R0wKqn7yboMUJstc/h364T/4KuvCtCjgnqVnH4wGksNwIk
BV3WCpxRMCwvSvv4NakT0oxIgvy7LLbdVV8FSjGeiZWHzHXqZF0pdsfKfIJhZuOE
FR5vu3oW5QhjDrDf9RVoD7AL3Wasw+WYwzM+gjewy07qdRt/zqF3jjgQIwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOTc2jSc9CJXLKzlE6sTQqMbdaP9MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvNU56YU5KejBJbGNzck9VVHF4TkNveHQxb18wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwUAKg8SAQMF
ACoPPYQDBwAqEuzAAnEwDQYJKoZIhvcNAQELBQADggEBAEIGPGo8dbDIuY9z6tug
qOZudnDIE7+9+rux3E8NJk8lwcmj81/0akCFG/xJ7yop6erY7OgCABGCRWeaADO+
VbO/SyFmtJmXoGJsjWjjTcwd0mT8ATvf2BLc3EePagUCREUqzqJn/k4qAK6WpO1u
LJnurFSnNnaWk4vml+On1FXD22XSwbg5xFf6I2C05h+kxPsxlDKyLBaA4i38wU0Y
L4mb0dTrahtyvZ5Bpi2s8i/iz7QEPUivClF35RRb00X0nIFTZpNFgfUZQDJc9fEe
MU9NvOAPRGw5oIhUYcDJYQOeMkpkKcuJgLfFPTfiJBldy6KSfpFOGJCHChXJGOSq
G1Y=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:07:14 2025 by rpki-client