Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/5UsirNz2O89W73_Y1bwyQG42aBg.roa
File: 5UsirNz2O89W73_Y1bwyQG42aBg.roa (raw, json)
Hash identifier: vW6hU38jBNT2lqLAC/ShUkdz+GJCpscwptoGQJoesvQ=
Subject key identifier: E5:4B:22:AC:DC:F6:3B:CF:56:EF:7F:D8:D5:BC:32:40:6E:36:68:18
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018D7344AA021AEEC749BDFC39D1A9D95A30
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/5UsirNz2O89W73_Y1bwyQG42aBg.roa
Signing time: Sun 04 Feb 2024 08:38:16 +0000
ROA not before: Sun 04 Feb 2024 08:38:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49981
IP address blocks: 2a0f:dfc4::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 04 Apr 2024 06:32:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:73:44:aa:02:1a:ee:c7:49:bd:fc:39:d1:a9:d9:5a:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 4 08:38:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e54b22acdcf63bcf56ef7fd8d5bc32406e366818
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:41:ba:d7:bc:d5:a9:be:3d:82:d1:73:9b:85:
72:c3:05:1e:9d:bb:8c:e2:5f:3b:75:11:27:6d:65:
c8:4e:0e:04:0c:d7:5a:4d:af:01:ba:70:42:57:cc:
94:92:c1:12:c8:3c:f0:46:69:39:de:7d:ec:62:bb:
03:df:53:e6:e8:6e:5f:a9:70:1f:93:31:54:72:10:
b7:7c:60:17:84:f7:21:f9:a8:e2:27:fc:ee:f5:7e:
84:b3:da:5a:11:e8:10:0f:1e:f3:59:22:c9:f5:ed:
79:d2:ce:3e:65:2b:03:6a:26:e7:b3:fa:24:f9:a9:
c3:ab:a0:f5:0a:6d:92:87:f9:43:d3:b4:6a:81:91:
a3:67:db:6e:d0:68:87:81:28:de:af:26:d5:e9:9f:
ce:94:c5:67:81:1a:0f:99:cd:1d:97:95:a6:f1:96:
1c:91:aa:8c:a0:ce:db:d4:82:38:e9:2f:e5:14:34:
fb:54:82:5e:ea:64:6f:6a:99:f2:64:ae:0c:58:08:
5c:eb:92:22:e6:6f:bb:fb:fd:85:67:67:0c:84:69:
ea:96:fa:51:cf:cf:04:86:c8:18:b7:3c:db:57:ef:
c1:a9:58:04:b0:fd:5a:52:03:52:63:e6:b6:1c:e3:
0d:36:32:6f:cb:49:d0:c4:76:70:5d:49:f9:08:f6:
d3:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:4B:22:AC:DC:F6:3B:CF:56:EF:7F:D8:D5:BC:32:40:6E:36:68:18
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/5UsirNz2O89W73_Y1bwyQG42aBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:dfc4::/32
Signature Algorithm: sha256WithRSAEncryption
90:95:28:59:e9:df:d8:0e:46:74:a9:07:2f:86:0b:68:97:50:
b2:00:79:85:45:9d:c9:07:2a:a8:d1:c9:93:af:40:0a:91:21:
a0:06:73:66:93:b4:e5:32:d2:e5:d4:34:cb:7a:d3:e7:c3:42:
ff:eb:d1:bd:2c:29:c2:7d:ac:97:3a:8f:26:ec:6b:d1:18:98:
41:4b:01:70:ec:16:d9:d1:af:ff:32:9f:18:57:2b:b7:f2:b6:
13:09:d7:dc:03:bb:c4:2b:c9:14:a0:73:95:f1:70:ad:cb:67:
7d:81:2f:f8:79:f3:33:d4:2d:53:77:c6:e2:79:2d:2b:67:99:
94:05:28:8c:10:9c:0e:7e:2d:a0:95:c2:f3:7c:ce:d0:64:f3:
09:a7:93:d3:b2:e1:97:12:b5:b0:5b:aa:af:2b:bd:2e:56:0b:
7e:7c:c3:98:f8:37:00:8b:89:66:26:8a:81:dc:7d:2f:61:96:
96:a7:9a:63:5f:99:4d:39:6f:62:4a:95:5a:f3:06:07:3a:ae:
13:5a:8d:ad:68:58:88:64:bb:d7:1f:82:df:85:ca:b8:c4:5a:
27:70:34:c9:13:e7:65:2d:9a:4a:34:f6:a0:73:35:51:ef:9e:
78:a1:38:97:a7:06:f6:ab:02:e5:ef:cc:82:4d:a6:58:ce:04:
28:b5:2e:ee
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY1zRKoCGu7HSb38OdGp2VowMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMjA0MDgzODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTRiMjJhY2RjZjYzYmNmNTZlZjdmZDhkNWJjMzI0MDZlMzY2ODE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0G617zVqb49gtFzm4VywwUenbuM
4l87dREnbWXITg4EDNdaTa8BunBCV8yUksESyDzwRmk53n3sYrsD31Pm6G5fqXAf
kzFUchC3fGAXhPch+ajiJ/zu9X6Es9paEegQDx7zWSLJ9e150s4+ZSsDaibns/ok
+anDq6D1Cm2Sh/lD07RqgZGjZ9tu0GiHgSjerybV6Z/OlMVngRoPmc0dl5Wm8ZYc
kaqMoM7b1II46S/lFDT7VIJe6mRvapnyZK4MWAhc65Ii5m+7+/2FZ2cMhGnqlvpR
z88EhsgYtzzbV+/BqVgEsP1aUgNSY+a2HOMNNjJvy0nQxHZwXUn5CPbT+QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOVLIqzc9jvPVu9/2NW8MkBuNmgYMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvNVVzaXJOejJPODlXNzNfWTFid3lRRzQyYUJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg/fxDAN
BgkqhkiG9w0BAQsFAAOCAQEAkJUoWenf2A5GdKkHL4YLaJdQsgB5hUWdyQcqqNHJ
k69ACpEhoAZzZpO05TLS5dQ0y3rT58NC/+vRvSwpwn2slzqPJuxr0RiYQUsBcOwW
2dGv/zKfGFcrt/K2EwnX3AO7xCvJFKBzlfFwrctnfYEv+HnzM9QtU3fG4nktK2eZ
lAUojBCcDn4toJXC83zO0GTzCaeT07LhlxK1sFuqryu9LlYLfnzDmPg3AIuJZiaK
gdx9L2GWlqeaY1+ZTTlvYkqVWvMGBzquE1qNrWhYiGS71x+C34XKuMRaJ3A0yRPn
ZS2aSjT2oHM1Ue+eeKE4l6cG9qsC5e/Mgk2mWM4EKLUu7g==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:15:02 2025 by rpki-client