Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/9TVPZxWtmnRafBYjJS_MkMS8KsQ.roa
File: 9TVPZxWtmnRafBYjJS_MkMS8KsQ.roa (raw, json)
Hash identifier: czHYYaZG+YgO20btYDogXaovr/VbzLyLpQRtAW8yCT4=
Subject key identifier: F5:35:4F:67:15:AD:9A:74:5A:7C:16:23:25:2F:CC:90:C4:BC:2A:C4
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01909E5BCBAD2ADBCF91A51DF37AB0A74AD4
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/9TVPZxWtmnRafBYjJS_MkMS8KsQ.roa
Signing time: Wed 10 Jul 2024 20:35:34 +0000
ROA not before: Wed 10 Jul 2024 20:35:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199925
IP address blocks: 2a0f:1480::/29 maxlen: 29
2a0f:28c0::/29 maxlen: 29
2a0f:e040::/29 maxlen: 29
2a13:2b40::/29 maxlen: 32
Validation: Failed, certificate revoked on Fri 23 Aug 2024 08:02:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9e:5b:cb:ad:2a:db:cf:91:a5:1d:f3:7a:b0:a7:4a:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 10 20:35:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5354f6715ad9a745a7c1623252fcc90c4bc2ac4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:d6:b0:c8:2c:de:21:36:c0:ed:13:77:aa:f5:
69:d6:80:7f:cb:cd:60:5e:1d:1d:20:94:c2:f0:55:
6e:b3:02:74:d2:3e:96:10:3a:4b:99:d2:ab:04:d5:
67:a2:17:02:a9:e0:fe:09:34:bb:e4:5b:d3:96:75:
1d:29:63:7d:60:34:81:b3:56:5b:34:d9:84:5b:52:
fe:a9:32:d6:7b:c4:47:39:1a:86:4f:a0:c5:d0:a4:
b6:b2:98:09:09:84:1b:05:f3:20:8f:d4:b3:fd:2d:
6e:27:a7:47:63:84:fe:ae:43:15:03:ee:93:4e:cd:
f2:b5:ab:9c:ea:f1:a6:df:e5:a1:af:ab:51:0d:b5:
87:12:4d:c8:6c:ad:73:61:48:36:90:85:4f:1a:56:
5d:81:05:17:eb:d4:c7:28:f4:1e:31:78:ae:72:06:
65:39:4a:49:66:d5:e4:db:a0:02:38:92:d5:03:53:
54:58:c8:57:4e:d1:d1:20:84:a6:3e:4d:f1:e3:ab:
ab:00:de:5b:cc:b2:20:75:8c:d0:1b:16:44:bc:4e:
e6:92:3c:e0:0c:d3:24:08:53:86:f7:57:1f:a1:b2:
c7:d6:1c:31:61:ec:f7:bd:26:8c:64:8b:6e:0b:16:
4e:fc:cc:0b:6d:91:df:f8:99:cf:11:32:c2:33:16:
4c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:35:4F:67:15:AD:9A:74:5A:7C:16:23:25:2F:CC:90:C4:BC:2A:C4
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/9TVPZxWtmnRafBYjJS_MkMS8KsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1480::/29
2a0f:28c0::/29
2a0f:e040::/29
2a13:2b40::/29
Signature Algorithm: sha256WithRSAEncryption
8b:5f:f4:b5:b2:b6:76:dc:8d:60:41:71:e1:a5:74:94:d4:83:
e8:4a:6e:cb:a7:11:dd:76:88:6f:8a:2f:df:3e:4d:48:ac:a7:
87:bf:81:ee:ac:5b:84:52:69:8a:b4:75:ee:06:7c:97:bd:bc:
7a:68:9e:25:13:4f:3c:c5:e2:58:40:da:64:25:27:b2:28:6f:
2b:78:d0:74:d7:cf:98:80:5c:63:fb:50:d7:4c:22:52:bb:a6:
cd:be:b4:9a:90:02:96:a9:c6:fb:ea:38:17:06:3b:f8:0e:d6:
98:d0:5a:fd:d0:12:a8:d6:20:13:89:d8:42:0e:9a:f7:f7:ae:
6f:5e:69:46:7a:ac:e7:f9:b7:72:86:95:17:f6:2d:8a:52:12:
b6:f1:5e:93:68:48:44:01:84:88:5f:da:f5:c2:78:69:c8:96:
14:51:5d:84:98:b5:8e:a6:2f:b9:40:51:1d:2c:26:56:69:3b:
b5:bc:ab:a2:f8:72:0b:de:e1:f5:29:12:ba:82:6c:cf:5c:09:
35:48:3a:5a:80:5a:2c:e3:61:6d:d6:b8:8c:ba:2a:dc:ff:48:
10:24:8c:49:fe:9c:1b:13:3e:d1:c8:92:e9:c0:eb:8b:e4:f5:
1d:86:45:c1:7a:1e:a6:82:cf:76:14:b9:60:4b:37:4c:70:c2:
46:06:bb:45
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZCeW8utKtvPkaUd83qwp0rUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNzEwMjAzNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTM1NGY2NzE1YWQ5YTc0NWE3YzE2MjMyNTJmY2M5MGM0YmMyYWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8dawyCzeITbA7RN3qvVp1oB/y81g
Xh0dIJTC8FVuswJ00j6WEDpLmdKrBNVnohcCqeD+CTS75FvTlnUdKWN9YDSBs1Zb
NNmEW1L+qTLWe8RHORqGT6DF0KS2spgJCYQbBfMgj9Sz/S1uJ6dHY4T+rkMVA+6T
Ts3ytauc6vGm3+Whr6tRDbWHEk3IbK1zYUg2kIVPGlZdgQUX69THKPQeMXiucgZl
OUpJZtXk26ACOJLVA1NUWMhXTtHRIISmPk3x46urAN5bzLIgdYzQGxZEvE7mkjzg
DNMkCFOG91cfobLH1hwxYez3vSaMZItuCxZO/MwLbZHf+JnPETLCMxZM9wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPU1T2cVrZp0WnwWIyUvzJDEvCrEMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvOVRWUFp4V3RtblJhZkJZakpTX01rTVM4S3NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKg8UgAMF
AyoPKMADBQMqD+BAAwUDKhMrQDANBgkqhkiG9w0BAQsFAAOCAQEAi1/0tbK2dtyN
YEFx4aV0lNSD6Epuy6cR3XaIb4ov3z5NSKynh7+B7qxbhFJpirR17gZ8l728emie
JRNPPMXiWEDaZCUnsihvK3jQdNfPmIBcY/tQ10wiUrumzb60mpAClqnG++o4FwY7
+A7WmNBa/dASqNYgE4nYQg6a9/eub15pRnqs5/m3coaVF/YtilIStvFek2hIRAGE
iF/a9cJ4aciWFFFdhJi1jqYvuUBRHSwmVmk7tbyrovhyC97h9SkSuoJsz1wJNUg6
WoBaLONhbda4jLoq3P9IECSMSf6cGxM+0ciS6cDri+T1HYZFwXoepoLPdhS5YEs3
THDCRga7RQ==
-----END CERTIFICATE-----
Generated at Wed Apr 23 01:11:46 2025 by rpki-client