Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/C2j52Fq5iz7nFIrMqmbc_BYXa5Q.roa
File: C2j52Fq5iz7nFIrMqmbc_BYXa5Q.roa (raw, json)
Hash identifier: RMHrpq82mRc6qIcw7ye5WswzjNdpC8horJQ0RLPDISA=
Subject key identifier: 0B:68:F9:D8:5A:B9:8B:3E:E7:14:8A:CC:AA:66:DC:FC:16:17:6B:94
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018FF77A71FDEAB41BB57E5B8EC0C1C15454
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/C2j52Fq5iz7nFIrMqmbc_BYXa5Q.roa
Signing time: Sat 08 Jun 2024 10:52:27 +0000
ROA not before: Sat 08 Jun 2024 10:52:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 2a0c:7884::/32 maxlen: 32
2a0e:1a84::/32 maxlen: 32
2a0f:2d80:1292::/48 maxlen: 48
2a0f:7d00:1::/48 maxlen: 48
2a0f:bc00:a1c4::/48 maxlen: 48
2a0f:e847:1::/48 maxlen: 48
2a13:18c0:2::/48 maxlen: 48
2a13:2b40::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 10 Jun 2024 10:27:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f7:7a:71:fd:ea:b4:1b:b5:7e:5b:8e:c0:c1:c1:54:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 8 10:52:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b68f9d85ab98b3ee7148accaa66dcfc16176b94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:89:dd:a8:bf:38:13:67:7a:58:9c:51:ef:b0:
8d:ef:8b:e7:9a:34:bd:bc:2d:47:4c:d7:84:b8:ab:
4b:59:1b:6f:0a:ad:50:74:ef:f0:22:20:3f:9e:c1:
83:52:24:2c:63:b5:36:01:85:20:91:c2:88:36:7e:
19:74:d9:a8:28:94:b0:2e:3b:da:4f:99:ca:92:b7:
9e:6f:0e:d0:3b:a9:d2:b4:21:eb:4f:ad:27:71:e0:
59:d8:e7:2a:ee:d6:52:d3:a8:0d:a9:5e:3d:a8:58:
6e:ce:fc:d1:b9:4b:e8:e1:c0:3a:d0:e8:45:a2:01:
c8:b8:6e:e8:5f:1b:bf:23:ac:cd:be:6f:f6:ed:ca:
9b:5f:ea:e1:94:f6:c0:fc:e9:7e:ed:34:04:22:aa:
b4:ef:e3:7e:43:b8:b7:c4:de:10:79:e5:0f:c7:4b:
95:f2:b7:51:3e:d2:fe:bd:a3:68:07:a0:54:2e:8f:
86:46:70:a5:fe:84:f8:50:1b:e7:aa:29:79:cf:f7:
23:d0:bb:e3:3b:ec:58:3e:86:e5:dd:b6:17:4b:f0:
f9:56:2d:0b:e2:34:3d:fe:7a:c7:e3:27:8e:94:27:
41:05:d4:7b:ea:22:e8:95:b7:0b:91:a6:b6:4c:dd:
96:57:9c:50:46:0b:ed:b2:10:51:fa:ce:5d:6a:7d:
bc:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:68:F9:D8:5A:B9:8B:3E:E7:14:8A:CC:AA:66:DC:FC:16:17:6B:94
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/C2j52Fq5iz7nFIrMqmbc_BYXa5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:7884::/32
2a0e:1a84::/32
2a0f:2d80:1292::/48
2a0f:7d00:1::/48
2a0f:bc00:a1c4::/48
2a0f:e847:1::/48
2a13:18c0:2::/48
2a13:2b40::/29
Signature Algorithm: sha256WithRSAEncryption
1b:c0:87:22:ed:a2:1b:3c:77:e7:1e:ee:e7:f0:d2:13:b1:61:
f7:bc:59:f1:6e:8f:37:2f:71:a4:f1:88:86:c2:26:86:b6:80:
ec:ef:31:7e:4e:ba:84:6c:8d:88:8f:11:42:60:d8:ed:02:6f:
60:b4:0e:20:34:ee:41:50:d6:e2:90:b7:b7:08:0e:f7:03:ce:
a7:92:2b:c9:8f:ce:10:01:0f:50:66:61:79:19:f1:cb:2c:68:
d6:da:35:61:54:4e:19:d6:59:fa:7e:38:d0:a8:ac:83:44:3c:
4a:b4:99:dd:24:63:12:31:68:dd:ae:c6:dd:9d:97:e2:6e:b6:
c8:04:fa:39:00:e8:d2:7b:36:e0:fd:ba:9c:68:25:c8:bc:bf:
44:f3:91:a2:5d:a8:60:31:fa:04:a2:06:dc:91:37:49:f3:cc:
77:66:b6:29:60:d5:9a:ca:19:12:78:c9:99:ca:b9:0e:58:19:
e5:f1:40:00:ee:50:93:1a:72:81:80:a0:28:e1:0e:94:b5:d1:
19:f5:ec:1b:d6:68:83:db:10:14:dc:ba:da:fc:41:9d:f7:a1:
20:9c:56:21:52:f4:6e:80:e4:57:4d:e9:77:4c:f4:44:40:0d:
ea:e3:e1:a0:d1:7b:ac:c5:f2:86:67:ba:4e:a9:46:2d:44:1b:
87:e6:6d:ba
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAY/3enH96rQbtX5bjsDBwVRUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNjA4MTA1MjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjY4ZjlkODVhYjk4YjNlZTcxNDhhY2NhYTY2ZGNmYzE2MTc2Yjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4IndqL84E2d6WJxR77CN74vnmjS9
vC1HTNeEuKtLWRtvCq1QdO/wIiA/nsGDUiQsY7U2AYUgkcKINn4ZdNmoKJSwLjva
T5nKkreebw7QO6nStCHrT60nceBZ2Ocq7tZS06gNqV49qFhuzvzRuUvo4cA60OhF
ogHIuG7oXxu/I6zNvm/27cqbX+rhlPbA/Ol+7TQEIqq07+N+Q7i3xN4QeeUPx0uV
8rdRPtL+vaNoB6BULo+GRnCl/oT4UBvnqil5z/cj0LvjO+xYPobl3bYXS/D5Vi0L
4jQ9/nrH4yeOlCdBBdR76iLolbcLkaa2TN2WV5xQRgvtshBR+s5dan280QIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFAto+dhauYs+5xSKzKpm3PwWF2uUMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQzJqNTJGcTVpejduRklyTXFtYmNfQllYYTVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAAjBCAwUAKgx4hAMF
ACoOGoQDBwAqDy2AEpIDBwAqD30AAAEDBwAqD7wAocQDBwAqD+hHAAEDBwAqExjA
AAIDBQMqEytAMA0GCSqGSIb3DQEBCwUAA4IBAQAbwIci7aIbPHfnHu7n8NITsWH3
vFnxbo83L3Gk8YiGwiaGtoDs7zF+TrqEbI2IjxFCYNjtAm9gtA4gNO5BUNbikLe3
CA73A86nkivJj84QAQ9QZmF5GfHLLGjW2jVhVE4Z1ln6fjjQqKyDRDxKtJndJGMS
MWjdrsbdnZfibrbIBPo5AOjSezbg/bqcaCXIvL9E85GiXahgMfoEogbckTdJ88x3
ZrYpYNWayhkSeMmZyrkOWBnl8UAA7lCTGnKBgKAo4Q6UtdEZ9ewb1miD2xAU3Lra
/EGd96EgnFYhUvRugORXTel3TPREQA3q4+Gg0XusxfKGZ7pOqUYtRBuH5m26
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:06:44 2025 by rpki-client