Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CHvTd7_0EqQnErl51SN7hgFUWWc.roa
File: CHvTd7_0EqQnErl51SN7hgFUWWc.roa (raw, json)
Hash identifier: 1Sail7YNZ+i8+XqTQ0pzUt9WwF4BtiunBXFZSoTt1g0=
Subject key identifier: 08:7B:D3:77:BF:F4:12:A4:27:12:B9:79:D5:23:7B:86:01:54:59:67
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0190439B601D8F98A55DA6DE037BEFB3EAB1
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CHvTd7_0EqQnErl51SN7hgFUWWc.roa
Signing time: Sun 23 Jun 2024 05:39:34 +0000
ROA not before: Sun 23 Jun 2024 05:39:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 151872
IP address blocks: 2a0e:15c2::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 23 Sep 2024 11:35:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:43:9b:60:1d:8f:98:a5:5d:a6:de:03:7b:ef:b3:ea:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 23 05:39:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=087bd377bff412a42712b979d5237b8601545967
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:3d:df:0f:a5:18:e8:50:4b:e7:ec:c8:96:76:
71:da:e6:cf:82:6c:a0:a8:48:76:d4:1c:9c:23:89:
2f:a0:98:6a:d8:a1:30:fa:0e:9f:4b:3e:42:4b:af:
10:2f:a2:ac:7e:ff:0c:44:ef:eb:c3:22:00:e3:3c:
1e:01:a6:61:f4:30:d0:df:08:81:d3:14:75:7b:7c:
1c:af:dc:0c:c0:f1:78:00:bd:ee:50:08:99:9e:e7:
b6:f2:46:dc:2d:f1:2a:d5:a0:5e:1a:4b:c8:97:98:
44:19:69:b7:3a:38:80:a8:ef:94:69:02:a7:65:d6:
e4:6f:e0:1d:64:42:be:d3:d6:0b:39:2b:0f:60:6c:
9e:10:0b:78:cd:fc:72:29:ac:ab:27:bb:79:6f:2d:
e9:9e:4c:ea:b7:50:17:93:5a:0d:4c:0f:23:b7:24:
e4:83:e1:a4:99:06:03:76:c7:9b:df:45:b9:a2:ff:
af:71:b6:19:cd:d6:38:2a:0b:d5:ff:44:bd:4b:ff:
11:46:36:2d:38:bd:13:44:1b:e0:61:61:80:19:5f:
ba:a7:8a:9e:1e:bd:2e:20:0a:7a:6a:e6:45:aa:8b:
5d:0b:87:4b:27:ea:a3:e6:2f:96:f0:41:ef:28:0e:
f0:ac:d4:af:37:cf:a0:11:d9:02:3e:a4:5c:46:e1:
02:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:7B:D3:77:BF:F4:12:A4:27:12:B9:79:D5:23:7B:86:01:54:59:67
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CHvTd7_0EqQnErl51SN7hgFUWWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:15c2::/32
Signature Algorithm: sha256WithRSAEncryption
1c:e1:03:62:55:54:26:8a:6a:c7:ac:d3:43:f2:bc:6b:3a:3f:
68:17:5e:41:76:f0:d0:03:07:70:a5:3b:39:21:d1:b5:d7:b3:
01:43:4a:ef:fb:64:49:b7:02:d7:14:ab:6e:f9:0f:50:68:14:
c1:71:81:21:36:50:40:89:ba:5f:a7:cd:ea:e7:a1:42:7c:b1:
7a:3e:ac:51:e9:5a:1f:a8:60:ee:40:86:f3:28:a4:bd:21:9a:
29:f6:73:32:5e:4f:a4:ed:65:59:c6:b9:a9:ec:b1:7e:9e:9e:
15:48:9c:75:72:a0:c2:80:7b:65:31:d0:39:22:3d:38:42:98:
ba:6c:d5:e1:d3:d6:f4:f0:8d:ae:69:25:ad:08:9e:d7:90:eb:
4e:4f:d3:a9:20:00:a6:e3:74:94:13:ac:bd:39:b1:9a:b4:3f:
aa:31:d9:e5:fe:46:88:c1:61:62:6a:16:65:dd:2f:d7:d5:2a:
11:95:85:ab:b4:70:8d:15:18:c9:6c:5a:b3:13:eb:81:3f:91:
31:e5:4c:03:6c:e3:9a:d2:2c:10:a8:71:76:9b:4c:b9:c0:dc:
8b:73:4a:15:cb:6e:34:99:73:91:70:13:a2:de:b1:45:a2:38:
7d:42:3c:b4:4c:d0:2c:58:cd:0c:8c:e4:aa:6a:b3:2f:a2:b5:
26:fc:e7:93
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZBDm2Adj5ilXabeA3vvs+qxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNjIzMDUzOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODdiZDM3N2JmZjQxMmE0MjcxMmI5NzlkNTIzN2I4NjAxNTQ1OTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoj3fD6UY6FBL5+zIlnZx2ubPgmyg
qEh21BycI4kvoJhq2KEw+g6fSz5CS68QL6Ksfv8MRO/rwyIA4zweAaZh9DDQ3wiB
0xR1e3wcr9wMwPF4AL3uUAiZnue28kbcLfEq1aBeGkvIl5hEGWm3OjiAqO+UaQKn
Zdbkb+AdZEK+09YLOSsPYGyeEAt4zfxyKayrJ7t5by3pnkzqt1AXk1oNTA8jtyTk
g+GkmQYDdseb30W5ov+vcbYZzdY4KgvV/0S9S/8RRjYtOL0TRBvgYWGAGV+6p4qe
Hr0uIAp6auZFqotdC4dLJ+qj5i+W8EHvKA7wrNSvN8+gEdkCPqRcRuECcQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAh703e/9BKkJxK5edUje4YBVFlnMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQ0h2VGQ3XzBFcVFuRXJsNTFTTjdoZ0ZVV1djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg4VwjAN
BgkqhkiG9w0BAQsFAAOCAQEAHOEDYlVUJopqx6zTQ/K8azo/aBdeQXbw0AMHcKU7
OSHRtdezAUNK7/tkSbcC1xSrbvkPUGgUwXGBITZQQIm6X6fN6uehQnyxej6sUela
H6hg7kCG8yikvSGaKfZzMl5PpO1lWca5qeyxfp6eFUicdXKgwoB7ZTHQOSI9OEKY
umzV4dPW9PCNrmklrQie15DrTk/TqSAApuN0lBOsvTmxmrQ/qjHZ5f5GiMFhYmoW
Zd0v19UqEZWFq7RwjRUYyWxasxPrgT+RMeVMA2zjmtIsEKhxdptMucDci3NKFctu
NJlzkXATot6xRaI4fUI8tEzQLFjNDIzkqmqzL6K1Jvznkw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:11:39 2025 by rpki-client