Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CcCcMfS3HYHyN3Xm4R4Hvz7se2g.roa
File: CcCcMfS3HYHyN3Xm4R4Hvz7se2g.roa (raw, json)
Hash identifier: 59gmd3LsAoM4FPv18E53XLhRnbVs0+L6wAt72MMEljE=
Subject key identifier: 09:C0:9C:31:F4:B7:1D:81:F2:37:75:E6:E1:1E:07:BF:3E:EC:7B:68
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01914228A2528FDC4E43C32E8218EB9AA8BE
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CcCcMfS3HYHyN3Xm4R4Hvz7se2g.roa
Signing time: Sun 11 Aug 2024 15:57:24 +0000
ROA not before: Sun 11 Aug 2024 15:57:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214402
IP address blocks: 2a0f:ea43:1::/48 maxlen: 48
2a0f:ea43:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 09 Sep 2024 15:55:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:42:28:a2:52:8f:dc:4e:43:c3:2e:82:18:eb:9a:a8:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 11 15:57:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09c09c31f4b71d81f23775e6e11e07bf3eec7b68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:23:89:91:e4:a5:b1:fc:f7:e7:cd:9f:fc:2a:
51:e6:cf:fc:6c:06:e0:e9:58:ed:70:b0:8e:55:6b:
2d:cc:58:59:d6:2f:9a:d2:38:30:c3:46:b5:1b:a8:
4f:00:63:6c:72:96:fe:07:7c:e8:82:95:3e:ea:3b:
26:cb:19:58:5f:20:3b:0a:44:5d:07:7c:bf:c7:ef:
7d:29:24:8c:a9:43:9f:e5:6c:c4:c1:a9:e2:ef:81:
01:9a:68:40:9e:10:5a:97:bf:bd:ce:dc:b3:44:15:
ca:bc:b5:30:64:03:3e:e8:83:99:d6:d3:c9:7f:ae:
0a:54:e5:bf:be:f5:21:42:d4:30:e6:02:b8:c3:ad:
19:be:ff:d6:f5:78:7d:13:e8:11:32:80:1e:a2:8e:
d0:30:53:23:99:85:4e:b4:5a:8d:0d:77:9e:b6:8d:
cd:02:cd:cc:53:72:de:74:80:cf:09:e6:52:0d:f7:
b7:12:94:97:d8:2f:d0:8c:9d:d6:84:7b:17:7c:2c:
50:a5:b1:77:6c:80:2c:4f:2b:87:dc:fc:f9:1f:33:
07:e7:61:e3:77:72:5e:95:dc:f5:87:b9:2f:9b:1a:
e5:b2:58:0c:b4:a6:00:87:bd:7c:95:39:a1:0c:85:
78:20:f8:99:a6:94:54:33:2d:23:5e:f1:52:e6:df:
d8:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:C0:9C:31:F4:B7:1D:81:F2:37:75:E6:E1:1E:07:BF:3E:EC:7B:68
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CcCcMfS3HYHyN3Xm4R4Hvz7se2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:ea43:1::-2a0f:ea43:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
20:79:6b:12:1d:39:09:b0:47:53:1c:f2:ac:94:ac:ea:bd:3d:
9c:58:36:e1:cf:20:c4:c8:23:27:99:ad:59:ba:77:9f:7d:99:
b7:16:49:82:62:98:2f:54:fe:65:8f:d5:d1:f5:72:80:82:8d:
0a:0a:e3:d4:03:8d:0d:51:68:18:d5:62:f2:81:19:e5:c2:40:
99:62:13:eb:f5:78:56:be:ab:bf:b8:b5:ee:0d:cc:43:59:e5:
91:7d:21:56:e0:6f:fa:3d:0b:db:af:b7:51:ac:05:75:f3:a9:
25:69:52:9a:5a:5a:b3:5f:03:68:05:af:1b:32:93:7f:17:5b:
10:30:af:32:d2:50:e7:e5:20:88:7b:75:69:f3:77:62:53:04:
fb:fb:25:a9:bc:ac:27:bd:81:de:2a:be:f0:b6:1b:d2:6a:66:
d5:bc:99:39:d3:a5:cc:d0:3d:56:81:f5:46:9f:1b:ab:98:c6:
81:de:fb:e9:d2:ae:ed:10:a1:58:c9:67:e0:a8:df:c4:5c:be:
48:dc:8a:0d:52:b3:50:fa:cc:a2:23:19:a7:c2:83:ce:89:08:
cf:7d:43:6f:2e:72:5e:2d:13:25:a3:c3:8a:2e:e3:32:35:ae:
e2:82:46:d7:42:a1:26:0e:d8:a3:0d:a1:ac:fa:ac:33:ea:09:
8d:cb:06:ab
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZFCKKJSj9xOQ8Mughjrmqi+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwODExMTU1NzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWMwOWMzMWY0YjcxZDgxZjIzNzc1ZTZlMTFlMDdiZjNlZWM3YjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCOJkeSlsfz3582f/CpR5s/8bAbg
6VjtcLCOVWstzFhZ1i+a0jgww0a1G6hPAGNscpb+B3zogpU+6jsmyxlYXyA7CkRd
B3y/x+99KSSMqUOf5WzEwani74EBmmhAnhBal7+9ztyzRBXKvLUwZAM+6IOZ1tPJ
f64KVOW/vvUhQtQw5gK4w60Zvv/W9Xh9E+gRMoAeoo7QMFMjmYVOtFqNDXeeto3N
As3MU3LedIDPCeZSDfe3EpSX2C/QjJ3WhHsXfCxQpbF3bIAsTyuH3Pz5HzMH52Hj
d3Jeldz1h7kvmxrlslgMtKYAh718lTmhDIV4IPiZppRUMy0jXvFS5t/YTwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFAnAnDH0tx2B8jd15uEeB78+7HtoMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQ2NDY01mUzNIWUh5TjNYbTRSNEh2ejdzZTJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqD+pD
AAEDBwAqD+pDAAIwDQYJKoZIhvcNAQELBQADggEBACB5axIdOQmwR1Mc8qyUrOq9
PZxYNuHPIMTIIyeZrVm6d599mbcWSYJimC9U/mWP1dH1coCCjQoK49QDjQ1RaBjV
YvKBGeXCQJliE+v1eFa+q7+4te4NzENZ5ZF9IVbgb/o9C9uvt1GsBXXzqSVpUppa
WrNfA2gFrxsyk38XWxAwrzLSUOflIIh7dWnzd2JTBPv7Jam8rCe9gd4qvvC2G9Jq
ZtW8mTnTpczQPVaB9UafG6uYxoHe++nSru0QoVjJZ+Co38Rcvkjcig1Ss1D6zKIj
GafCg86JCM99Q28ucl4tEyWjw4ou4zI1ruKCRtdCoSYO2KMNoaz6rDPqCY3LBqs=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:00:42 2025 by rpki-client