Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CjbzznyIegbtpjqLP0NWP3xJQzU.roa
File: CjbzznyIegbtpjqLP0NWP3xJQzU.roa (raw, json)
Hash identifier: 3sDlYNNdIObpAqRusTQN+yylXjYAAi8aKVuHI/aR7Dw=
Subject key identifier: 0A:36:F3:CE:7C:88:7A:06:ED:A6:3A:8B:3F:43:56:3F:7C:49:43:35
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01925811B793D949BD494DED4B5BA899DAAE
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CjbzznyIegbtpjqLP0NWP3xJQzU.roa
Signing time: Fri 04 Oct 2024 15:06:48 +0000
ROA not before: Fri 04 Oct 2024 15:06:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21738
IP address blocks: 2a0e:e980::/29 maxlen: 29
2a0f:140::/29 maxlen: 29
2a0f:e740::/29 maxlen: 29
2a10:5200::/29 maxlen: 29
2a10:6f00::/29 maxlen: 29
2a10:7100::/29 maxlen: 29
2a10:7300::/29 maxlen: 29
2a10:7f00::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 11 Oct 2024 15:59:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:58:11:b7:93:d9:49:bd:49:4d:ed:4b:5b:a8:99:da:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 4 15:06:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a36f3ce7c887a06eda63a8b3f43563f7c494335
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:db:9a:05:5a:34:0c:62:16:d2:4d:22:b6:70:
d6:19:22:37:29:98:d8:e1:b1:b0:c5:1b:cf:d8:fb:
47:da:6c:51:aa:91:2e:e2:a6:16:26:43:68:11:b3:
30:6b:c5:b5:db:f1:c1:f4:c6:ba:4c:d3:97:77:33:
b0:ed:c5:dc:21:d9:76:a0:86:0c:82:6b:f3:bc:cf:
d1:1d:29:29:df:31:04:95:c9:e7:cc:df:cb:64:94:
9d:3e:67:aa:37:c7:83:ca:8a:db:05:58:bf:c3:b1:
ee:89:2f:ad:a8:b2:0e:75:77:28:03:db:5b:53:df:
a1:16:6e:4e:80:0e:f5:c2:f2:ca:af:21:08:f0:42:
ad:9c:37:3d:ec:c2:7f:67:8b:20:b1:d2:6e:f2:04:
21:9a:99:23:f7:d8:e9:a8:35:cc:40:15:1c:bd:f6:
9e:47:b0:0d:3b:1d:df:f5:62:dd:24:cf:01:ed:ce:
f4:3f:1d:5b:87:5e:09:2c:69:1f:63:54:d1:e2:59:
1f:31:95:09:76:a6:d1:00:bd:40:1e:18:c1:f1:5f:
75:cc:e5:30:14:6e:f1:5e:44:ad:b2:43:ba:39:f3:
b4:80:d1:5c:fd:ec:32:49:94:15:31:29:8e:56:ae:
19:f4:6c:bf:27:d6:cd:2b:39:20:20:cb:9a:a9:e7:
e0:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:36:F3:CE:7C:88:7A:06:ED:A6:3A:8B:3F:43:56:3F:7C:49:43:35
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CjbzznyIegbtpjqLP0NWP3xJQzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:e980::/29
2a0f:140::/29
2a0f:e740::/29
2a10:5200::/29
2a10:6f00::/29
2a10:7100::/29
2a10:7300::/29
2a10:7f00::/29
Signature Algorithm: sha256WithRSAEncryption
76:3e:de:b0:08:53:b4:bc:3b:ec:b5:fb:4a:6f:a1:a0:da:7d:
39:9b:49:99:2c:1a:98:15:c6:df:3f:92:36:50:ad:40:7d:66:
5c:2e:61:e5:91:90:c0:a4:c1:d9:e6:6b:cc:40:2d:3a:aa:c6:
23:f8:18:c6:21:f1:43:3c:1c:71:b0:54:99:f1:91:e0:56:2a:
48:f1:3e:22:dc:3f:c0:ef:02:a4:89:8e:2a:7e:da:41:ad:85:
37:9b:a8:04:e8:0d:30:89:94:d6:e6:bd:fd:f6:c6:48:1e:aa:
a9:7d:ce:e3:c3:38:ec:c2:9b:ba:1f:8f:39:6b:49:58:47:df:
82:fb:45:47:f4:f3:91:92:85:d8:38:43:73:85:7d:80:18:b2:
68:92:55:61:e2:98:9f:d5:4c:eb:f3:b4:2d:25:30:78:77:ef:
7e:6d:c5:7f:31:15:52:9f:f6:5c:86:bb:cc:26:e7:66:41:14:
91:d9:5a:82:c3:f8:4d:1c:2f:c1:55:84:04:45:a1:64:bc:5b:
f2:0d:07:f1:8c:b5:5d:19:61:ba:ed:ad:e0:9a:13:c8:21:0d:
33:ab:3e:c6:bd:10:fc:18:79:ca:45:74:0f:44:a6:fe:9a:83:
17:fd:94:f9:ca:90:19:c1:1c:f8:62:8f:95:a6:d0:22:33:a3:
00:de:b0:6d
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZJYEbeT2Um9SU3tS1uomdquMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMDA0MTUwNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTM2ZjNjZTdjODg3YTA2ZWRhNjNhOGIzZjQzNTYzZjdjNDk0MzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9uaBVo0DGIW0k0itnDWGSI3KZjY
4bGwxRvP2PtH2mxRqpEu4qYWJkNoEbMwa8W12/HB9Ma6TNOXdzOw7cXcIdl2oIYM
gmvzvM/RHSkp3zEElcnnzN/LZJSdPmeqN8eDyorbBVi/w7HuiS+tqLIOdXcoA9tb
U9+hFm5OgA71wvLKryEI8EKtnDc97MJ/Z4sgsdJu8gQhmpkj99jpqDXMQBUcvfae
R7ANOx3f9WLdJM8B7c70Px1bh14JLGkfY1TR4lkfMZUJdqbRAL1AHhjB8V91zOUw
FG7xXkStskO6OfO0gNFc/ewySZQVMSmOVq4Z9Gy/J9bNKzkgIMuaqefgkQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFAo28858iHoG7aY6iz9DVj98SUM1MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQ2pienpueUllZ2J0cGpxTFAwTldQM3hKUXpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUDKg7pgAMF
AyoPAUADBQMqD+dAAwUDKhBSAAMFAyoQbwADBQMqEHEAAwUDKhBzAAMFAyoQfwAw
DQYJKoZIhvcNAQELBQADggEBAHY+3rAIU7S8O+y1+0pvoaDafTmbSZksGpgVxt8/
kjZQrUB9ZlwuYeWRkMCkwdnma8xALTqqxiP4GMYh8UM8HHGwVJnxkeBWKkjxPiLc
P8DvAqSJjip+2kGthTebqAToDTCJlNbmvf32xkgeqql9zuPDOOzCm7ofjzlrSVhH
34L7RUf085GShdg4Q3OFfYAYsmiSVWHimJ/VTOvztC0lMHh3735txX8xFVKf9lyG
u8wm52ZBFJHZWoLD+E0cL8FVhARFoWS8W/INB/GMtV0ZYbrtreCaE8ghDTOrPsa9
EPwYecpFdA9Epv6agxf9lPnKkBnBHPhij5Wm0CIzowDesG0=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:13:13 2025 by rpki-client