Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CtYnH23N4Fczd-HFqReIJwS_Y5k.roa
File: CtYnH23N4Fczd-HFqReIJwS_Y5k.roa (raw, json)
Hash identifier: aHQfybGIDO026xlo+KFDzMdjfzg+C2pHSV5su7I2UYs=
Subject key identifier: 0A:D6:27:1F:6D:CD:E0:57:33:77:E1:C5:A9:17:88:27:04:BF:63:99
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019444D7C5D950774B881F21F25A1D8D4433
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CtYnH23N4Fczd-HFqReIJwS_Y5k.roa
Signing time: Wed 08 Jan 2025 07:36:19 +0000
ROA not before: Wed 08 Jan 2025 07:36:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54852
IP address blocks: 2a0f:1640::/29 maxlen: 29
2a0f:18c0::/29 maxlen: 29
2a0f:2a40::/29 maxlen: 29
2a0f:3140::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 15 Jan 2025 08:40:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:44:d7:c5:d9:50:77:4b:88:1f:21:f2:5a:1d:8d:44:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 8 07:36:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0ad6271f6dcde0573377e1c5a917882704bf6399
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:70:7b:59:c6:5c:a0:82:e1:34:59:48:bd:9a:
15:c6:4c:fe:06:ef:5f:81:37:0f:d3:64:d8:71:6d:
f4:c4:88:0b:68:51:cc:9f:68:3b:d3:4c:8d:40:af:
98:94:0b:cf:1a:58:89:8c:c7:e3:d9:6f:14:2d:dd:
58:ac:02:a0:24:fc:d7:b8:21:9a:cf:44:c5:52:38:
ea:95:6b:47:e7:9c:52:36:ab:8c:e5:2f:74:14:a8:
18:94:4d:7f:e8:0d:16:1b:2e:db:f0:47:c1:85:4a:
19:c6:22:26:0d:91:46:54:1a:8b:3b:a8:ad:b5:04:
43:c6:dd:da:2e:05:c9:7f:1d:34:d3:6a:b2:17:6b:
20:93:31:b3:c0:91:be:08:31:38:76:99:a3:80:1c:
39:e0:82:95:e9:89:a8:8a:1c:01:bc:10:bf:32:fe:
9f:a6:fd:d2:5a:98:fd:d2:26:3a:c0:f8:77:ca:87:
a7:46:58:f3:36:f3:62:95:79:3f:5c:f8:a9:0d:96:
ba:93:da:a3:99:fc:76:00:de:8f:b1:4a:8b:b4:c7:
6d:b6:65:51:4c:f6:c8:07:eb:0d:2c:72:1f:d6:e7:
0d:aa:b2:18:24:b4:c0:24:39:6a:d9:4f:23:f2:cd:
5c:6a:00:c5:e7:72:0f:63:4b:67:be:07:39:4c:63:
84:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:D6:27:1F:6D:CD:E0:57:33:77:E1:C5:A9:17:88:27:04:BF:63:99
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CtYnH23N4Fczd-HFqReIJwS_Y5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1640::/29
2a0f:18c0::/29
2a0f:2a40::/29
2a0f:3140::/29
Signature Algorithm: sha256WithRSAEncryption
48:c3:86:69:43:88:c5:50:af:fd:9c:8a:38:75:fb:4c:01:5b:
8e:fe:25:92:74:84:61:ab:97:43:28:59:55:fc:9e:28:3d:94:
56:88:77:b6:4a:ed:50:e7:49:e3:78:d7:a8:26:44:c9:05:93:
20:04:fa:34:4b:d1:80:8e:b1:fc:a0:3d:cf:f4:cb:76:60:0e:
df:d1:3d:7a:cf:3f:c5:81:3a:93:b9:42:45:d9:35:9f:12:30:
aa:70:21:0d:ad:9c:c1:55:98:38:1e:f0:5b:f4:c1:c9:d7:46:
a9:f5:9e:71:1e:5e:7f:c1:df:78:0a:f8:d0:b3:65:5b:eb:2a:
db:cf:dc:9a:f0:01:eb:a8:8c:a9:79:a7:9c:a9:ad:c0:71:c4:
a6:16:b6:4e:64:10:05:e5:d5:b8:d5:76:e5:f8:91:66:76:b6:
53:f1:ac:5e:3a:5e:7f:ed:26:d3:8f:a9:af:84:50:df:3b:d1:
98:47:74:da:bf:75:07:1b:1a:dc:96:12:9c:26:69:b3:95:a7:
ce:5d:d5:70:c0:a0:09:ab:58:6d:ed:a6:25:db:29:f5:df:99:
bb:11:e0:3f:fb:ad:f7:f4:f3:7f:26:77:ff:ce:eb:16:f0:9a:
16:4f:a4:de:d3:9c:f4:d2:0e:6f:db:e6:78:50:d8:91:e9:7c:
c7:d6:f1:d4
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZRE18XZUHdLiB8h8lodjUQzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMTA4MDczNjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWQ2MjcxZjZkY2RlMDU3MzM3N2UxYzVhOTE3ODgyNzA0YmY2Mzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23B7WcZcoILhNFlIvZoVxkz+Bu9f
gTcP02TYcW30xIgLaFHMn2g700yNQK+YlAvPGliJjMfj2W8ULd1YrAKgJPzXuCGa
z0TFUjjqlWtH55xSNquM5S90FKgYlE1/6A0WGy7b8EfBhUoZxiImDZFGVBqLO6it
tQRDxt3aLgXJfx0002qyF2sgkzGzwJG+CDE4dpmjgBw54IKV6YmoihwBvBC/Mv6f
pv3SWpj90iY6wPh3yoenRljzNvNilXk/XPipDZa6k9qjmfx2AN6PsUqLtMdttmVR
TPbIB+sNLHIf1ucNqrIYJLTAJDlq2U8j8s1cagDF53IPY0tnvgc5TGOEYwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFArWJx9tzeBXM3fhxakXiCcEv2OZMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQ3RZbkgyM040RmN6ZC1IRnFSZUlKd1NfWTVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKg8WQAMF
AyoPGMADBQMqDypAAwUDKg8xQDANBgkqhkiG9w0BAQsFAAOCAQEASMOGaUOIxVCv
/ZyKOHX7TAFbjv4lknSEYauXQyhZVfyeKD2UVoh3tkrtUOdJ43jXqCZEyQWTIAT6
NEvRgI6x/KA9z/TLdmAO39E9es8/xYE6k7lCRdk1nxIwqnAhDa2cwVWYOB7wW/TB
yddGqfWecR5ef8HfeAr40LNlW+sq28/cmvAB66iMqXmnnKmtwHHEpha2TmQQBeXV
uNV25fiRZna2U/GsXjpef+0m04+pr4RQ3zvRmEd02r91Bxsa3JYSnCZps5Wnzl3V
cMCgCatYbe2mJdsp9d+ZuxHgP/ut9/TzfyZ3/87rFvCaFk+k3tOc9NIOb9vmeFDY
kel8x9bx1A==
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:13:16 2025 by rpki-client