Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/D-xtIBjqr76JZ96Jxgckr4edsR4.roa
File: D-xtIBjqr76JZ96Jxgckr4edsR4.roa (raw, json)
Hash identifier: 8RQwZaDeOHzy8zdajyrTgB7EHbpf6MKjNTlI5W5g3+Q=
Subject key identifier: 0F:EC:6D:20:18:EA:AF:BE:89:67:DE:89:C6:07:24:AF:87:9D:B1:1E
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018F78E0BF3CE7E8D656804003B4F83B1B05
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/D-xtIBjqr76JZ96Jxgckr4edsR4.roa
Signing time: Tue 14 May 2024 20:52:25 +0000
ROA not before: Tue 14 May 2024 20:52:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 152697
IP address blocks: 2a0e:9b00::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 17 Oct 2024 06:46:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:78:e0:bf:3c:e7:e8:d6:56:80:40:03:b4:f8:3b:1b:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 14 20:52:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fec6d2018eaafbe8967de89c60724af879db11e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a5:86:a5:58:c1:0d:0c:95:9f:ae:a7:a4:0f:
8f:14:15:79:53:e2:45:9a:be:72:b7:05:4b:4c:5c:
d0:a7:42:a6:82:bc:23:45:67:51:f7:db:c8:d7:64:
56:7d:38:3e:a1:8b:39:b7:62:fe:12:11:24:64:4a:
f8:17:e9:b4:ed:c3:b6:64:d7:34:67:37:91:dd:e8:
97:55:bd:49:67:e6:0a:cd:47:36:e3:06:16:32:5e:
d2:45:0a:cb:0a:36:3e:94:25:9d:43:3e:0a:6c:2c:
6b:33:03:98:56:aa:9e:f0:26:ee:30:3a:72:95:f6:
33:ef:9e:9b:96:f1:ee:f1:58:3b:4c:c0:ca:e4:6c:
6d:05:39:ad:80:1d:e9:e6:1f:d1:d6:3d:38:29:35:
9a:f5:d8:91:d4:b8:5a:39:01:91:5f:0a:5f:0f:57:
43:3e:94:4d:43:f5:5c:da:b8:d3:6e:f3:98:21:ad:
d5:e7:70:b4:d2:89:90:79:8d:6a:d9:d4:29:96:09:
1b:93:4b:1c:2d:3f:be:85:8f:58:3b:95:26:a7:ac:
46:e1:24:6f:86:a5:86:2e:e2:7b:8a:bd:79:c4:b4:
26:81:f7:94:9b:01:a5:f6:44:7a:03:0a:5c:56:74:
57:ec:ff:bc:2f:d2:7b:3a:4f:f3:ca:4f:27:14:7f:
6d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:EC:6D:20:18:EA:AF:BE:89:67:DE:89:C6:07:24:AF:87:9D:B1:1E
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/D-xtIBjqr76JZ96Jxgckr4edsR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:9b00::/29
Signature Algorithm: sha256WithRSAEncryption
ca:ed:1a:47:c4:8e:37:bc:70:2a:7c:b2:ea:53:dd:fe:7b:88:
84:51:85:f4:53:3a:90:b1:f0:cf:c1:61:e6:ab:e7:60:d3:a5:
ee:3c:dc:17:62:93:f7:89:d3:cc:e9:28:5c:35:e3:92:f5:3e:
48:31:3f:4d:89:ad:1b:d8:bb:69:91:61:13:9e:76:9c:90:e9:
85:8d:b4:00:15:fd:b3:56:39:89:ca:78:28:39:cf:30:36:cd:
10:a3:c8:40:cd:2e:bb:c6:90:2a:66:ec:c8:2e:16:c4:27:c7:
34:56:98:a1:c2:3a:a1:05:af:f7:82:75:35:e6:38:e2:f2:42:
28:8f:e0:4a:d7:11:54:f5:ad:77:f9:d2:14:3b:b4:e6:0f:13:
46:98:1a:11:7a:ce:1e:46:10:de:6a:c8:1c:c7:2c:06:f6:74:
dc:45:37:ce:ac:3e:91:28:4a:e3:ea:7d:79:74:9f:aa:08:03:
2b:38:5e:58:05:cd:f1:29:12:46:1f:87:1c:1c:a3:cc:20:f7:
4d:aa:3d:0d:23:57:f3:64:22:d0:af:20:20:28:0d:97:d2:c2:
91:d8:67:aa:62:5c:4f:e8:a0:b8:aa:ee:81:b3:4a:1f:be:89:
6a:4f:ee:e8:52:de:72:ed:f7:68:ca:7a:34:1e:e5:92:96:25:
79:40:08:c2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY944L885+jWVoBAA7T4OxsFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNTE0MjA1MjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmVjNmQyMDE4ZWFhZmJlODk2N2RlODljNjA3MjRhZjg3OWRiMTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaWGpVjBDQyVn66npA+PFBV5U+JF
mr5ytwVLTFzQp0KmgrwjRWdR99vI12RWfTg+oYs5t2L+EhEkZEr4F+m07cO2ZNc0
ZzeR3eiXVb1JZ+YKzUc24wYWMl7SRQrLCjY+lCWdQz4KbCxrMwOYVqqe8CbuMDpy
lfYz756blvHu8Vg7TMDK5GxtBTmtgB3p5h/R1j04KTWa9diR1LhaOQGRXwpfD1dD
PpRNQ/Vc2rjTbvOYIa3V53C00omQeY1q2dQplgkbk0scLT++hY9YO5Ump6xG4SRv
hqWGLuJ7ir15xLQmgfeUmwGl9kR6AwpcVnRX7P+8L9J7Ok/zyk8nFH9tIwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFA/sbSAY6q++iWfeicYHJK+HnbEeMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvRC14dElCanFyNzZKWjk2SnhnY2tyNGVkc1I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg6bADAN
BgkqhkiG9w0BAQsFAAOCAQEAyu0aR8SON7xwKnyy6lPd/nuIhFGF9FM6kLHwz8Fh
5qvnYNOl7jzcF2KT94nTzOkoXDXjkvU+SDE/TYmtG9i7aZFhE552nJDphY20ABX9
s1Y5icp4KDnPMDbNEKPIQM0uu8aQKmbsyC4WxCfHNFaYocI6oQWv94J1NeY44vJC
KI/gStcRVPWtd/nSFDu05g8TRpgaEXrOHkYQ3mrIHMcsBvZ03EU3zqw+kShK4+p9
eXSfqggDKzheWAXN8SkSRh+HHByjzCD3Tao9DSNX82Qi0K8gICgNl9LCkdhnqmJc
T+iguKrugbNKH76Jak/u6FLecu33aMp6NB7lkpYleUAIwg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:14:50 2025 by rpki-client