Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/GhUm3uTxwJf2tmxsYPqeadtyOTI.roa
File: GhUm3uTxwJf2tmxsYPqeadtyOTI.roa (raw, json)
Hash identifier: /p3fcPnuK9eUS+0gMaH7DDlJbITrdKDB242k2P5F700=
Subject key identifier: 1A:15:26:DE:E4:F1:C0:97:F6:B6:6C:6C:60:FA:9E:69:DB:72:39:32
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0190B1D12A42EB86D73F589D57FF100D7594
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/GhUm3uTxwJf2tmxsYPqeadtyOTI.roa
Signing time: Sun 14 Jul 2024 15:16:33 +0000
ROA not before: Sun 14 Jul 2024 15:16:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 2a0e:15c0:5::/48 maxlen: 48
2a0f:2d80:1292::/48 maxlen: 48
2a0f:3d80:bac::/48 maxlen: 48
2a0f:bc00:a1c4::/48 maxlen: 48
2a0f:e7c5:98bc::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Aug 2024 08:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b1:d1:2a:42:eb:86:d7:3f:58:9d:57:ff:10:0d:75:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 14 15:16:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a1526dee4f1c097f6b66c6c60fa9e69db723932
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:58:98:47:1d:df:09:f7:3c:e8:e3:be:47:49:
8d:65:2f:d3:76:92:0f:35:59:62:f6:21:42:63:8b:
45:91:07:db:86:38:09:94:1c:2f:b8:58:1e:89:80:
66:a4:66:f1:8b:a5:17:02:81:59:3a:99:6b:d0:fa:
93:d5:9c:d0:0b:60:02:4f:d4:8f:30:8a:10:c2:f2:
44:05:d3:68:1f:ae:28:aa:7e:26:d7:92:f3:17:03:
72:f7:ff:12:e9:36:93:e5:86:f0:08:a5:2c:32:02:
b8:22:1d:5c:c7:30:4a:00:06:8f:63:8e:f7:fc:ba:
c3:44:e8:9e:d3:27:ac:1d:7c:b7:28:cd:a0:18:e8:
98:30:11:26:a0:7e:ef:b8:97:dd:49:5b:8a:8e:2f:
29:0f:15:a7:81:98:e0:a7:a7:5f:6f:40:d9:81:53:
c8:e4:a7:7c:49:34:e2:0d:6d:88:36:6e:79:d0:be:
49:07:bc:82:15:40:2a:a9:aa:5a:fa:fa:2a:56:0f:
ea:af:4b:84:86:16:c2:99:0c:56:f9:29:f9:0c:88:
a2:47:f1:41:97:32:2c:6b:30:77:ec:a7:67:44:00:
2c:9c:b9:b2:39:63:49:92:fb:07:63:a8:39:0c:b1:
14:d4:cc:9e:96:4a:66:83:86:6d:af:78:87:ca:5a:
c1:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:15:26:DE:E4:F1:C0:97:F6:B6:6C:6C:60:FA:9E:69:DB:72:39:32
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/GhUm3uTxwJf2tmxsYPqeadtyOTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:15c0:5::/48
2a0f:2d80:1292::/48
2a0f:3d80:bac::/48
2a0f:bc00:a1c4::/48
2a0f:e7c5:98bc::/48
Signature Algorithm: sha256WithRSAEncryption
2a:2c:d2:38:9e:3f:77:8b:e8:ca:8a:80:bb:f5:56:8e:40:84:
2a:6b:35:24:f7:81:21:89:e8:de:db:3d:6e:4f:5e:ae:9d:76:
97:7a:a6:83:e7:cd:42:7c:35:fa:5d:0a:49:10:ca:6d:68:72:
ae:7d:d6:0d:72:f8:fc:c7:aa:cf:16:69:63:45:95:94:11:50:
a9:20:39:bd:83:37:f3:9e:8c:24:d1:11:9e:26:ef:c9:1f:39:
be:64:67:2e:a3:8f:7a:d7:ea:c0:9c:e0:f2:6b:b7:fb:33:15:
5e:f3:38:b7:da:bc:63:6b:6b:88:1b:da:65:fa:5a:d6:c6:42:
64:36:99:97:8e:72:27:34:0b:4d:ca:de:b9:6e:3a:6d:b7:c8:
37:e3:99:1b:d3:ea:a7:db:2c:96:2a:94:64:5b:b8:5a:b9:09:
da:27:b3:a9:c3:23:77:bd:69:fb:99:6a:bf:de:0b:fc:2f:1e:
53:d6:38:7a:41:90:4d:00:6d:37:4c:ad:75:fd:69:54:ee:dd:
b8:5a:d4:26:42:d5:fe:42:44:3f:0f:3b:d8:ad:09:35:f2:71:
33:c2:de:51:f6:63:99:36:5f:9f:fb:ee:0f:ff:69:27:e8:7f:
23:49:16:4e:62:61:b0:a4:ce:1a:96:f4:87:af:13:32:24:53:
55:02:c3:9f
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZCx0SpC64bXP1idV/8QDXWUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNzE0MTUxNjMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTE1MjZkZWU0ZjFjMDk3ZjZiNjZjNmM2MGZhOWU2OWRiNzIzOTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFiYRx3fCfc86OO+R0mNZS/TdpIP
NVli9iFCY4tFkQfbhjgJlBwvuFgeiYBmpGbxi6UXAoFZOplr0PqT1ZzQC2ACT9SP
MIoQwvJEBdNoH64oqn4m15LzFwNy9/8S6TaT5YbwCKUsMgK4Ih1cxzBKAAaPY473
/LrDROie0yesHXy3KM2gGOiYMBEmoH7vuJfdSVuKji8pDxWngZjgp6dfb0DZgVPI
5Kd8STTiDW2INm550L5JB7yCFUAqqapa+voqVg/qr0uEhhbCmQxW+Sn5DIiiR/FB
lzIsazB37KdnRAAsnLmyOWNJkvsHY6g5DLEU1Myelkpmg4Ztr3iHylrBvwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFBoVJt7k8cCX9rZsbGD6nmnbcjkyMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvR2hVbTN1VHh3SmYydG14c1lQcWVhZHR5T1RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAAjAtAwcAKg4VwAAF
AwcAKg8tgBKSAwcAKg89gAusAwcAKg+8AKHEAwcAKg/nxZi8MA0GCSqGSIb3DQEB
CwUAA4IBAQAqLNI4nj93i+jKioC79VaOQIQqazUk94Ehieje2z1uT16unXaXeqaD
581CfDX6XQpJEMptaHKufdYNcvj8x6rPFmljRZWUEVCpIDm9gzfznowk0RGeJu/J
Hzm+ZGcuo4961+rAnODya7f7MxVe8zi32rxja2uIG9pl+lrWxkJkNpmXjnInNAtN
yt65bjptt8g345kb0+qn2yyWKpRkW7hauQnaJ7OpwyN3vWn7mWq/3gv8Lx5T1jh6
QZBNAG03TK11/WlU7t24WtQmQtX+QkQ/DzvYrQk18nEzwt5R9mOZNl+f++4P/2kn
6H8jSRZOYmGwpM4alvSHrxMyJFNVAsOf
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:34:50 2025 by rpki-client