Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/I_pWtLtjI1gH6EtasX245BJIf5w.roa
File: I_pWtLtjI1gH6EtasX245BJIf5w.roa (raw, json)
Hash identifier: scxPdjBHofyXMVBEvwZs+m6J2uYwBgQ4jzYA0exJOSk=
Subject key identifier: 23:FA:56:B4:BB:63:23:58:07:E8:4B:5A:B1:7D:B8:E4:12:48:7F:9C
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01918970E4FA5B61C8F241DC2D9455807B38
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/I_pWtLtjI1gH6EtasX245BJIf5w.roa
Signing time: Sun 25 Aug 2024 12:09:22 +0000
ROA not before: Sun 25 Aug 2024 12:09:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 2a07:8a40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 27 Aug 2024 09:22:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:89:70:e4:fa:5b:61:c8:f2:41:dc:2d:94:55:80:7b:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 25 12:09:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23fa56b4bb63235807e84b5ab17db8e412487f9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:c8:ad:1c:16:93:15:02:4c:f0:7a:dc:ed:65:
9a:01:cb:40:92:7f:e7:a9:be:6b:5b:26:22:f8:b7:
b1:4e:aa:c4:5d:96:19:9d:88:ca:61:ed:90:ab:32:
6f:b2:4d:d5:ef:06:71:53:1e:b3:fa:2c:50:78:6c:
16:9a:33:d4:6e:7f:30:1c:0d:b8:6c:84:c9:6c:ce:
6b:02:0b:1b:f0:cf:a7:ec:59:cf:49:bb:c4:7a:ea:
83:64:b1:bf:2a:53:fc:4b:41:02:a5:8e:a8:7e:17:
e6:d2:25:4f:26:2d:f4:80:91:ef:00:50:df:74:73:
4b:2d:02:cc:56:c6:c4:b4:ec:75:37:7b:ca:c6:35:
10:0b:ae:d7:d0:c8:53:75:31:75:7d:1e:e7:54:a3:
68:66:ff:7d:1e:42:54:ca:1d:a7:17:58:24:f8:9f:
98:57:2f:0e:36:34:e4:2b:ce:98:0e:50:64:a2:4f:
ae:6a:0c:d9:85:6f:76:d9:e7:18:1f:43:6b:43:10:
e1:77:a4:a2:da:86:1a:17:84:2f:fb:50:2d:15:35:
5a:b3:2c:67:cb:81:65:2c:93:a8:ae:08:4c:f4:04:
bc:51:90:79:8b:92:01:8f:44:37:95:21:02:26:2d:
3e:57:03:e8:21:cb:33:4d:85:e3:37:9b:7e:36:03:
27:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:FA:56:B4:BB:63:23:58:07:E8:4B:5A:B1:7D:B8:E4:12:48:7F:9C
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/I_pWtLtjI1gH6EtasX245BJIf5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:8a40::/29
Signature Algorithm: sha256WithRSAEncryption
5c:75:4f:58:85:9a:e5:30:5e:fa:d6:a5:d4:c7:e0:b3:01:b0:
03:6b:fc:82:c6:15:7a:5d:36:44:59:d5:eb:27:26:8c:2d:b7:
9a:3e:70:74:85:a0:22:ac:15:d0:aa:91:69:a9:2a:cc:2f:5e:
76:09:f8:c6:8f:db:ee:a3:94:c8:62:45:0b:7e:75:98:75:f3:
a2:4a:c5:29:8f:3e:4b:7e:95:40:ac:02:e9:96:28:4f:4c:7b:
10:c9:13:14:77:4f:89:a6:21:d9:43:4c:45:ee:7f:fb:4d:3f:
d4:08:22:c3:e0:ac:37:03:09:9a:cc:30:e1:32:47:83:0a:d5:
bb:2d:c2:76:22:5d:9c:6a:72:22:8d:b4:f9:c1:97:6f:8f:58:
70:6a:d9:77:2c:e5:3c:2f:75:32:73:27:2c:d2:98:a3:e0:ce:
80:4f:4d:1c:07:4d:44:88:cc:ef:7b:71:48:50:3f:5b:38:16:
14:30:19:59:f0:05:50:62:b6:7c:1c:e7:03:a2:f9:88:11:a3:
eb:9e:02:05:76:e1:93:22:21:90:f2:08:de:33:f9:5e:7b:48:
2f:9f:c9:2e:cd:51:23:65:d9:fd:36:d8:08:b9:26:93:e3:4e:
60:75:03:1d:6c:12:0c:3f:14:63:b6:de:bf:0f:12:94:d9:16:
96:63:f6:78
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZGJcOT6W2HI8kHcLZRVgHs4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwODI1MTIwOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2ZhNTZiNGJiNjMyMzU4MDdlODRiNWFiMTdkYjhlNDEyNDg3ZjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0citHBaTFQJM8Hrc7WWaActAkn/n
qb5rWyYi+LexTqrEXZYZnYjKYe2QqzJvsk3V7wZxUx6z+ixQeGwWmjPUbn8wHA24
bITJbM5rAgsb8M+n7FnPSbvEeuqDZLG/KlP8S0ECpY6ofhfm0iVPJi30gJHvAFDf
dHNLLQLMVsbEtOx1N3vKxjUQC67X0MhTdTF1fR7nVKNoZv99HkJUyh2nF1gk+J+Y
Vy8ONjTkK86YDlBkok+uagzZhW922ecYH0NrQxDhd6Si2oYaF4Qv+1AtFTVasyxn
y4FlLJOorghM9AS8UZB5i5IBj0Q3lSECJi0+VwPoIcszTYXjN5t+NgMnpQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCP6VrS7YyNYB+hLWrF9uOQSSH+cMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSV9wV3RMdGpJMWdINkV0YXNYMjQ1QkpJZjV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgeKQDAN
BgkqhkiG9w0BAQsFAAOCAQEAXHVPWIWa5TBe+tal1MfgswGwA2v8gsYVel02RFnV
6ycmjC23mj5wdIWgIqwV0KqRaakqzC9edgn4xo/b7qOUyGJFC351mHXzokrFKY8+
S36VQKwC6ZYoT0x7EMkTFHdPiaYh2UNMRe5/+00/1Agiw+CsNwMJmsww4TJHgwrV
uy3CdiJdnGpyIo20+cGXb49YcGrZdyzlPC91MnMnLNKYo+DOgE9NHAdNRIjM73tx
SFA/WzgWFDAZWfAFUGK2fBznA6L5iBGj654CBXbhkyIhkPII3jP5XntIL5/JLs1R
I2XZ/TbYCLkmk+NOYHUDHWwSDD8UY7bevw8SlNkWlmP2eA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:25:50 2025 by rpki-client