Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Iha0rGTUt7Pt1ObPxTc9Ai9_1Fc.roa
File: Iha0rGTUt7Pt1ObPxTc9Ai9_1Fc.roa (raw, json)
Hash identifier: MuIofhDaTDEHVfPb+dgq70pAIvowysBwL8/P67DweWM=
Subject key identifier: 22:16:B4:AC:64:D4:B7:B3:ED:D4:E6:CF:C5:37:3D:02:2F:7F:D4:57
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018CC9BC26BAB1E65026554865F53B5D30A8
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Iha0rGTUt7Pt1ObPxTc9Ai9_1Fc.roa
Signing time: Tue 02 Jan 2024 10:33:20 +0000
ROA not before: Tue 02 Jan 2024 10:33:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 135073
IP address blocks: 2a0e:2240:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 12 Jan 2024 07:12:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:26:ba:b1:e6:50:26:55:48:65:f5:3b:5d:30:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 2 10:33:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2216b4ac64d4b7b3edd4e6cfc5373d022f7fd457
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:91:0b:a0:0c:7e:9f:6a:34:49:0f:6a:fa:27:
4b:d0:9e:1e:5d:13:21:db:bd:7e:59:04:7b:f0:75:
56:6e:8b:63:ee:44:09:d0:1e:f6:f4:df:b4:b9:da:
f9:62:0f:bf:24:be:0c:36:63:1e:cd:3b:97:ed:4e:
7a:16:59:2b:e6:a5:65:91:62:da:e7:e9:d1:c1:1f:
d8:17:cc:4d:7e:8d:99:62:82:fa:24:8d:ca:e0:44:
4e:13:81:e7:82:86:41:93:5d:38:93:f7:53:62:b5:
3f:de:15:9e:e2:d5:29:ae:ec:ff:9c:06:83:f9:21:
84:8a:bf:eb:ce:83:1b:7e:69:00:24:37:79:a5:44:
d8:32:97:4d:97:eb:fc:ca:8b:00:16:8b:dc:80:7b:
e8:45:3f:6f:9c:d7:3e:c2:8c:06:0a:10:39:b2:54:
dc:b2:22:8a:37:01:17:47:81:f5:e1:5a:e7:e4:5d:
59:d9:29:23:f1:88:b2:d8:fa:8a:40:a0:d5:9a:b2:
4f:a2:ad:e3:62:53:39:26:cc:b6:16:e4:74:95:76:
aa:1f:14:71:19:b2:42:f9:12:d0:61:59:f1:a6:9a:
7e:a8:42:ce:25:f5:f6:eb:b9:81:44:67:8f:b2:f3:
31:b9:f5:0e:51:56:22:00:ed:92:9d:18:17:4a:6c:
f9:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:16:B4:AC:64:D4:B7:B3:ED:D4:E6:CF:C5:37:3D:02:2F:7F:D4:57
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Iha0rGTUt7Pt1ObPxTc9Ai9_1Fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:2240:1::/48
Signature Algorithm: sha256WithRSAEncryption
99:55:89:00:0c:cf:e9:b9:01:45:a9:b0:96:d3:9a:d4:af:16:
68:1c:29:72:96:6a:c8:f2:67:2a:d9:e2:90:20:f1:f5:9a:53:
47:52:00:94:50:72:22:12:a0:c2:59:76:71:36:bd:8b:d9:f3:
2d:ed:89:0c:d4:6e:db:8d:c5:f6:49:f3:00:2d:08:1f:98:bf:
82:0c:05:26:5d:9d:8a:ae:be:f7:40:24:14:77:81:b8:4f:19:
65:04:69:db:a3:9b:9f:b1:25:9f:cc:4f:ab:cb:e4:26:d8:d5:
5b:c8:4e:9e:a8:e0:17:54:7c:36:d3:7e:ad:07:6f:63:13:1f:
6c:01:7c:27:2a:de:00:08:1a:49:0a:e6:5e:f0:84:8f:27:6d:
bc:33:06:f5:0f:f4:15:8b:4d:38:0e:3b:20:b9:8d:da:ef:87:
a9:63:9d:95:b4:47:dd:a9:2e:b4:5e:8d:2e:41:47:75:92:7f:
ba:60:62:ab:5a:b9:2c:1d:94:3f:04:57:98:ff:2f:6c:3f:1f:
d2:18:70:6f:9d:e2:80:55:91:f0:50:78:e4:00:34:1b:03:6a:
3d:d2:c6:8c:5e:7b:34:6f:0f:5e:e4:c4:94:12:0b:0b:7b:7a:
70:84:7e:70:d6:2b:d4:d9:b2:a4:5a:13:e3:e0:b8:34:bc:d9:
44:72:f0:d3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvCa6seZQJlVIZfU7XTCoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMTAyMTAzMzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjE2YjRhYzY0ZDRiN2IzZWRkNGU2Y2ZjNTM3M2QwMjJmN2ZkNDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJELoAx+n2o0SQ9q+idL0J4eXRMh
271+WQR78HVWbotj7kQJ0B729N+0udr5Yg+/JL4MNmMezTuX7U56Flkr5qVlkWLa
5+nRwR/YF8xNfo2ZYoL6JI3K4EROE4HngoZBk104k/dTYrU/3hWe4tUpruz/nAaD
+SGEir/rzoMbfmkAJDd5pUTYMpdNl+v8yosAFovcgHvoRT9vnNc+wowGChA5slTc
siKKNwEXR4H14Vrn5F1Z2Skj8Yiy2PqKQKDVmrJPoq3jYlM5Jsy2FuR0lXaqHxRx
GbJC+RLQYVnxppp+qELOJfX267mBRGePsvMxufUOUVYiAO2SnRgXSmz5/QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCIWtKxk1Lez7dTmz8U3PQIvf9RXMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSWhhMHJHVFV0N1B0MU9iUHhUYzlBaTlfMUZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg4iQAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQCZVYkADM/puQFFqbCW05rUrxZoHClylmrI8mcq
2eKQIPH1mlNHUgCUUHIiEqDCWXZxNr2L2fMt7YkM1G7bjcX2SfMALQgfmL+CDAUm
XZ2Krr73QCQUd4G4TxllBGnbo5ufsSWfzE+ry+Qm2NVbyE6eqOAXVHw2036tB29j
Ex9sAXwnKt4ACBpJCuZe8ISPJ228Mwb1D/QVi004DjsguY3a74epY52VtEfdqS60
Xo0uQUd1kn+6YGKrWrksHZQ/BFeY/y9sPx/SGHBvneKAVZHwUHjkADQbA2o90saM
Xns0bw9e5MSUEgsLe3pwhH5w1ivU2bKkWhPj4Lg0vNlEcvDT
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:01:35 2025 by rpki-client