Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Itgz3vX_yUL4sqdXOealfyu_MyQ.roa
File: Itgz3vX_yUL4sqdXOealfyu_MyQ.roa (raw, json)
Hash identifier: v2I14OcYQV7aYmunG5feyhHH7Vpy9ixN++PG9cWxUnE=
Subject key identifier: 22:D8:33:DE:F5:FF:C9:42:F8:B2:A7:57:39:E6:A5:7F:2B:BF:33:24
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019390964F709D7A73D624CFA88CA17B650B
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Itgz3vX_yUL4sqdXOealfyu_MyQ.roa
Signing time: Wed 04 Dec 2024 07:33:10 +0000
ROA not before: Wed 04 Dec 2024 07:33:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54852
IP address blocks: 2a0e:8880::/29 maxlen: 29
2a11:7440::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 09 Dec 2024 12:37:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:90:96:4f:70:9d:7a:73:d6:24:cf:a8:8c:a1:7b:65:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 4 07:33:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22d833def5ffc942f8b2a75739e6a57f2bbf3324
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:7c:97:45:02:9a:04:e3:4a:83:77:c0:1c:57:
64:61:d4:4a:0b:b0:fd:fd:2e:11:ac:2b:51:1a:48:
a6:23:b4:d7:b9:e6:13:3c:8c:0b:10:9f:cc:a1:b0:
3e:4f:05:6a:33:42:88:86:bd:d8:be:c7:88:b8:d1:
b5:79:af:8a:5c:cc:d5:00:f4:b4:1a:04:68:14:ce:
d6:7c:f4:e7:7e:a9:50:81:ef:55:d9:72:c9:8e:f8:
60:7d:0c:44:e0:d7:23:f3:dc:3c:f2:33:88:1c:08:
61:f3:d9:46:d0:e3:9f:1d:08:1b:e0:88:ea:66:d6:
ae:4b:ff:84:69:52:20:b1:20:2a:c7:f0:3c:16:20:
1a:65:8e:72:54:32:04:0b:84:cb:f1:84:b2:c2:f6:
43:97:79:df:9e:29:cd:28:86:8f:bb:44:29:7b:49:
63:a0:7d:5a:58:90:08:4f:d9:be:e9:15:fc:db:ea:
e3:f6:f8:cf:41:9d:a9:60:fa:bc:41:8e:63:36:45:
a2:21:ba:8d:4e:df:77:66:cb:8a:a7:84:bb:8b:c7:
c8:2d:5b:71:f8:20:94:a3:0c:9b:58:4e:08:6c:1f:
8a:a4:b7:52:97:99:fb:a7:65:fb:ee:f0:c5:15:20:
d7:6c:01:f2:ca:94:33:ed:da:e7:d7:80:2f:cd:54:
5f:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:D8:33:DE:F5:FF:C9:42:F8:B2:A7:57:39:E6:A5:7F:2B:BF:33:24
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Itgz3vX_yUL4sqdXOealfyu_MyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8880::/29
2a11:7440::/29
Signature Algorithm: sha256WithRSAEncryption
cc:6a:76:e9:17:29:1c:fd:b7:80:71:78:36:6f:8c:37:e3:f5:
61:d6:37:90:b6:d3:24:d3:b1:03:18:c4:a0:58:a0:44:82:f2:
44:27:da:40:b0:44:18:ce:2f:7f:e1:83:3b:80:ad:e5:1d:d1:
7b:52:3a:c3:5c:18:23:de:5d:01:3e:cf:7e:50:d5:33:34:f5:
4f:a0:e6:6d:e7:28:04:58:97:50:db:22:24:2c:ef:ef:63:36:
aa:8a:61:63:61:df:a6:91:ab:7d:c7:3f:a2:ba:04:b1:ae:05:
a1:00:ee:1e:5a:6b:55:2d:3a:6c:21:d7:43:ab:aa:18:b9:34:
fa:77:2c:f2:36:98:75:c9:6f:ed:dd:8f:89:c7:47:70:7f:9f:
98:d1:28:fd:74:58:5d:f0:3b:e4:4f:9c:f8:af:f0:68:b6:48:
9c:dd:32:c8:04:6b:bd:5f:87:de:99:1a:7a:39:80:3c:f3:a7:
d1:b2:30:44:55:b2:e4:45:8e:6f:cf:08:9f:cd:8c:be:3d:ee:
16:71:e9:72:de:d9:0e:be:0d:0c:23:5a:81:13:f3:56:28:39:
a3:3c:53:91:3f:27:79:59:6e:7d:63:cc:58:8d:9a:e1:f3:2f:
35:35:04:7a:d8:75:14:ad:71:43:2f:1a:5a:d3:31:cd:9d:e8:
c7:c8:05:78
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZOQlk9wnXpz1iTPqIyhe2ULMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMjA0MDczMzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmQ4MzNkZWY1ZmZjOTQyZjhiMmE3NTczOWU2YTU3ZjJiYmYzMzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXyXRQKaBONKg3fAHFdkYdRKC7D9
/S4RrCtRGkimI7TXueYTPIwLEJ/MobA+TwVqM0KIhr3YvseIuNG1ea+KXMzVAPS0
GgRoFM7WfPTnfqlQge9V2XLJjvhgfQxE4Ncj89w88jOIHAhh89lG0OOfHQgb4Ijq
ZtauS/+EaVIgsSAqx/A8FiAaZY5yVDIEC4TL8YSywvZDl3nfninNKIaPu0Qpe0lj
oH1aWJAIT9m+6RX82+rj9vjPQZ2pYPq8QY5jNkWiIbqNTt93ZsuKp4S7i8fILVtx
+CCUowybWE4IbB+KpLdSl5n7p2X77vDFFSDXbAHyypQz7drn14AvzVRf3wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCLYM971/8lC+LKnVznmpX8rvzMkMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSXRnejN2WF95VUw0c3FkWE9lYWxmeXVfTXlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKg6IgAMF
AyoRdEAwDQYJKoZIhvcNAQELBQADggEBAMxqdukXKRz9t4BxeDZvjDfj9WHWN5C2
0yTTsQMYxKBYoESC8kQn2kCwRBjOL3/hgzuAreUd0XtSOsNcGCPeXQE+z35Q1TM0
9U+g5m3nKARYl1DbIiQs7+9jNqqKYWNh36aRq33HP6K6BLGuBaEA7h5aa1UtOmwh
10Orqhi5NPp3LPI2mHXJb+3dj4nHR3B/n5jRKP10WF3wO+RPnPiv8Gi2SJzdMsgE
a71fh96ZGno5gDzzp9GyMERVsuRFjm/PCJ/NjL497hZx6XLe2Q6+DQwjWoET81Yo
OaM8U5E/J3lZbn1jzFiNmuHzLzU1BHrYdRStcUMvGlrTMc2d6MfIBXg=
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:40:11 2025 by rpki-client