Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/KDwz6skmbODmhxyQrbGottVLTUk.roa
File: KDwz6skmbODmhxyQrbGottVLTUk.roa (raw, json)
Hash identifier: 5OAt3vBiGMOSgRhDUwi8pD0XT0M7OjNAwEbOYDLtlhw=
Subject key identifier: 28:3C:33:EA:C9:26:6C:E0:E6:87:1C:90:AD:B1:A8:B6:D5:4B:4D:49
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0191A208FA356C4FADD94EC9FD8168180CE2
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/KDwz6skmbODmhxyQrbGottVLTUk.roa
Signing time: Fri 30 Aug 2024 06:46:22 +0000
ROA not before: Fri 30 Aug 2024 06:46:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214466
IP address blocks: 2a0a:2d06:66::/48 maxlen: 48
2a0f:1203::/32 maxlen: 32
2a0f:ee00::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 02 Sep 2024 15:18:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a2:08:fa:35:6c:4f:ad:d9:4e:c9:fd:81:68:18:0c:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 30 06:46:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=283c33eac9266ce0e6871c90adb1a8b6d54b4d49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:4f:d6:c0:14:7f:47:33:ae:c4:81:22:68:39:
03:8c:ed:6d:0d:5a:a1:f8:c1:ec:05:9f:59:98:2e:
10:76:75:a5:41:f7:ba:60:af:2f:a0:32:9c:73:32:
ae:1a:0b:7b:90:94:bd:1a:88:73:9a:ae:90:2f:9e:
fd:29:ad:b2:1f:ee:d5:af:88:c8:9a:20:50:51:1b:
5a:08:45:d8:cd:ff:7d:8f:a8:5f:a8:e6:dd:8e:8d:
ef:e5:ce:c2:d9:42:70:f4:83:51:48:c0:c3:92:a6:
1c:c0:8c:4c:9c:4b:62:58:3d:63:ff:1d:48:06:21:
a5:76:67:e4:de:59:bb:26:4f:7a:6d:e3:06:6a:0d:
7f:c4:82:bf:13:74:8c:41:d5:86:e0:e1:2b:b3:08:
2c:6e:5b:7b:30:10:ee:81:b1:27:74:a1:05:69:fc:
75:bc:09:29:8c:d9:80:b7:8c:4a:7a:35:72:58:75:
77:a5:db:9c:28:93:18:74:37:f5:5e:98:a2:4a:88:
bd:1c:d2:94:cf:21:28:4b:df:37:ea:95:9e:36:77:
e3:92:36:b1:0d:d8:4d:ab:b2:54:45:63:9a:81:76:
01:80:ef:60:4f:ae:b1:d7:42:21:0d:47:3c:f8:a8:
12:17:c6:b6:07:30:63:7e:1d:4f:f6:bf:71:31:25:
a6:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:3C:33:EA:C9:26:6C:E0:E6:87:1C:90:AD:B1:A8:B6:D5:4B:4D:49
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/KDwz6skmbODmhxyQrbGottVLTUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2d06:66::/48
2a0f:1203::/32
2a0f:ee00::/32
Signature Algorithm: sha256WithRSAEncryption
91:32:b7:24:fa:7e:b9:7f:9e:a2:97:36:43:91:fd:42:8d:52:
9e:ec:03:bf:5f:7a:b5:3e:dc:c5:c6:1c:87:2d:5c:42:47:6f:
30:f8:96:42:e6:af:24:21:c7:2e:a2:0a:4d:1a:6f:6c:82:76:
88:c1:e3:2a:1a:71:5a:6d:ba:7d:a7:fb:35:b4:aa:1f:c0:af:
17:96:6b:c6:f8:e6:71:51:1a:63:b8:46:3a:7c:eb:69:39:c9:
89:93:ff:0b:73:d5:9d:9e:b4:17:b4:e1:b8:43:10:12:ad:10:
9a:8f:8d:1e:6a:5e:1c:bc:cb:a1:2f:ae:d7:c9:75:b0:90:f3:
3f:ed:8f:88:7d:d2:45:ba:0e:e8:54:fc:22:6c:61:36:fb:73:
e5:4c:3e:1b:a8:fd:59:5e:0d:91:c8:4f:19:62:22:98:a4:8e:
50:3c:9f:5c:f1:ca:2a:07:1d:d0:ec:15:6d:58:cc:d9:f5:78:
51:23:3f:73:67:d2:ff:ff:e4:7e:e2:68:d6:b5:38:79:ea:09:
8c:e1:32:6e:eb:a2:46:50:ed:24:aa:59:e8:13:b8:78:35:9e:
f0:5b:4f:50:8d:6a:db:4f:9c:9e:41:b7:2a:79:03:3b:f2:56:
c7:85:81:49:8a:79:21:f8:5e:2e:ba:ea:b0:39:ae:68:3e:6d:
34:21:cb:d2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZGiCPo1bE+t2U7J/YFoGAziMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwODMwMDY0NjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODNjMzNlYWM5MjY2Y2UwZTY4NzFjOTBhZGIxYThiNmQ1NGI0ZDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyU/WwBR/RzOuxIEiaDkDjO1tDVqh
+MHsBZ9ZmC4QdnWlQfe6YK8voDKcczKuGgt7kJS9Gohzmq6QL579Ka2yH+7Vr4jI
miBQURtaCEXYzf99j6hfqObdjo3v5c7C2UJw9INRSMDDkqYcwIxMnEtiWD1j/x1I
BiGldmfk3lm7Jk96beMGag1/xIK/E3SMQdWG4OErswgsblt7MBDugbEndKEFafx1
vAkpjNmAt4xKejVyWHV3pducKJMYdDf1XpiiSoi9HNKUzyEoS9836pWeNnfjkjax
DdhNq7JURWOagXYBgO9gT66x10IhDUc8+KgSF8a2BzBjfh1P9r9xMSWmIwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCg8M+rJJmzg5occkK2xqLbVS01JMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvS0R3ejZza21iT0RtaHh5UXJiR290dFZMVFVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwcAKgotBgBm
AwUAKg8SAwMFACoP7gAwDQYJKoZIhvcNAQELBQADggEBAJEytyT6frl/nqKXNkOR
/UKNUp7sA79ferU+3MXGHIctXEJHbzD4lkLmryQhxy6iCk0ab2yCdojB4yoacVpt
un2n+zW0qh/ArxeWa8b45nFRGmO4Rjp862k5yYmT/wtz1Z2etBe04bhDEBKtEJqP
jR5qXhy8y6EvrtfJdbCQ8z/tj4h90kW6DuhU/CJsYTb7c+VMPhuo/VleDZHITxli
IpikjlA8n1zxyioHHdDsFW1YzNn1eFEjP3Nn0v//5H7iaNa1OHnqCYzhMm7rokZQ
7SSqWegTuHg1nvBbT1CNattPnJ5Btyp5AzvyVseFgUmKeSH4Xi666rA5rmg+bTQh
y9I=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:06:36 2025 by rpki-client