Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/RMB1cESsxU7IwU48AT5nhTZBYCc.roa
File: RMB1cESsxU7IwU48AT5nhTZBYCc.roa (raw, json)
Hash identifier: az7YFVQ2C5jXD/huHiS9B0z3lt8wWQScnZzLRUWEPpA=
Subject key identifier: 44:C0:75:70:44:AC:C5:4E:C8:C1:4E:3C:01:3E:67:85:36:41:60:27
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0194691EC55B5C787B030FCB6C997102A3BD
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/RMB1cESsxU7IwU48AT5nhTZBYCc.roa
Signing time: Wed 15 Jan 2025 08:40:11 +0000
ROA not before: Wed 15 Jan 2025 08:40:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54852
IP address blocks: 2a0f:18c0::/29 maxlen: 29
2a0f:2a40::/29 maxlen: 29
2a0f:3140::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 18 Jan 2025 14:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:69:1e:c5:5b:5c:78:7b:03:0f:cb:6c:99:71:02:a3:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 15 08:40:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=44c0757044acc54ec8c14e3c013e678536416027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:da:62:38:c2:71:f8:80:96:cd:06:18:ce:33:
a4:2b:c8:5d:d0:4a:f9:2f:72:c4:27:4d:e1:55:06:
20:97:ab:12:11:46:11:37:69:f4:33:ee:50:8f:8a:
e9:a1:ef:e5:87:77:40:81:76:07:f8:b2:ba:86:84:
96:0b:58:f2:52:9f:c3:d2:51:d8:76:34:62:3d:5a:
22:2c:ce:d8:3e:03:27:22:75:1d:41:29:46:7a:67:
62:9d:55:40:db:38:eb:6c:9f:84:a7:d8:79:fb:a7:
24:d4:1c:4d:aa:b2:ac:e2:f2:c3:6e:3d:8b:95:63:
5c:c6:b6:f0:0c:a0:ea:17:32:4f:fe:4e:fd:94:e0:
8a:e8:e1:dc:c4:c7:50:31:3a:40:51:fb:d1:ae:2e:
d0:b3:00:cd:4d:03:51:2b:86:f1:ab:38:f1:04:03:
a9:dd:30:74:47:e3:89:3c:1f:3f:02:26:75:ea:90:
ea:65:1e:da:4b:53:f3:69:49:13:ed:a3:60:5a:9a:
ca:b6:ec:91:b3:28:13:12:d8:ba:23:bd:cb:df:6b:
74:18:8a:fb:34:95:0b:ba:51:a1:a7:14:c3:17:cf:
96:bf:bc:e5:48:ec:d8:b0:ac:7e:99:c3:a4:dd:16:
f7:7c:c2:0b:2b:36:a9:4a:95:2d:0c:1e:b1:54:45:
7d:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:C0:75:70:44:AC:C5:4E:C8:C1:4E:3C:01:3E:67:85:36:41:60:27
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/RMB1cESsxU7IwU48AT5nhTZBYCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:18c0::/29
2a0f:2a40::/29
2a0f:3140::/29
Signature Algorithm: sha256WithRSAEncryption
27:00:52:3f:73:4f:ea:11:26:ec:d6:eb:a5:72:be:52:f8:8e:
30:4c:50:26:46:b0:dd:a1:0d:6d:05:f1:dd:a4:25:68:f7:74:
ed:ee:05:0b:0e:3d:0d:5c:cc:09:62:c0:7a:69:24:24:24:28:
73:57:11:e0:08:85:84:0d:16:e9:82:83:49:70:9a:fb:5e:21:
69:8c:31:4d:3e:7b:44:12:2a:94:f8:3b:5c:95:a7:78:ac:c9:
26:a5:f6:9e:61:a3:39:85:69:f8:da:ca:b1:db:0b:f5:02:d9:
7d:09:b8:53:6b:e6:0f:14:16:58:e6:8a:8d:b3:98:6c:08:4d:
21:38:78:f2:96:ae:8d:5f:d8:b2:78:af:07:c0:53:95:4f:4e:
c7:74:96:03:62:06:39:18:f9:37:de:25:00:44:ab:c5:db:83:
b4:0c:33:bd:0b:a9:d1:e1:ec:04:31:7f:a4:c0:c0:36:a4:d3:
ef:a5:49:bd:93:c1:67:20:1a:7d:8b:98:4a:17:e6:4f:50:04:
22:c9:20:ba:57:41:fc:87:34:c1:3d:18:94:df:5b:53:b7:63:
99:b8:94:1f:c9:ea:85:64:69:d7:77:08:e7:e5:e3:32:a8:7e:
33:a8:d9:40:41:27:c1:f5:05:2f:cd:85:8e:63:5c:e5:9e:04:
17:89:50:27
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZRpHsVbXHh7Aw/LbJlxAqO9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMTE1MDg0MDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGMwNzU3MDQ0YWNjNTRlYzhjMTRlM2MwMTNlNjc4NTM2NDE2MDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9piOMJx+ICWzQYYzjOkK8hd0Er5
L3LEJ03hVQYgl6sSEUYRN2n0M+5Qj4rpoe/lh3dAgXYH+LK6hoSWC1jyUp/D0lHY
djRiPVoiLM7YPgMnInUdQSlGemdinVVA2zjrbJ+Ep9h5+6ck1BxNqrKs4vLDbj2L
lWNcxrbwDKDqFzJP/k79lOCK6OHcxMdQMTpAUfvRri7QswDNTQNRK4bxqzjxBAOp
3TB0R+OJPB8/AiZ16pDqZR7aS1PzaUkT7aNgWprKtuyRsygTEti6I73L32t0GIr7
NJULulGhpxTDF8+Wv7zlSOzYsKx+mcOk3Rb3fMILKzapSpUtDB6xVEV9AQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFETAdXBErMVOyMFOPAE+Z4U2QWAnMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvUk1CMWNFU3N4VTdJd1U0OEFUNW5oVFpCWUNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg8YwAMF
AyoPKkADBQMqDzFAMA0GCSqGSIb3DQEBCwUAA4IBAQAnAFI/c0/qESbs1uulcr5S
+I4wTFAmRrDdoQ1tBfHdpCVo93Tt7gULDj0NXMwJYsB6aSQkJChzVxHgCIWEDRbp
goNJcJr7XiFpjDFNPntEEiqU+Dtclad4rMkmpfaeYaM5hWn42sqx2wv1Atl9CbhT
a+YPFBZY5oqNs5hsCE0hOHjylq6NX9iyeK8HwFOVT07HdJYDYgY5GPk33iUARKvF
24O0DDO9C6nR4ewEMX+kwMA2pNPvpUm9k8FnIBp9i5hKF+ZPUAQiySC6V0H8hzTB
PRiU31tTt2OZuJQfyeqFZGnXdwjn5eMyqH4zqNlAQSfB9QUvzYWOY1zlngQXiVAn
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:13:24 2025 by rpki-client