Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/RWtbCG1HddVYfDBdH32sD8420qM.roa
File: RWtbCG1HddVYfDBdH32sD8420qM.roa (raw, json)
Hash identifier: CBu1jigsGvHUtCbxWoSV63bqqYlrgde454XSBQHQjDM=
Subject key identifier: 45:6B:5B:08:6D:47:75:D5:58:7C:30:5D:1F:7D:AC:0F:CE:36:D2:A3
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018CD4E332D4A2517CC41ECF36C2AA994822
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/RWtbCG1HddVYfDBdH32sD8420qM.roa
Signing time: Thu 04 Jan 2024 14:31:48 +0000
ROA not before: Thu 04 Jan 2024 14:31:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199925
IP address blocks: 2a0f:e040::/29 maxlen: 29
2a0f:1480::/29 maxlen: 29
2a13:2b40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 09 Jan 2024 07:33:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d4:e3:32:d4:a2:51:7c:c4:1e:cf:36:c2:aa:99:48:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 4 14:31:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=456b5b086d4775d5587c305d1f7dac0fce36d2a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:5f:0b:b5:60:fa:69:b6:cd:3a:2f:e7:3a:12:
d4:84:4f:6b:d0:bf:78:fa:b6:02:58:57:03:4a:9b:
10:d3:6b:0b:41:66:75:9a:fb:f6:69:fe:58:0e:83:
da:f0:ed:d4:97:0b:d8:a2:7b:04:2c:16:7e:4d:73:
29:d9:fc:d2:05:0e:07:e4:ba:17:97:87:89:c4:73:
b6:67:ab:da:9e:a0:76:06:04:41:9c:50:9e:04:d9:
e0:cf:07:24:d1:e3:f7:e2:cd:07:03:88:07:89:d8:
e9:56:87:ff:5e:86:0a:41:80:4e:8e:bd:94:1f:66:
1a:53:fd:fd:b1:48:56:75:ef:f4:eb:86:73:4b:76:
7b:97:85:11:b1:a5:20:f2:06:21:e3:66:d3:d7:71:
54:bc:0a:af:0a:c6:98:a1:db:83:9d:72:1f:e3:b3:
f4:8a:5e:e5:a5:80:02:59:a0:f7:d3:ca:3f:b0:23:
7a:19:66:fb:ae:c0:6b:38:f3:2d:c5:a7:1c:64:5c:
6f:fe:37:e5:84:45:44:7a:31:01:3f:bc:c7:24:4d:
d9:6a:c4:83:6b:26:d6:23:ca:0b:60:76:cd:99:0c:
2e:89:79:81:4f:32:8f:37:77:89:f2:f4:18:f3:5b:
e7:ac:e2:66:9f:ae:3e:f9:9e:36:78:de:7b:09:a7:
94:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:6B:5B:08:6D:47:75:D5:58:7C:30:5D:1F:7D:AC:0F:CE:36:D2:A3
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/RWtbCG1HddVYfDBdH32sD8420qM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1480::/29
2a0f:e040::/29
2a13:2b40::/29
Signature Algorithm: sha256WithRSAEncryption
af:34:92:10:5b:0a:b3:0d:87:2b:34:fd:a6:0f:cc:54:ae:cd:
87:a2:63:49:30:a3:d9:9b:4f:79:7d:53:e1:ca:ae:4a:17:d3:
89:13:64:f4:ac:c8:fa:b3:45:1f:c7:da:90:dc:f3:42:58:17:
88:41:57:55:90:0b:48:01:b8:09:47:67:66:85:4f:40:93:66:
2a:31:65:a8:5a:14:4a:4d:0d:ba:f2:c7:26:91:eb:45:ae:85:
a4:b0:29:45:aa:49:67:5c:84:09:29:bf:42:fe:0e:60:2b:ab:
53:24:e8:28:d7:ba:03:74:31:62:2b:f0:e0:2a:29:de:ae:4c:
b1:bf:91:38:6e:95:df:bf:dd:69:59:be:c1:cf:99:91:58:ca:
10:b6:46:d6:e9:39:72:a8:81:d3:5e:2b:ca:04:d9:34:67:49:
46:f5:23:8d:c1:99:dd:ad:05:d7:be:98:32:9a:2d:84:a8:89:
c1:5e:ee:ab:cb:46:c6:bf:f4:cc:d6:64:de:09:b3:41:6e:b7:
ac:60:07:59:c2:cd:1d:82:53:5b:d2:85:bc:f5:d8:4c:a8:83:
7d:a1:4e:af:9c:53:7b:48:7d:0c:17:02:52:de:5c:29:5c:ce:
3a:2f:ca:b9:7a:9c:c5:74:25:ee:bd:a6:58:d0:9f:1d:4b:ba:
f3:7b:c6:d0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzU4zLUolF8xB7PNsKqmUgiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMTA0MTQzMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTZiNWIwODZkNDc3NWQ1NTg3YzMwNWQxZjdkYWMwZmNlMzZkMmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjV8LtWD6abbNOi/nOhLUhE9r0L94
+rYCWFcDSpsQ02sLQWZ1mvv2af5YDoPa8O3UlwvYonsELBZ+TXMp2fzSBQ4H5LoX
l4eJxHO2Z6vanqB2BgRBnFCeBNngzwck0eP34s0HA4gHidjpVof/XoYKQYBOjr2U
H2YaU/39sUhWde/064ZzS3Z7l4URsaUg8gYh42bT13FUvAqvCsaYoduDnXIf47P0
il7lpYACWaD308o/sCN6GWb7rsBrOPMtxaccZFxv/jflhEVEejEBP7zHJE3ZasSD
aybWI8oLYHbNmQwuiXmBTzKPN3eJ8vQY81vnrOJmn64++Z42eN57CaeUcwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEVrWwhtR3XVWHwwXR99rA/ONtKjMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvUld0YkNHMUhkZFZZZkRCZEgzMnNEODQyMHFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg8UgAMF
AyoP4EADBQMqEytAMA0GCSqGSIb3DQEBCwUAA4IBAQCvNJIQWwqzDYcrNP2mD8xU
rs2HomNJMKPZm095fVPhyq5KF9OJE2T0rMj6s0Ufx9qQ3PNCWBeIQVdVkAtIAbgJ
R2dmhU9Ak2YqMWWoWhRKTQ268scmketFroWksClFqklnXIQJKb9C/g5gK6tTJOgo
17oDdDFiK/DgKinerkyxv5E4bpXfv91pWb7Bz5mRWMoQtkbW6TlyqIHTXivKBNk0
Z0lG9SONwZndrQXXvpgymi2EqInBXu6ry0bGv/TM1mTeCbNBbresYAdZws0dglNb
0oW89dhMqIN9oU6vnFN7SH0MFwJS3lwpXM46L8q5epzFdCXuvaZY0J8dS7rze8bQ
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:04:47 2025 by rpki-client