Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/RXayCsFyTsoOVkna4w-cG_r2EEo.roa
File: RXayCsFyTsoOVkna4w-cG_r2EEo.roa (raw, json)
Hash identifier: 1e3O54SCrcFoufygmg14fqPTJY9I1GKB2ST+GPMGQCQ=
Subject key identifier: 45:76:B2:0A:C1:72:4E:CA:0E:56:49:DA:E3:0F:9C:1B:FA:F6:10:4A
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0193B9D9DC61D63013A4599079E490DC5621
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/RXayCsFyTsoOVkna4w-cG_r2EEo.roa
Signing time: Thu 12 Dec 2024 07:51:22 +0000
ROA not before: Thu 12 Dec 2024 07:51:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212027
IP address blocks: 2a0e:15c4::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b9:d9:dc:61:d6:30:13:a4:59:90:79:e4:90:dc:56:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 12 07:51:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4576b20ac1724eca0e5649dae30f9c1bfaf6104a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:19:1a:04:74:6b:44:d8:2d:90:6a:e0:14:7b:
58:ab:91:da:ef:db:ad:0c:30:30:ab:26:e5:71:fd:
9d:87:85:c7:e7:6b:54:41:cb:89:d6:b4:b6:f7:d6:
ec:00:a9:55:82:2d:13:d8:a3:97:4f:92:69:6b:19:
42:d8:fd:78:1e:6c:f7:1a:2d:bc:14:3c:13:28:3b:
27:be:8a:39:7c:53:fb:fa:db:58:84:6c:0c:2c:b2:
fc:44:11:f3:4e:a0:90:1a:92:cc:7b:64:7b:c5:c0:
b4:b8:7b:d0:3e:5c:01:85:f0:a8:3d:77:7f:63:0f:
7c:e4:d3:fa:e3:86:2f:ff:3d:67:9e:d0:72:35:b7:
27:e7:12:2f:55:4d:24:c1:ed:80:b6:ee:71:2b:06:
50:69:d6:ed:df:27:72:15:ea:e7:c2:87:b1:73:05:
d4:c1:92:99:72:72:1b:3d:e9:49:40:07:b6:7a:27:
3c:d5:0a:e7:32:45:79:18:d3:fe:f1:e4:4c:3d:02:
30:5f:89:d2:83:ef:0a:5c:a1:ae:c6:3d:5e:78:67:
7a:c5:10:a6:64:bd:62:d6:41:8f:17:e0:28:6c:5d:
ff:34:19:12:4f:64:e9:cc:48:62:60:be:36:58:fa:
e0:58:c6:40:42:7b:04:06:3c:7a:7f:db:0a:6f:40:
d3:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:76:B2:0A:C1:72:4E:CA:0E:56:49:DA:E3:0F:9C:1B:FA:F6:10:4A
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/RXayCsFyTsoOVkna4w-cG_r2EEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:15c4::/32
Signature Algorithm: sha256WithRSAEncryption
49:7c:4b:ca:84:5d:ea:ce:fa:e0:69:bd:5e:e4:da:88:a2:b0:
ef:8c:58:f4:fb:70:95:6b:ff:9b:f7:27:1d:f8:61:db:44:30:
94:79:da:47:d5:31:0e:59:c2:f3:d7:77:26:c7:c1:46:fd:50:
b0:12:2e:47:f9:ba:d6:8f:6e:eb:f2:33:d8:34:44:99:a0:58:
01:70:ab:45:4b:c7:ab:82:bc:d0:20:53:47:54:91:50:7b:65:
64:ef:97:c3:9c:6b:17:43:69:a2:40:fd:4c:e3:17:ce:ec:04:
84:78:8e:6f:f5:ed:ca:8b:76:7a:e0:f6:fb:c1:1c:83:75:b2:
63:6d:c3:cb:f9:13:10:4a:c1:0a:8f:aa:ef:4a:8e:21:e3:ba:
ae:ad:28:7a:da:51:6a:3c:5e:36:13:a1:b8:4b:b3:af:fb:4b:
85:ba:56:5e:80:39:f4:22:75:f8:46:c9:52:60:fe:11:8f:a9:
b1:45:e7:28:3d:07:ad:91:a2:e5:cd:7a:3c:19:92:47:79:9a:
c7:f5:81:49:95:f4:24:38:a1:7c:58:21:91:82:6f:aa:77:71:
33:36:e2:18:10:6c:d1:7a:20:36:96:4b:39:de:3c:49:99:25:
c9:60:cf:73:0e:b0:aa:ff:cd:34:d4:c7:f2:30:bc:42:57:c6:
c5:8d:e1:61
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZO52dxh1jATpFmQeeSQ3FYhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMjEyMDc1MTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTc2YjIwYWMxNzI0ZWNhMGU1NjQ5ZGFlMzBmOWMxYmZhZjYxMDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1RkaBHRrRNgtkGrgFHtYq5Ha79ut
DDAwqyblcf2dh4XH52tUQcuJ1rS299bsAKlVgi0T2KOXT5JpaxlC2P14Hmz3Gi28
FDwTKDsnvoo5fFP7+ttYhGwMLLL8RBHzTqCQGpLMe2R7xcC0uHvQPlwBhfCoPXd/
Yw985NP644Yv/z1nntByNbcn5xIvVU0kwe2Atu5xKwZQadbt3ydyFernwoexcwXU
wZKZcnIbPelJQAe2eic81QrnMkV5GNP+8eRMPQIwX4nSg+8KXKGuxj1eeGd6xRCm
ZL1i1kGPF+AobF3/NBkST2TpzEhiYL42WPrgWMZAQnsEBjx6f9sKb0DTAQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEV2sgrBck7KDlZJ2uMPnBv69hBKMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvUlhheUNzRnlUc29PVmtuYTR3LWNHX3IyRUVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg4VxDAN
BgkqhkiG9w0BAQsFAAOCAQEASXxLyoRd6s764Gm9XuTaiKKw74xY9PtwlWv/m/cn
Hfhh20QwlHnaR9UxDlnC89d3JsfBRv1QsBIuR/m61o9u6/Iz2DREmaBYAXCrRUvH
q4K80CBTR1SRUHtlZO+Xw5xrF0NpokD9TOMXzuwEhHiOb/Xtyot2euD2+8Ecg3Wy
Y23Dy/kTEErBCo+q70qOIeO6rq0oetpRajxeNhOhuEuzr/tLhbpWXoA59CJ1+EbJ
UmD+EY+psUXnKD0HrZGi5c16PBmSR3max/WBSZX0JDihfFghkYJvqndxMzbiGBBs
0XogNpZLOd48SZklyWDPcw6wqv/NNNTH8jC8QlfGxY3hYQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:11:59 2025 by rpki-client