Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/RmVHVHeH6370B5Jc3zr1jb_aSdE.roa
File: RmVHVHeH6370B5Jc3zr1jb_aSdE.roa (raw, json)
Hash identifier: C4TxB8g0wgpyujwxFLMpg3fGn2dYP+g5d88R1qdbyVQ=
Subject key identifier: 46:65:47:54:77:87:EB:7E:F4:07:92:5C:DF:3A:F5:8D:BF:DA:49:D1
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0191092B669D50722922156221ACAB31E3C1
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/RmVHVHeH6370B5Jc3zr1jb_aSdE.roa
Signing time: Wed 31 Jul 2024 14:22:04 +0000
ROA not before: Wed 31 Jul 2024 14:22:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60647
IP address blocks: 2a0a:2d05:bc34::/48 maxlen: 48
2a0f:3d84::/32 maxlen: 32
2a12:ecc0:271::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 04 Aug 2024 11:48:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:09:2b:66:9d:50:72:29:22:15:62:21:ac:ab:31:e3:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 31 14:22:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=466547547787eb7ef407925cdf3af58dbfda49d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:21:6e:f4:05:fa:fa:48:2c:51:ba:07:d6:92:
99:a6:58:f9:bb:dc:46:63:04:c2:57:0a:1c:34:f3:
9e:b1:c8:c4:a0:fe:3e:c1:ff:19:13:da:5d:75:07:
01:80:6e:49:fc:b0:98:f2:7f:55:f9:5e:79:1f:10:
c6:d0:38:9b:c0:9a:ac:98:31:22:c7:76:c9:e6:01:
02:42:46:f0:b6:df:87:c1:26:30:45:84:10:e6:6d:
d7:30:c0:46:58:27:4a:79:6c:e2:ad:3f:c4:80:6d:
44:01:69:b1:b9:47:9b:44:ae:a3:4e:1d:59:fb:78:
15:91:05:0c:7b:97:72:f5:c9:89:f5:0a:51:36:5b:
4a:2d:93:8f:3a:8c:91:ff:a1:3d:62:d8:1a:63:c7:
3d:89:ab:85:77:b8:b0:05:37:69:70:40:84:b5:3f:
b5:3f:5e:d4:44:7d:ab:33:7b:d0:b6:34:38:b3:f4:
df:de:03:ec:46:6a:6d:1a:11:66:b6:3f:71:0f:78:
3d:9a:0e:f9:d3:11:cf:0c:b9:a8:be:41:b6:1c:b9:
37:00:e1:02:36:51:88:38:9d:67:f1:31:87:7b:20:
75:11:70:92:2d:d8:9c:2a:22:13:de:2c:5f:a7:81:
80:d2:fe:04:ef:19:31:60:e5:00:31:0f:4c:12:bd:
e1:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:65:47:54:77:87:EB:7E:F4:07:92:5C:DF:3A:F5:8D:BF:DA:49:D1
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/RmVHVHeH6370B5Jc3zr1jb_aSdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2d05:bc34::/48
2a0f:3d84::/32
2a12:ecc0:271::/48
Signature Algorithm: sha256WithRSAEncryption
60:86:96:23:2c:ed:aa:32:b3:b4:82:b7:60:5a:35:35:16:70:
f0:93:60:ec:2e:99:de:3e:4f:15:6c:66:30:2f:7e:2d:9c:66:
cf:8a:b1:4b:bd:3d:ba:34:d6:d8:28:e7:ca:e7:ad:f3:b2:0a:
cd:38:ea:d5:76:e9:c9:14:da:81:e4:c3:85:5a:e3:82:19:72:
7a:e9:8b:db:e0:ac:fa:8b:7b:7c:75:ac:6b:dc:18:7d:78:ab:
75:4f:42:7f:63:34:56:da:5e:9c:c0:20:5a:eb:06:27:7c:96:
42:33:7b:3f:fa:33:53:c2:ea:17:63:8e:25:2a:ee:e3:74:6f:
40:96:7e:33:00:06:c1:e2:d4:ab:99:30:d6:6a:a4:da:8e:41:
fe:cd:b5:2c:7f:63:35:25:8e:4f:56:ac:96:23:8f:a4:76:04:
db:0e:79:53:c4:70:20:25:32:60:6a:4c:c1:86:dc:18:c2:99:
3c:4f:ad:15:47:7f:95:20:7f:1e:c9:35:2a:fb:6c:ad:d8:b4:
4e:d3:96:1c:f4:ad:aa:8c:43:f7:25:ce:55:8e:b3:ee:61:35:
2a:10:4c:42:da:c4:25:31:46:b8:a3:63:82:3d:12:42:ea:2e:
f6:d8:39:e3:40:7f:85:90:1b:5c:cc:15:39:0d:6f:38:20:ae:
ba:f1:2b:c2
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZEJK2adUHIpIhViIayrMePBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNzMxMTQyMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjY1NDc1NDc3ODdlYjdlZjQwNzkyNWNkZjNhZjU4ZGJmZGE0OWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5SFu9AX6+kgsUboH1pKZplj5u9xG
YwTCVwocNPOescjEoP4+wf8ZE9pddQcBgG5J/LCY8n9V+V55HxDG0DibwJqsmDEi
x3bJ5gECQkbwtt+HwSYwRYQQ5m3XMMBGWCdKeWzirT/EgG1EAWmxuUebRK6jTh1Z
+3gVkQUMe5dy9cmJ9QpRNltKLZOPOoyR/6E9YtgaY8c9iauFd7iwBTdpcECEtT+1
P17URH2rM3vQtjQ4s/Tf3gPsRmptGhFmtj9xD3g9mg750xHPDLmovkG2HLk3AOEC
NlGIOJ1n8TGHeyB1EXCSLdicKiIT3ixfp4GA0v4E7xkxYOUAMQ9MEr3hJwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFEZlR1R3h+t+9AeSXN869Y2/2knRMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvUm1WSFZIZUg2MzcwQjVKYzN6cjFqYl9hU2RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAAjAZAwcAKgotBbw0
AwUAKg89hAMHACoS7MACcTANBgkqhkiG9w0BAQsFAAOCAQEAYIaWIyztqjKztIK3
YFo1NRZw8JNg7C6Z3j5PFWxmMC9+LZxmz4qxS709ujTW2Cjnyuet87IKzTjq1Xbp
yRTageTDhVrjghlyeumL2+Cs+ot7fHWsa9wYfXirdU9Cf2M0VtpenMAgWusGJ3yW
QjN7P/ozU8LqF2OOJSru43RvQJZ+MwAGweLUq5kw1mqk2o5B/s21LH9jNSWOT1as
liOPpHYE2w55U8RwICUyYGpMwYbcGMKZPE+tFUd/lSB/Hsk1Kvtsrdi0TtOWHPSt
qoxD9yXOVY6z7mE1KhBMQtrEJTFGuKNjgj0SQuou9tg540B/hZAbXMwVOQ1vOCCu
uvErwg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:01:26 2025 by rpki-client