Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/SfncrZteqlcdW-PLqpjwR63Twq0.roa
File: SfncrZteqlcdW-PLqpjwR63Twq0.roa (raw, json)
Hash identifier: KICwa59y3e9cxMnxibkXyXfTYJyiSt6VH/WnMvv/K0s=
Subject key identifier: 49:F9:DC:AD:9B:5E:AA:57:1D:5B:E3:CB:AA:98:F0:47:AD:D3:C2:AD
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018FF1CD7FE83BA2F8B9E6EC49ADD722615A
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/SfncrZteqlcdW-PLqpjwR63Twq0.roa
Signing time: Fri 07 Jun 2024 08:25:27 +0000
ROA not before: Fri 07 Jun 2024 08:25:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40676
IP address blocks: 2a07:8a40::/30 maxlen: 30
Validation: Failed, certificate revoked on Sat 08 Jun 2024 09:13:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f1:cd:7f:e8:3b:a2:f8:b9:e6:ec:49:ad:d7:22:61:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 7 08:25:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=49f9dcad9b5eaa571d5be3cbaa98f047add3c2ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8f:2b:31:f9:01:e7:58:c4:7c:10:b6:6c:1b:
ed:51:25:f7:36:68:65:3e:3f:dd:1c:07:ef:29:06:
82:ec:ca:bd:0d:eb:33:af:e4:44:39:4c:58:4d:21:
b9:15:8d:ab:60:1a:ed:9d:fe:77:5f:13:cf:3c:e2:
37:3f:95:fa:78:c0:6f:85:aa:a8:24:f0:ba:ce:af:
91:d0:52:2f:a1:e5:98:8e:80:3e:8a:26:ab:4c:ea:
17:d2:94:70:2b:97:36:10:d5:66:fe:90:29:86:c0:
ad:f7:c7:c5:b0:bd:ad:8b:c8:6d:4f:6c:af:59:10:
8b:77:6b:d1:b6:09:a4:2e:73:fd:45:7c:eb:ef:8b:
de:93:ac:40:d2:39:c0:7a:6b:f9:18:09:66:c1:d7:
9c:57:58:4a:5f:85:38:71:11:63:0f:d0:48:cd:f2:
e5:1b:77:a3:91:da:48:ae:cc:18:07:15:ca:5c:9a:
e6:6b:5f:9d:81:5c:2d:ff:05:dc:d8:14:71:3f:c8:
f1:f3:91:de:0b:04:ad:49:5d:aa:12:35:cb:3d:44:
57:ef:c7:c8:7f:aa:99:97:b8:99:af:99:fd:51:6d:
5f:40:f3:59:6f:53:dd:56:eb:1a:e5:29:79:bb:35:
2f:5a:d5:59:90:47:cf:59:9a:99:cf:41:2a:52:c6:
76:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:F9:DC:AD:9B:5E:AA:57:1D:5B:E3:CB:AA:98:F0:47:AD:D3:C2:AD
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/SfncrZteqlcdW-PLqpjwR63Twq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:8a40::/30
Signature Algorithm: sha256WithRSAEncryption
b7:35:dc:de:78:a3:26:b1:3e:ed:78:19:49:9b:2d:eb:39:50:
f0:53:94:e7:12:d2:c4:5c:30:6d:a0:41:83:27:71:50:85:42:
34:4f:e0:69:fb:eb:a8:09:e0:80:a0:88:8a:8d:02:25:90:da:
bb:ac:cb:b4:44:27:68:cd:8e:5b:b1:ee:37:fd:8e:84:ed:69:
82:21:c5:2f:0a:1b:19:b2:0a:b0:3e:3b:be:71:48:83:e1:57:
23:e9:f8:87:8e:1e:a1:c0:5c:1f:1e:c6:e7:48:c4:20:12:d2:
f1:6d:ec:59:00:77:46:b0:9e:df:01:e8:91:6e:e5:8f:ad:f9:
66:31:8e:ad:d6:83:2f:de:3e:ba:cc:8d:10:0f:fc:34:b3:04:
b6:1b:b1:c8:ec:c6:20:bd:a4:75:74:8a:a6:a8:ad:98:e7:45:
5a:e4:38:cd:8c:87:aa:86:e8:5d:55:70:ed:88:21:26:a6:38:
70:fc:7e:49:3f:f2:a8:3f:ea:ba:98:01:cf:60:39:28:d1:b8:
62:78:93:9f:57:39:20:dc:6b:ca:0c:e9:e8:03:e4:52:1f:33:
8c:bc:29:0f:79:ae:94:93:b9:58:4e:3f:bd:dd:8b:97:b9:10:
13:bb:6d:de:13:20:8c:bf:af:c6:34:83:c0:e6:a0:a8:f8:d7:
ad:11:1d:33
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY/xzX/oO6L4uebsSa3XImFaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNjA3MDgyNTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWY5ZGNhZDliNWVhYTU3MWQ1YmUzY2JhYTk4ZjA0N2FkZDNjMmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArI8rMfkB51jEfBC2bBvtUSX3Nmhl
Pj/dHAfvKQaC7Mq9Deszr+REOUxYTSG5FY2rYBrtnf53XxPPPOI3P5X6eMBvhaqo
JPC6zq+R0FIvoeWYjoA+iiarTOoX0pRwK5c2ENVm/pAphsCt98fFsL2ti8htT2yv
WRCLd2vRtgmkLnP9RXzr74vek6xA0jnAemv5GAlmwdecV1hKX4U4cRFjD9BIzfLl
G3ejkdpIrswYBxXKXJrma1+dgVwt/wXc2BRxP8jx85HeCwStSV2qEjXLPURX78fI
f6qZl7iZr5n9UW1fQPNZb1PdVusa5Sl5uzUvWtVZkEfPWZqZz0EqUsZ2QwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEn53K2bXqpXHVvjy6qY8Eet08KtMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvU2ZuY3JadGVxbGNkVy1QTHFwandSNjNUd3EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUCKgeKQDAN
BgkqhkiG9w0BAQsFAAOCAQEAtzXc3nijJrE+7XgZSZst6zlQ8FOU5xLSxFwwbaBB
gydxUIVCNE/gafvrqAnggKCIio0CJZDau6zLtEQnaM2OW7HuN/2OhO1pgiHFLwob
GbIKsD47vnFIg+FXI+n4h44eocBcHx7G50jEIBLS8W3sWQB3RrCe3wHokW7lj635
ZjGOrdaDL94+usyNEA/8NLMEthuxyOzGIL2kdXSKpqitmOdFWuQ4zYyHqoboXVVw
7YghJqY4cPx+ST/yqD/qupgBz2A5KNG4YniTn1c5INxrygzp6APkUh8zjLwpD3mu
lJO5WE4/vd2Ll7kQE7tt3hMgjL+vxjSDwOagqPjXrREdMw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:11:36 2025 by rpki-client