Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/am2LGow5zn0psvgXY1Nyf0jQZYQ.roa
File: am2LGow5zn0psvgXY1Nyf0jQZYQ.roa (raw, json)
Hash identifier: klaMXi+rF0Lpc7NqeeOc97OJJ2y0YayW7fLdOH1qZwk=
Subject key identifier: 6A:6D:8B:1A:8C:39:CE:7D:29:B2:F8:17:63:53:72:7F:48:D0:65:84
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019198284A589B6903B03CBF5DDEC6A13165
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/am2LGow5zn0psvgXY1Nyf0jQZYQ.roa
Signing time: Wed 28 Aug 2024 08:44:22 +0000
ROA not before: Wed 28 Aug 2024 08:44:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214734
IP address blocks: 2a07:bb40::/29 maxlen: 29
2a10:3240::/29 maxlen: 29
2a10:3440::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 09 Sep 2024 15:21:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:98:28:4a:58:9b:69:03:b0:3c:bf:5d:de:c6:a1:31:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 28 08:44:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a6d8b1a8c39ce7d29b2f8176353727f48d06584
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ef:2e:7b:c3:df:e1:5c:60:b6:ca:54:25:72:
73:06:f3:be:71:14:3e:d6:0d:6f:66:fd:db:80:31:
b1:e6:bb:01:4c:4f:9a:19:6b:9a:10:d0:7a:15:cb:
6b:a5:ca:0a:45:c1:21:57:d3:9a:26:1a:b5:18:0b:
ef:14:3c:0c:f2:1a:8b:37:7b:4c:cf:bd:2a:27:e2:
09:e0:cc:15:95:17:52:7e:f4:c1:5d:b2:be:83:2d:
cf:e6:f9:33:0c:b5:6f:c0:32:5e:43:b4:8e:41:25:
50:3d:6d:8b:29:8a:3b:6f:f0:88:53:bf:dd:71:31:
3e:ce:43:1e:c0:ea:61:06:fd:f7:3a:a2:12:2f:f0:
86:0f:1b:36:5c:79:bc:67:21:4c:da:1d:da:03:be:
8b:a9:8e:7d:84:56:61:1b:ab:d5:11:be:76:48:dd:
4e:af:dd:2d:45:1b:d0:a3:30:5f:ba:7b:6c:6c:bb:
57:9f:5b:f4:fe:89:47:d7:03:49:e4:27:b2:bf:da:
8f:5b:93:56:de:de:ee:9b:b8:aa:4a:e0:ef:38:77:
55:63:70:70:b6:b4:9a:a0:6e:b9:2c:60:63:27:05:
b0:0a:d9:46:3b:b0:9d:fa:fd:da:f1:c0:b1:e5:62:
da:9e:dd:a6:ab:95:2a:f2:48:97:d4:65:3f:a4:a4:
2b:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:6D:8B:1A:8C:39:CE:7D:29:B2:F8:17:63:53:72:7F:48:D0:65:84
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/am2LGow5zn0psvgXY1Nyf0jQZYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:bb40::/29
2a10:3240::/29
2a10:3440::/29
Signature Algorithm: sha256WithRSAEncryption
9c:83:05:47:35:70:37:57:f2:ce:e1:10:7b:6d:8c:84:47:55:
10:f0:14:ad:85:13:ac:e1:86:d8:ba:e4:f2:af:e9:86:1c:d9:
8e:ab:de:24:62:b0:f7:c4:f2:0e:10:b4:ac:aa:c3:c8:91:ec:
02:ba:cf:14:4c:38:28:b4:55:e8:f5:16:93:bc:7f:67:cb:9d:
28:fa:0c:91:4a:64:fb:bc:dd:a9:85:06:c3:90:95:4f:73:98:
4b:68:78:cc:b1:d2:35:21:60:7f:ff:90:4d:eb:83:b7:5b:15:
f3:6a:23:e0:fd:e3:48:3c:3d:63:ec:5f:94:a5:f7:3b:a1:b0:
7a:d6:4a:9f:91:ce:a4:57:0d:4e:89:0f:6a:c4:cc:22:fe:43:
bd:ef:81:73:3c:e5:05:80:a3:38:7a:e3:cf:90:1d:20:69:e4:
df:97:f1:57:fc:26:50:a1:4f:5c:7a:1e:61:c6:74:8c:38:e5:
71:19:c4:9e:47:25:7a:2f:86:33:b3:08:08:24:fb:95:04:77:
49:4f:8e:2d:9e:eb:08:b7:b4:31:30:e3:2f:d0:3a:5b:12:76:
d0:b1:5b:07:4c:5f:92:d9:48:c9:ac:db:c8:55:e0:40:01:33:
3e:45:37:b2:69:81:50:51:b3:7f:45:a5:47:15:b6:0f:45:16:
e0:c1:79:aa
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZGYKEpYm2kDsDy/Xd7GoTFlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwODI4MDg0NDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTZkOGIxYThjMzljZTdkMjliMmY4MTc2MzUzNzI3ZjQ4ZDA2NTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtO8ue8Pf4VxgtspUJXJzBvO+cRQ+
1g1vZv3bgDGx5rsBTE+aGWuaENB6FctrpcoKRcEhV9OaJhq1GAvvFDwM8hqLN3tM
z70qJ+IJ4MwVlRdSfvTBXbK+gy3P5vkzDLVvwDJeQ7SOQSVQPW2LKYo7b/CIU7/d
cTE+zkMewOphBv33OqISL/CGDxs2XHm8ZyFM2h3aA76LqY59hFZhG6vVEb52SN1O
r90tRRvQozBfuntsbLtXn1v0/olH1wNJ5Ceyv9qPW5NW3t7um7iqSuDvOHdVY3Bw
trSaoG65LGBjJwWwCtlGO7Cd+v3a8cCx5WLant2mq5Uq8kiX1GU/pKQrhwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGptixqMOc59KbL4F2NTcn9I0GWEMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvYW0yTEdvdzV6bjBwc3ZnWFkxTnlmMGpRWllRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKge7QAMF
AyoQMkADBQMqEDRAMA0GCSqGSIb3DQEBCwUAA4IBAQCcgwVHNXA3V/LO4RB7bYyE
R1UQ8BSthROs4YbYuuTyr+mGHNmOq94kYrD3xPIOELSsqsPIkewCus8UTDgotFXo
9RaTvH9ny50o+gyRSmT7vN2phQbDkJVPc5hLaHjMsdI1IWB//5BN64O3WxXzaiPg
/eNIPD1j7F+Upfc7obB61kqfkc6kVw1OiQ9qxMwi/kO974FzPOUFgKM4euPPkB0g
aeTfl/FX/CZQoU9ceh5hxnSMOOVxGcSeRyV6L4YzswgIJPuVBHdJT44tnusIt7Qx
MOMv0DpbEnbQsVsHTF+S2UjJrNvIVeBAATM+RTeyaYFQUbN/RaVHFbYPRRbgwXmq
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:17:53 2025 by rpki-client