Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/bE0-rw5sVRD8KzFAqACXULCcLSI.roa
File: bE0-rw5sVRD8KzFAqACXULCcLSI.roa (raw, json)
Hash identifier: QPaHHXd0x4+sLyvasS4lZr268L6BL5rEPKurxuh7XxQ=
Subject key identifier: 6C:4D:3E:AF:0E:6C:55:10:FC:2B:31:40:A8:00:97:50:B0:9C:2D:22
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01942748289634520CCAD8363E4B67A1DC7E
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/bE0-rw5sVRD8KzFAqACXULCcLSI.roa
Signing time: Thu 02 Jan 2025 13:50:27 +0000
ROA not before: Thu 02 Jan 2025 13:50:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 152089
IP address blocks: 2a0e:1a83:100::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 13 Jan 2025 07:29:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:28:96:34:52:0c:ca:d8:36:3e:4b:67:a1:dc:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 2 13:50:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c4d3eaf0e6c5510fc2b3140a8009750b09c2d22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:77:01:b7:a8:9f:f4:f7:fd:3d:a0:17:64:63:
80:0e:6a:a6:ad:13:17:4d:12:2d:e0:d8:8c:11:bd:
4f:a0:fd:ed:e5:96:23:cb:e7:f6:9e:5e:dc:73:ba:
f6:26:8d:47:19:ea:f3:8b:86:86:24:d8:99:17:fd:
ea:7a:7b:a2:55:24:5d:76:54:2a:54:6d:48:28:33:
ab:32:a9:82:be:d5:df:85:fa:89:55:9e:8c:ca:8c:
2a:eb:2c:a4:48:14:e1:87:ab:ea:cb:de:2f:cd:d1:
e6:78:06:03:f5:22:f8:f4:44:f2:cd:bc:75:9e:f7:
69:a6:4e:c7:26:7d:dd:b6:11:5b:5f:9e:f2:34:85:
9a:18:a0:cc:8d:9b:a8:4d:d1:b9:d1:34:cd:f6:c4:
a2:e6:cc:c7:be:1d:16:82:09:70:ff:78:04:99:ee:
69:ba:9f:1c:c8:ef:a3:9a:26:03:bc:7f:d1:05:ce:
1f:f3:c6:81:8b:99:09:cb:f1:a4:c0:79:6c:42:06:
8a:55:5a:d9:d2:42:f2:8e:94:09:80:0d:c3:f6:14:
7f:98:c9:99:fb:a8:b1:ac:66:e0:e8:5d:63:2c:36:
82:ed:25:4a:17:e5:bf:c7:c7:39:bd:d6:7e:be:a9:
05:76:5d:2b:73:a7:4c:6a:07:7c:95:b3:b2:0d:5a:
ea:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:4D:3E:AF:0E:6C:55:10:FC:2B:31:40:A8:00:97:50:B0:9C:2D:22
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/bE0-rw5sVRD8KzFAqACXULCcLSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1a83:100::/48
Signature Algorithm: sha256WithRSAEncryption
60:c3:b9:bf:d4:f6:fd:15:6d:11:36:1e:b8:16:8b:17:88:01:
43:55:de:d1:51:e8:6f:b2:41:01:c7:31:8f:bd:81:f9:b9:ef:
a1:a5:5e:da:73:a4:32:e1:20:64:81:7f:ac:1f:84:a7:1d:8d:
fd:4d:c1:42:fc:69:9c:fb:3c:c2:c2:8d:47:4d:ae:b0:98:f4:
b7:35:ee:7e:f8:ec:17:cf:b9:6e:db:93:da:13:23:2b:14:4f:
e9:2d:dc:ee:f9:2b:c7:93:53:de:3c:a9:ce:c0:2c:6d:90:d8:
ac:82:57:c0:d0:8d:2d:e6:70:28:48:4f:19:96:e5:e7:af:83:
54:32:64:62:3e:63:12:01:35:28:8c:33:cf:cc:ed:d1:00:07:
a1:7c:11:95:10:03:18:ee:e6:1b:3d:d8:67:dd:78:ce:6a:db:
b9:fb:8b:a5:60:ac:60:3a:db:4b:11:5f:57:e4:62:df:5d:d4:
5c:3f:f0:37:81:bd:98:a2:22:74:6f:4f:64:3b:e4:17:60:a5:
3e:bc:6d:5f:1d:6a:e7:d6:55:a8:f0:8c:51:d5:f1:02:62:9a:
a4:7f:48:17:fd:b1:82:88:7f:42:88:24:f6:03:c5:b0:06:3c:
a3:d9:a1:c1:79:69:69:97:93:ce:1d:f4:3d:19:a1:98:0d:e0:
f9:22:61:b2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQnSCiWNFIMytg2Pktnodx+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMTAyMTM1MDI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzRkM2VhZjBlNmM1NTEwZmMyYjMxNDBhODAwOTc1MGIwOWMyZDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXcBt6if9Pf9PaAXZGOADmqmrRMX
TRIt4NiMEb1PoP3t5ZYjy+f2nl7cc7r2Jo1HGerzi4aGJNiZF/3qenuiVSRddlQq
VG1IKDOrMqmCvtXfhfqJVZ6Myowq6yykSBThh6vqy94vzdHmeAYD9SL49ETyzbx1
nvdppk7HJn3dthFbX57yNIWaGKDMjZuoTdG50TTN9sSi5szHvh0Wgglw/3gEme5p
up8cyO+jmiYDvH/RBc4f88aBi5kJy/GkwHlsQgaKVVrZ0kLyjpQJgA3D9hR/mMmZ
+6ixrGbg6F1jLDaC7SVKF+W/x8c5vdZ+vqkFdl0rc6dMagd8lbOyDVrq6wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGxNPq8ObFUQ/CsxQKgAl1CwnC0iMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvYkUwLXJ3NXNWUkQ4S3pGQXFBQ1hVTENjTFNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg4agwEA
MA0GCSqGSIb3DQEBCwUAA4IBAQBgw7m/1Pb9FW0RNh64FosXiAFDVd7RUehvskEB
xzGPvYH5ue+hpV7ac6Qy4SBkgX+sH4SnHY39TcFC/Gmc+zzCwo1HTa6wmPS3Ne5+
+OwXz7lu25PaEyMrFE/pLdzu+SvHk1PePKnOwCxtkNisglfA0I0t5nAoSE8ZluXn
r4NUMmRiPmMSATUojDPPzO3RAAehfBGVEAMY7uYbPdhn3XjOatu5+4ulYKxgOttL
EV9X5GLfXdRcP/A3gb2YoiJ0b09kO+QXYKU+vG1fHWrn1lWo8IxR1fECYpqkf0gX
/bGCiH9CiCT2A8WwBjyj2aHBeWlpl5POHfQ9GaGYDeD5ImGy
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:24:09 2025 by rpki-client