Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/bHuEqa6Coss929UHZvafl6mbr2A.roa
File: bHuEqa6Coss929UHZvafl6mbr2A.roa (raw, json)
Hash identifier: lvZiILdKYJLgIN+Nj7qOnGTz+3Abv+QszhWajf7KbQ4=
Subject key identifier: 6C:7B:84:A9:AE:82:A2:CB:3D:DB:D5:07:66:F6:9F:97:A9:9B:AF:60
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0194FA0A8D159C099A7F38A62D013DAA92CF
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/bHuEqa6Coss929UHZvafl6mbr2A.roa
Signing time: Wed 12 Feb 2025 12:03:02 +0000
ROA not before: Wed 12 Feb 2025 12:03:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214734
IP address blocks: 2a0f:1440::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 24 Feb 2025 15:56:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:fa:0a:8d:15:9c:09:9a:7f:38:a6:2d:01:3d:aa:92:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 12 12:03:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c7b84a9ae82a2cb3ddbd50766f69f97a99baf60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c2:2a:fc:23:59:44:ae:60:6f:bc:d3:8c:d6:
c2:da:a3:b0:74:ba:8d:3e:d3:79:f1:0e:1c:08:24:
4f:31:e9:9b:b5:52:a2:a8:21:fa:d7:1b:6a:6a:d8:
ab:50:1a:20:e3:42:4b:26:8e:75:47:68:8d:3f:58:
8f:88:40:88:f4:c2:8d:8b:4d:bb:1d:c4:fa:02:98:
ef:05:85:9b:a3:51:c4:f4:c3:72:7d:30:4b:49:94:
0d:2e:80:f1:58:c6:4a:9e:bb:92:60:31:35:d5:b5:
19:8a:10:c2:29:91:5c:b0:12:23:32:80:43:26:1d:
f8:ff:6f:66:7f:62:90:d1:14:91:41:1d:5a:4a:b5:
42:c2:ca:15:85:34:ff:d2:67:6b:5d:4b:37:cb:55:
48:96:e7:c3:76:47:40:11:9e:ed:35:6e:1c:cf:d3:
63:56:38:cf:d6:1a:32:38:34:9d:4c:2d:7e:a6:01:
c3:4b:d6:cf:77:62:3a:ad:ec:35:5c:ad:1c:54:bf:
58:32:f0:d7:d6:19:59:e9:b0:1b:98:75:fb:a7:36:
c0:69:ef:47:a6:27:ff:1d:7a:c1:b2:87:f4:45:00:
71:94:bc:9f:6b:69:6d:bf:42:a4:23:cd:1f:1a:1a:
7e:f6:ea:42:61:52:ad:fd:5f:b7:fe:c9:1f:89:27:
b3:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:7B:84:A9:AE:82:A2:CB:3D:DB:D5:07:66:F6:9F:97:A9:9B:AF:60
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/bHuEqa6Coss929UHZvafl6mbr2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1440::/29
Signature Algorithm: sha256WithRSAEncryption
63:69:4d:77:d9:32:7e:a1:22:af:ae:bf:59:ed:5f:bd:ef:a1:
3c:fb:64:85:45:a2:c5:92:d6:c4:d0:8c:06:4b:dd:be:40:a6:
dd:b3:eb:fa:b3:9b:0e:1e:e5:c8:55:bc:cd:f3:32:70:80:e1:
ee:6e:ed:2f:bc:70:e5:ab:f1:85:f5:d1:43:be:9b:fd:06:04:
69:19:2b:ad:b4:b8:07:ac:3b:82:54:85:d6:1d:ec:14:1a:eb:
f8:ae:ae:05:16:d9:70:3e:28:bb:a3:d0:7c:36:0a:15:f7:c8:
48:33:c1:e9:53:03:db:0a:13:86:62:5e:e7:3a:a6:22:b2:34:
e8:a7:53:f5:ca:1f:d0:42:b1:0b:e7:1a:66:fb:c8:08:cb:a7:
c6:f6:59:7a:99:f9:99:2e:a0:e5:62:58:89:3f:e7:cc:48:6c:
cb:7a:b5:6c:66:c3:69:1d:68:78:71:2f:c5:17:f9:72:29:20:
e3:56:3a:92:91:b6:bb:92:2a:6d:53:a9:89:b1:cd:77:f7:c0:
05:3c:b2:c4:ea:0c:78:b4:aa:dc:f7:28:45:f0:86:f1:8a:02:
89:88:0d:82:b0:12:42:18:d2:05:df:05:43:a4:5f:2f:4e:08:
79:36:4f:19:a4:1c:90:ea:b1:1b:ed:8a:c9:0e:7d:e2:d4:38:
d2:da:67:77
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZT6Co0VnAmafzimLQE9qpLPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMjEyMTIwMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzdiODRhOWFlODJhMmNiM2RkYmQ1MDc2NmY2OWY5N2E5OWJhZjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsIq/CNZRK5gb7zTjNbC2qOwdLqN
PtN58Q4cCCRPMembtVKiqCH61xtqatirUBog40JLJo51R2iNP1iPiECI9MKNi027
HcT6ApjvBYWbo1HE9MNyfTBLSZQNLoDxWMZKnruSYDE11bUZihDCKZFcsBIjMoBD
Jh34/29mf2KQ0RSRQR1aSrVCwsoVhTT/0mdrXUs3y1VIlufDdkdAEZ7tNW4cz9Nj
VjjP1hoyODSdTC1+pgHDS9bPd2I6rew1XK0cVL9YMvDX1hlZ6bAbmHX7pzbAae9H
pif/HXrBsof0RQBxlLyfa2ltv0KkI80fGhp+9upCYVKt/V+3/skfiSezLQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGx7hKmugqLLPdvVB2b2n5epm69gMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvYkh1RXFhNkNvc3M5MjlVSFp2YWZsNm1icjJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg8UQDAN
BgkqhkiG9w0BAQsFAAOCAQEAY2lNd9kyfqEir66/We1fve+hPPtkhUWixZLWxNCM
BkvdvkCm3bPr+rObDh7lyFW8zfMycIDh7m7tL7xw5avxhfXRQ76b/QYEaRkrrbS4
B6w7glSF1h3sFBrr+K6uBRbZcD4ou6PQfDYKFffISDPB6VMD2woThmJe5zqmIrI0
6KdT9cof0EKxC+caZvvICMunxvZZepn5mS6g5WJYiT/nzEhsy3q1bGbDaR1oeHEv
xRf5cikg41Y6kpG2u5IqbVOpibHNd/fABTyyxOoMeLSq3PcoRfCG8YoCiYgNgrAS
QhjSBd8FQ6RfL04IeTZPGaQckOqxG+2KyQ594tQ40tpndw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:05:16 2025 by rpki-client