Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/bnNFgSD_nOIVSWHG_rbUUVQMVK8.roa
File: bnNFgSD_nOIVSWHG_rbUUVQMVK8.roa (raw, json)
Hash identifier: zF8sV6EM1cH6EHcUqW9jvlauQ/fyXmTbz3cJhiJL2N0=
Subject key identifier: 6E:73:45:81:20:FF:9C:E2:15:49:61:C6:FE:B6:D4:51:54:0C:54:AF
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01911D37D879466A87BE38B550722B37AED5
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/bnNFgSD_nOIVSWHG_rbUUVQMVK8.roa
Signing time: Sun 04 Aug 2024 11:48:04 +0000
ROA not before: Sun 04 Aug 2024 11:48:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60647
IP address blocks: 2a0a:2d05:bc34::/48 maxlen: 48
2a12:ecc0:271::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 13 Aug 2024 06:35:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:1d:37:d8:79:46:6a:87:be:38:b5:50:72:2b:37:ae:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 4 11:48:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e73458120ff9ce2154961c6feb6d451540c54af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:70:5e:3d:a1:7e:4c:e6:d5:66:1b:6e:df:81:
4e:ed:e1:e3:5d:bb:ce:92:19:ac:7c:51:85:29:ee:
39:cd:14:12:af:2a:63:67:fa:99:e3:2a:b6:e9:14:
e6:93:7e:53:4c:c4:6e:3f:05:a7:9e:25:1a:c5:83:
dd:d0:0b:16:79:66:6a:26:4c:d7:bc:b8:f2:b6:80:
5a:d4:80:1f:e2:05:ae:9d:50:e8:56:25:8f:60:aa:
2a:7d:9c:de:c4:d1:ac:a2:0a:8d:c4:d0:35:73:09:
06:09:f6:d2:a3:c5:ad:26:01:3b:60:02:23:68:95:
e5:9a:9b:17:b3:11:d3:eb:16:54:43:1b:e2:23:6d:
3f:90:4b:a6:cc:3d:50:36:fb:ed:ac:15:71:4b:04:
53:a6:f1:5d:8b:3a:55:58:f6:69:58:5d:5a:2f:5b:
69:14:fd:1d:19:1a:b5:96:86:46:82:db:3f:65:2f:
dc:ae:cf:4c:58:f7:8e:fb:b0:12:c9:95:2f:0c:43:
84:9d:53:8e:95:b1:69:25:af:d4:3f:ba:d9:e5:f5:
a2:be:7d:1f:f1:36:1d:8b:fb:e1:13:15:8d:0c:8a:
0a:96:fd:f0:3a:c9:ab:2e:98:59:3e:30:ae:a0:80:
19:14:55:f3:59:8f:90:09:e9:d5:84:21:b3:06:af:
3b:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:73:45:81:20:FF:9C:E2:15:49:61:C6:FE:B6:D4:51:54:0C:54:AF
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/bnNFgSD_nOIVSWHG_rbUUVQMVK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2d05:bc34::/48
2a12:ecc0:271::/48
Signature Algorithm: sha256WithRSAEncryption
0b:41:ab:de:37:6b:2c:ec:2b:c6:21:a0:cd:51:ee:3e:ac:35:
87:ef:d7:cc:51:de:55:09:69:f0:bf:25:ab:48:5b:97:76:71:
2d:65:5c:86:f5:73:91:f7:04:d9:23:ea:a3:f2:62:3a:17:35:
a8:c4:78:34:c9:b8:96:bb:d8:4f:1a:9f:f6:0c:4a:54:7b:02:
97:52:d7:ff:14:03:9e:bf:91:56:d7:b7:4d:9b:45:f2:46:6e:
bf:b0:3d:09:7d:82:55:b1:27:be:64:85:f3:36:d1:c3:8c:4f:
d1:f0:8d:bb:66:08:a8:c3:e8:a4:1f:cb:c2:22:a1:69:6e:5f:
8e:9a:5c:4e:3f:30:4c:a9:04:57:ec:5d:73:da:91:2e:c2:41:
ee:b4:d1:64:21:9a:50:7c:4c:ff:14:82:88:75:56:24:51:1f:
c7:5f:c3:db:ac:9d:f0:00:8e:3f:13:6a:91:11:70:08:e7:c9:
d5:03:5a:ae:de:50:af:ae:5b:0d:e1:27:64:e4:0c:64:dd:df:
4d:b8:67:b7:99:9a:30:80:4a:1d:91:fb:bf:ad:53:e3:1a:72:
97:4f:a7:84:6e:48:92:65:2a:2a:ac:32:1a:99:9e:ce:47:8f:
e3:10:df:11:03:3a:bf:fd:ad:86:d8:bb:1c:6f:de:e9:d9:73:
fd:c3:fc:00
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZEdN9h5RmqHvji1UHIrN67VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwODA0MTE0ODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTczNDU4MTIwZmY5Y2UyMTU0OTYxYzZmZWI2ZDQ1MTU0MGM1NGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nBePaF+TObVZhtu34FO7eHjXbvO
khmsfFGFKe45zRQSrypjZ/qZ4yq26RTmk35TTMRuPwWnniUaxYPd0AsWeWZqJkzX
vLjytoBa1IAf4gWunVDoViWPYKoqfZzexNGsogqNxNA1cwkGCfbSo8WtJgE7YAIj
aJXlmpsXsxHT6xZUQxviI20/kEumzD1QNvvtrBVxSwRTpvFdizpVWPZpWF1aL1tp
FP0dGRq1loZGgts/ZS/crs9MWPeO+7ASyZUvDEOEnVOOlbFpJa/UP7rZ5fWivn0f
8TYdi/vhExWNDIoKlv3wOsmrLphZPjCuoIAZFFXzWY+QCenVhCGzBq87/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG5zRYEg/5ziFUlhxv621FFUDFSvMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvYm5ORmdTRF9uT0lWU1dIR19yYlVVVlFNVks4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgotBbw0
AwcAKhLswAJxMA0GCSqGSIb3DQEBCwUAA4IBAQALQaveN2ss7CvGIaDNUe4+rDWH
79fMUd5VCWnwvyWrSFuXdnEtZVyG9XOR9wTZI+qj8mI6FzWoxHg0ybiWu9hPGp/2
DEpUewKXUtf/FAOev5FW17dNm0XyRm6/sD0JfYJVsSe+ZIXzNtHDjE/R8I27Zgio
w+ikH8vCIqFpbl+OmlxOPzBMqQRX7F1z2pEuwkHutNFkIZpQfEz/FIKIdVYkUR/H
X8PbrJ3wAI4/E2qREXAI58nVA1qu3lCvrlsN4Sdk5Axk3d9NuGe3mZowgEodkfu/
rVPjGnKXT6eEbkiSZSoqrDIamZ7OR4/jEN8RAzq//a2G2Lscb97p2XP9w/wA
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:01:25 2025 by rpki-client