Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/dDC15aXMJo0U2cEJSmPRR32Z8I0.roa
File: dDC15aXMJo0U2cEJSmPRR32Z8I0.roa (raw, json)
Hash identifier: Mk6WtvlmSTq4fRpCr7ogM+Ss2wFiItDe8p4mKSAcaXQ=
Subject key identifier: 74:30:B5:E5:A5:CC:26:8D:14:D9:C1:09:4A:63:D1:47:7D:99:F0:8D
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018F9C4739EAD24CD177C6DCFD8D61D944B8
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/dDC15aXMJo0U2cEJSmPRR32Z8I0.roa
Signing time: Tue 21 May 2024 17:51:04 +0000
ROA not before: Tue 21 May 2024 17:51:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 2a07:bb40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 22 May 2024 07:17:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9c:47:39:ea:d2:4c:d1:77:c6:dc:fd:8d:61:d9:44:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 21 17:51:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7430b5e5a5cc268d14d9c1094a63d1477d99f08d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:7b:0f:28:12:7f:28:44:4f:4a:89:9c:3e:0f:
cd:6f:4a:72:f4:cd:4f:af:4b:69:f7:e3:30:3b:6b:
eb:e5:00:52:e0:67:9a:b0:42:b2:f4:83:f5:24:aa:
af:94:9b:09:06:1c:a3:72:b1:3f:3b:9e:0f:f8:bc:
63:b5:78:e4:c0:41:70:74:5a:64:1d:99:74:ef:aa:
29:bd:6a:42:7a:20:0e:1a:a8:6e:78:55:ce:b7:06:
a7:05:58:03:29:05:f4:93:fd:e3:21:ce:5d:9b:d7:
27:bf:d3:b5:b0:f0:5c:1f:55:76:8c:bb:0d:a9:cc:
64:94:08:d2:8e:a7:3b:72:70:93:6c:2b:96:62:84:
3f:29:aa:17:ee:74:b7:d8:10:9d:9c:48:7b:e3:54:
4e:1a:cd:dc:c6:6c:ef:70:c5:f1:b1:07:46:64:e7:
b8:9d:a2:7b:8a:b1:d6:5f:17:82:03:4b:90:89:0e:
59:1e:0c:02:9f:ce:be:92:ef:a7:b8:ad:db:60:0b:
3f:6c:4e:d9:46:92:64:66:07:71:41:72:35:80:32:
c3:34:ec:18:46:30:60:5e:6b:7b:2b:00:4b:6e:27:
83:15:eb:68:4d:d8:8a:85:0b:c5:af:0c:c2:db:72:
c4:39:8c:bb:05:15:d4:ea:23:00:98:d2:a1:83:86:
fb:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:30:B5:E5:A5:CC:26:8D:14:D9:C1:09:4A:63:D1:47:7D:99:F0:8D
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/dDC15aXMJo0U2cEJSmPRR32Z8I0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:bb40::/29
Signature Algorithm: sha256WithRSAEncryption
4d:9c:ef:4e:0e:a5:7c:ad:1d:ed:d7:9e:e5:86:c0:eb:3e:1a:
b2:d5:80:09:b4:8f:28:1d:61:ac:10:6d:30:75:c7:bc:90:1b:
fe:d0:02:20:40:18:14:88:58:1e:67:4c:b6:51:dd:b9:f7:7b:
fd:41:e3:12:f0:54:04:9a:40:3b:40:8f:57:f9:5a:7b:08:bf:
02:91:0f:b4:e4:b5:0b:da:36:c6:62:0a:c1:36:90:41:de:ea:
65:8e:d3:42:af:6f:5d:43:49:bb:14:ed:6f:f9:fa:be:45:6a:
2e:94:da:b8:87:82:30:f9:38:24:01:bb:03:02:e3:c9:27:bb:
e7:71:70:91:01:dc:f6:d0:ad:e9:1a:f7:6b:4d:ca:27:6d:6c:
1a:14:57:93:b2:9d:32:e8:e5:9e:5d:ec:66:77:75:53:7e:40:
d9:09:c2:e4:76:65:94:2f:f6:b4:77:7b:2d:62:8a:39:61:3c:
01:2b:73:ea:2f:a1:bc:e6:ff:aa:5d:23:db:e3:a2:08:82:99:
11:c3:ec:2d:8b:6a:7a:08:ff:3b:43:3e:69:cd:61:84:23:2a:
46:64:36:35:e8:60:bd:3e:9b:9f:a1:50:eb:14:01:de:17:24:
e6:a8:b0:fe:69:96:1c:1b:1f:31:ad:3e:71:2d:ec:16:d1:c5:
9c:ed:0d:d7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY+cRznq0kzRd8bc/Y1h2US4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNTIxMTc1MTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDMwYjVlNWE1Y2MyNjhkMTRkOWMxMDk0YTYzZDE0NzdkOTlmMDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunsPKBJ/KERPSomcPg/Nb0py9M1P
r0tp9+MwO2vr5QBS4GeasEKy9IP1JKqvlJsJBhyjcrE/O54P+LxjtXjkwEFwdFpk
HZl076opvWpCeiAOGqhueFXOtwanBVgDKQX0k/3jIc5dm9cnv9O1sPBcH1V2jLsN
qcxklAjSjqc7cnCTbCuWYoQ/KaoX7nS32BCdnEh741ROGs3cxmzvcMXxsQdGZOe4
naJ7irHWXxeCA0uQiQ5ZHgwCn86+ku+nuK3bYAs/bE7ZRpJkZgdxQXI1gDLDNOwY
RjBgXmt7KwBLbieDFetoTdiKhQvFrwzC23LEOYy7BRXU6iMAmNKhg4b7eQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHQwteWlzCaNFNnBCUpj0Ud9mfCNMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvZERDMTVhWE1KbzBVMmNFSlNtUFJSMzJaOEkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKge7QDAN
BgkqhkiG9w0BAQsFAAOCAQEATZzvTg6lfK0d7dee5YbA6z4astWACbSPKB1hrBBt
MHXHvJAb/tACIEAYFIhYHmdMtlHdufd7/UHjEvBUBJpAO0CPV/laewi/ApEPtOS1
C9o2xmIKwTaQQd7qZY7TQq9vXUNJuxTtb/n6vkVqLpTauIeCMPk4JAG7AwLjySe7
53FwkQHc9tCt6Rr3a03KJ21sGhRXk7KdMujlnl3sZnd1U35A2QnC5HZllC/2tHd7
LWKKOWE8AStz6i+hvOb/ql0j2+OiCIKZEcPsLYtqegj/O0M+ac1hhCMqRmQ2Nehg
vT6bn6FQ6xQB3hck5qiw/mmWHBsfMa0+cS3sFtHFnO0N1w==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:01:53 2025 by rpki-client