Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/dtCuh46bIIfPTnkoSmBaOKPaDjk.roa
File: dtCuh46bIIfPTnkoSmBaOKPaDjk.roa (raw, json)
Hash identifier: bzDNSxPesr/08bDGDI2FNa5D4HZL93SRAf7UNVNDxog=
Subject key identifier: 76:D0:AE:87:8E:9B:20:87:CF:4E:79:28:4A:60:5A:38:A3:DA:0E:39
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01919E9CD0D7E4AD18650831BE0AEA9E80B7
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/dtCuh46bIIfPTnkoSmBaOKPaDjk.roa
Signing time: Thu 29 Aug 2024 14:49:22 +0000
ROA not before: Thu 29 Aug 2024 14:49:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214466
IP address blocks: 2a0a:2d05:bc34::/48 maxlen: 48
2a0a:2d06:66::/48 maxlen: 48
2a0f:1203::/32 maxlen: 32
2a0f:ee00::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 30 Aug 2024 06:46:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9e:9c:d0:d7:e4:ad:18:65:08:31:be:0a:ea:9e:80:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 29 14:49:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76d0ae878e9b2087cf4e79284a605a38a3da0e39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e9:d6:fc:84:fb:a4:8b:e1:a0:f9:2e:cf:b1:
44:06:e7:6a:ad:35:0c:e4:ca:af:e3:4e:43:16:b0:
0a:96:f7:95:45:34:8f:85:d7:85:33:ca:a6:9c:ed:
e7:df:17:b4:96:3c:5c:4f:f1:71:61:8f:cc:e4:27:
b1:3c:07:56:aa:9b:63:48:5a:4d:8e:54:b7:20:46:
c0:73:b9:f4:03:97:fc:ee:1b:cb:b1:4b:06:ff:dc:
b3:a5:ad:18:60:d7:94:dd:5d:d9:67:86:5b:7f:d9:
49:fa:35:db:4e:06:fb:7f:f9:af:4c:c7:0b:60:0e:
13:97:04:24:75:9c:cb:f1:6c:13:78:ab:54:3c:ea:
d1:01:42:e5:35:32:fe:6d:39:cb:c2:d2:19:ee:dd:
91:bc:1f:61:d2:9d:d8:88:39:a0:12:4c:76:3b:bd:
50:30:c5:36:81:f4:1e:ac:13:50:ba:d5:97:0f:15:
a6:0d:87:77:2f:65:4b:36:79:74:19:8f:fa:e4:f3:
55:b5:3f:17:b0:62:87:4b:cc:80:43:b0:14:54:11:
fe:7f:cb:ac:1c:7a:0b:ad:07:59:07:58:8e:89:e4:
ce:c7:c5:c6:8d:b2:db:42:75:53:21:44:bf:65:cd:
89:2b:ad:38:e5:f8:cf:88:93:62:2c:2a:b7:ce:7b:
2e:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:D0:AE:87:8E:9B:20:87:CF:4E:79:28:4A:60:5A:38:A3:DA:0E:39
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/dtCuh46bIIfPTnkoSmBaOKPaDjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2d05:bc34::/48
2a0a:2d06:66::/48
2a0f:1203::/32
2a0f:ee00::/32
Signature Algorithm: sha256WithRSAEncryption
bb:0b:c3:a3:7a:38:a5:87:b8:0e:41:ef:0d:3f:7f:9c:a3:4f:
41:dc:61:82:0d:35:5e:d5:06:5d:99:02:36:73:b2:1e:fc:bf:
69:5d:60:32:fb:b5:94:a0:a1:31:7e:bf:f8:d7:f4:65:58:e9:
cb:e6:04:57:7c:05:f0:44:ed:55:ea:58:e8:f1:fc:cd:51:7c:
94:17:a7:10:94:8f:9d:57:93:25:c0:43:ab:97:14:1d:d0:74:
c8:75:ad:4a:61:2f:85:d9:99:ce:24:0e:2b:3f:7f:2b:09:2f:
a5:91:d5:57:69:4d:cf:36:26:29:ba:93:bd:c9:7c:4d:15:d1:
44:ca:8b:da:d6:7e:fb:c8:aa:49:05:b8:47:d5:8b:d5:28:6a:
2a:11:67:47:d4:b2:20:7f:fa:69:07:f1:69:8a:d8:04:3f:cd:
4e:a5:27:b0:c6:35:f1:95:33:1e:2f:65:1a:4d:f1:bd:89:d5:
58:01:56:21:fe:27:d9:24:45:6d:78:3d:dc:af:dc:5f:cd:9f:
e2:66:ba:7b:3c:eb:2b:5c:d6:f0:89:dd:0f:2a:8f:59:13:2d:
bb:67:fc:a5:d1:0a:1d:6a:9e:0d:a9:14:bb:70:26:48:d9:65:
e7:f5:54:99:e6:6f:1b:68:5b:d5:39:06:64:0f:df:6a:3d:19:
1a:54:c1:bb
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZGenNDX5K0YZQgxvgrqnoC3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwODI5MTQ0OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmQwYWU4NzhlOWIyMDg3Y2Y0ZTc5Mjg0YTYwNWEzOGEzZGEwZTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnunW/IT7pIvhoPkuz7FEBudqrTUM
5Mqv405DFrAKlveVRTSPhdeFM8qmnO3n3xe0ljxcT/FxYY/M5CexPAdWqptjSFpN
jlS3IEbAc7n0A5f87hvLsUsG/9yzpa0YYNeU3V3ZZ4Zbf9lJ+jXbTgb7f/mvTMcL
YA4TlwQkdZzL8WwTeKtUPOrRAULlNTL+bTnLwtIZ7t2RvB9h0p3YiDmgEkx2O71Q
MMU2gfQerBNQutWXDxWmDYd3L2VLNnl0GY/65PNVtT8XsGKHS8yAQ7AUVBH+f8us
HHoLrQdZB1iOieTOx8XGjbLbQnVTIUS/Zc2JK6045fjPiJNiLCq3znsuJwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFHbQroeOmyCHz055KEpgWjij2g45MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvZHRDdWg0NmJJSWZQVG5rb1NtQmFPS1BhRGprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAAjAgAwcAKgotBbw0
AwcAKgotBgBmAwUAKg8SAwMFACoP7gAwDQYJKoZIhvcNAQELBQADggEBALsLw6N6
OKWHuA5B7w0/f5yjT0HcYYINNV7VBl2ZAjZzsh78v2ldYDL7tZSgoTF+v/jX9GVY
6cvmBFd8BfBE7VXqWOjx/M1RfJQXpxCUj51XkyXAQ6uXFB3QdMh1rUphL4XZmc4k
Dis/fysJL6WR1VdpTc82Jim6k73JfE0V0UTKi9rWfvvIqkkFuEfVi9UoaioRZ0fU
siB/+mkH8WmK2AQ/zU6lJ7DGNfGVMx4vZRpN8b2J1VgBViH+J9kkRW14Pdyv3F/N
n+Jmuns86ytc1vCJ3Q8qj1kTLbtn/KXRCh1qng2pFLtwJkjZZef1VJnmbxtoW9U5
BmQP32o9GRpUwbs=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:01:11 2025 by rpki-client