Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ebE9d3t0CI9uKsFJ08BA9VXlqvY.roa
File: ebE9d3t0CI9uKsFJ08BA9VXlqvY.roa (raw, json)
Hash identifier: nH84iXEwuvI08IZ/gVxQkGdzi7CNDvRtAgNy32RmLXQ=
Subject key identifier: 79:B1:3D:77:7B:74:08:8F:6E:2A:C1:49:D3:C0:40:F5:55:E5:AA:F6
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0191B3BBEACEB03BFD36FF8B2933A6135D71
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ebE9d3t0CI9uKsFJ08BA9VXlqvY.roa
Signing time: Mon 02 Sep 2024 17:15:22 +0000
ROA not before: Mon 02 Sep 2024 17:15:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 2a06:5280::/29 maxlen: 29
2a0f:e6c5::/32 maxlen: 32
2a13:7d80::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 03 Sep 2024 12:45:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b3:bb:ea:ce:b0:3b:fd:36:ff:8b:29:33:a6:13:5d:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Sep 2 17:15:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=79b13d777b74088f6e2ac149d3c040f555e5aaf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e0:bb:51:8f:ac:67:e3:93:f3:d9:ca:86:98:
1a:50:e7:3e:48:85:cf:00:f0:8f:9d:6d:dd:c8:06:
0b:23:fe:df:b8:f2:7d:14:b6:ed:33:16:e3:a3:12:
fc:ed:fb:1a:63:5a:8b:38:c7:bb:74:6a:6c:d7:4a:
9d:98:5d:1a:74:1c:b6:ec:01:80:3e:61:41:c9:42:
18:8c:5a:ee:31:c1:5b:d8:ff:1a:7a:08:e9:b2:24:
77:37:1e:39:4a:d4:11:7d:2f:1d:36:8a:54:bc:be:
99:3f:7c:67:c8:89:70:b9:a2:0b:51:2b:40:dd:9c:
67:c9:fa:d8:7e:00:73:9a:67:6d:86:5e:7c:fb:2e:
99:a8:0b:3b:f9:a8:04:e8:16:3a:7c:df:99:94:ca:
7c:74:ea:54:12:8b:31:12:f9:e0:76:52:b3:6a:7e:
7a:f8:0d:23:51:61:d4:60:12:f2:74:4f:34:4b:20:
87:d7:f7:06:96:da:dd:d9:7d:b5:0b:ef:c7:4a:ee:
b3:9a:8d:83:23:44:3c:ea:68:18:c2:5f:b0:7b:bf:
5a:5f:fb:d9:f1:fc:97:37:cd:02:50:d6:49:04:f9:
05:70:68:a4:60:36:a8:b2:dc:b9:57:d5:98:c3:b4:
34:57:df:a1:78:9b:35:ae:2c:d6:89:0e:15:0e:74:
ea:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:B1:3D:77:7B:74:08:8F:6E:2A:C1:49:D3:C0:40:F5:55:E5:AA:F6
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ebE9d3t0CI9uKsFJ08BA9VXlqvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:5280::/29
2a0f:e6c5::/32
2a13:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
56:a4:68:b6:09:7e:0f:56:18:1c:e6:72:86:10:70:1c:f6:c5:
8e:68:56:06:5e:8e:f4:2d:40:4c:b6:fe:7c:40:a7:dc:cd:35:
b4:0a:c3:c2:2d:a2:fc:fe:fc:19:04:92:09:f8:d0:57:c8:a6:
73:3a:0e:7d:4f:a8:fe:e7:eb:74:4d:75:f8:07:e6:e0:ac:bc:
ce:3e:d3:b0:a7:6d:26:c8:78:09:3c:3b:38:e1:28:bd:dc:31:
45:2e:2e:7b:c5:cd:a3:59:4f:c6:c9:0d:88:cd:29:58:e6:02:
d8:62:6b:b7:7f:d1:a4:93:09:e4:cd:e0:b6:fd:9d:0d:e7:e2:
62:0a:e2:07:10:2f:13:a2:95:2f:b1:ea:9f:95:78:24:38:67:
1e:de:73:d4:87:ee:9c:4c:2a:fa:12:0e:dc:c3:0f:22:4c:c4:
39:fc:42:6c:58:80:7d:e8:76:64:c7:0d:21:48:a0:4c:23:ec:
79:61:41:05:f0:44:bf:cf:65:f6:9f:17:03:5c:52:9a:92:d8:
8e:e2:aa:25:de:da:93:44:36:07:9d:5b:83:7b:3f:d0:65:03:
13:f8:03:2a:2a:03:51:90:a5:20:c9:91:e8:8c:67:3e:ff:89:
b1:d6:b4:d9:e0:7d:eb:2d:27:0a:71:df:fb:c0:6e:b4:60:80:
e3:32:4e:6a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZGzu+rOsDv9Nv+LKTOmE11xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwOTAyMTcxNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWIxM2Q3NzdiNzQwODhmNmUyYWMxNDlkM2MwNDBmNTU1ZTVhYWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouC7UY+sZ+OT89nKhpgaUOc+SIXP
APCPnW3dyAYLI/7fuPJ9FLbtMxbjoxL87fsaY1qLOMe7dGps10qdmF0adBy27AGA
PmFByUIYjFruMcFb2P8aegjpsiR3Nx45StQRfS8dNopUvL6ZP3xnyIlwuaILUStA
3ZxnyfrYfgBzmmdthl58+y6ZqAs7+agE6BY6fN+ZlMp8dOpUEosxEvngdlKzan56
+A0jUWHUYBLydE80SyCH1/cGltrd2X21C+/HSu6zmo2DI0Q86mgYwl+we79aX/vZ
8fyXN80CUNZJBPkFcGikYDaosty5V9WYw7Q0V9+heJs1rizWiQ4VDnTqJwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHmxPXd7dAiPbirBSdPAQPVV5ar2MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvZWJFOWQzdDBDSTl1S3NGSjA4QkE5VlhscXZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgZSgAMF
ACoP5sUDBQMqE32AMA0GCSqGSIb3DQEBCwUAA4IBAQBWpGi2CX4PVhgc5nKGEHAc
9sWOaFYGXo70LUBMtv58QKfczTW0CsPCLaL8/vwZBJIJ+NBXyKZzOg59T6j+5+t0
TXX4B+bgrLzOPtOwp20myHgJPDs44Si93DFFLi57xc2jWU/GyQ2IzSlY5gLYYmu3
f9GkkwnkzeC2/Z0N5+JiCuIHEC8TopUvseqflXgkOGce3nPUh+6cTCr6Eg7cww8i
TMQ5/EJsWIB96HZkxw0hSKBMI+x5YUEF8ES/z2X2nxcDXFKaktiO4qol3tqTRDYH
nVuDez/QZQMT+AMqKgNRkKUgyZHojGc+/4mx1rTZ4H3rLScKcd/7wG60YIDjMk5q
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:19:19 2025 by rpki-client