Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/im0lDZKsorVcOI0BDrjgZtZEhFE.roa
File: im0lDZKsorVcOI0BDrjgZtZEhFE.roa (raw, json)
Hash identifier: Rl+iiiGcSZ2Xr75Ve8+s6g7ifhW2EAgUUQYS/tsT2BM=
Subject key identifier: 8A:6D:25:0D:92:AC:A2:B5:5C:38:8D:01:0E:B8:E0:66:D6:44:84:51
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018EB799806729A0724C0938105B6480FB36
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/im0lDZKsorVcOI0BDrjgZtZEhFE.roa
Signing time: Sun 07 Apr 2024 08:07:54 +0000
ROA not before: Sun 07 Apr 2024 08:07:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 2a0c:7884::/32 maxlen: 32
2a0e:1a84::/32 maxlen: 32
2a0f:7d00:1::/48 maxlen: 48
2a0f:7d01::/32 maxlen: 32
2a0f:7d04:1::/48 maxlen: 48
2a0f:ea00::/29 maxlen: 29
2a12:ac44:1::/48 maxlen: 48
2a13:2b40::/29 maxlen: 32
Validation: Failed, certificate revoked on Fri 12 Apr 2024 09:49:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b7:99:80:67:29:a0:72:4c:09:38:10:5b:64:80:fb:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 7 08:07:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a6d250d92aca2b55c388d010eb8e066d6448451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:57:03:fe:27:d7:1a:ed:92:a0:62:a5:cf:22:
21:1a:53:5a:84:87:4f:dc:fc:c0:4c:92:28:92:a8:
dc:6a:ae:66:d6:5f:54:45:18:3a:0f:87:7c:f4:32:
37:70:14:6e:86:fe:00:61:e3:e4:23:cc:22:db:be:
2e:2c:4f:8c:9a:a5:ca:8c:05:f6:14:9a:c9:d8:86:
93:49:96:80:41:75:00:00:48:0e:3b:f2:97:8c:bf:
ed:0d:d1:da:58:a7:f4:22:47:cf:20:be:ac:cc:cd:
dc:8f:85:85:4e:b0:0f:5b:c9:6f:0f:de:8c:74:c3:
28:b9:90:47:ab:b4:ed:f7:53:fc:7b:a5:9d:f4:ac:
6a:c1:f7:89:c6:4a:2a:7d:f9:fa:9c:7e:2e:f8:b4:
fc:fc:7c:6e:9a:5f:ba:1d:1c:70:99:27:38:23:73:
d3:8a:6f:b8:b9:fb:03:cb:c6:72:4d:c0:c2:fb:ca:
a2:39:5e:69:ab:67:a0:71:c9:6f:b1:27:ec:15:c4:
3d:cf:2f:2b:79:6b:7a:f5:1f:f3:98:78:58:a6:93:
88:37:af:e0:40:9c:b6:45:bb:78:4a:35:9f:62:0b:
bc:87:39:a4:8f:c0:e7:68:f9:fb:52:21:d0:bf:5e:
86:67:11:a0:22:35:f6:e1:74:0b:40:b2:d2:a5:be:
fc:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:6D:25:0D:92:AC:A2:B5:5C:38:8D:01:0E:B8:E0:66:D6:44:84:51
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/im0lDZKsorVcOI0BDrjgZtZEhFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:7884::/32
2a0e:1a84::/32
2a0f:7d00:1::/48
2a0f:7d01::/32
2a0f:7d04:1::/48
2a0f:ea00::/29
2a12:ac44:1::/48
2a13:2b40::/29
Signature Algorithm: sha256WithRSAEncryption
3a:74:02:e0:81:4c:f8:83:3f:b2:b5:5e:ee:00:eb:fa:ce:cc:
b3:8e:9e:98:aa:95:1b:41:76:94:ad:f8:9e:45:eb:be:0c:b7:
96:8f:90:98:01:21:38:48:52:2e:f0:c3:ac:6e:07:67:52:27:
e0:36:57:7a:f8:c8:2f:92:45:74:85:cc:53:6c:e4:b3:e4:9d:
ef:d7:e1:ec:f2:d7:8d:63:d6:85:e8:c5:3d:4d:50:60:90:92:
cf:f3:0e:db:70:c3:54:90:2a:19:b7:8b:dd:c2:8b:73:52:22:
e2:4d:6c:db:a5:9d:2a:d1:97:56:3f:16:b4:02:71:6c:5f:d5:
ac:7e:47:35:26:97:a3:e3:1d:eb:2a:aa:60:c2:23:fd:c9:03:
3e:6d:19:41:30:25:4d:0d:19:e6:da:c4:14:04:69:7c:86:43:
04:e8:5b:9c:63:7d:95:40:6b:32:6c:e8:a8:70:10:56:48:55:
de:5a:8f:5a:33:50:4b:82:20:57:83:e9:e7:0d:70:9c:7c:a4:
86:9c:f8:73:e2:87:d0:e9:98:3b:00:ba:5f:bc:67:8e:c1:3b:
a9:3c:76:e7:e5:0f:a2:a9:07:10:51:41:b8:a1:e3:24:2f:a8:
40:96:76:81:14:35:29:d2:45:8c:7d:1b:79:44:04:4f:76:57:
56:1e:21:f8
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAY63mYBnKaByTAk4EFtkgPs2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNDA3MDgwNzU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTZkMjUwZDkyYWNhMmI1NWMzODhkMDEwZWI4ZTA2NmQ2NDQ4NDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFcD/ifXGu2SoGKlzyIhGlNahIdP
3PzATJIokqjcaq5m1l9URRg6D4d89DI3cBRuhv4AYePkI8wi274uLE+MmqXKjAX2
FJrJ2IaTSZaAQXUAAEgOO/KXjL/tDdHaWKf0IkfPIL6szM3cj4WFTrAPW8lvD96M
dMMouZBHq7Tt91P8e6Wd9KxqwfeJxkoqffn6nH4u+LT8/Hxuml+6HRxwmSc4I3PT
im+4ufsDy8ZyTcDC+8qiOV5pq2egcclvsSfsFcQ9zy8reWt69R/zmHhYppOIN6/g
QJy2Rbt4SjWfYgu8hzmkj8DnaPn7UiHQv16GZxGgIjX24XQLQLLSpb780QIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFIptJQ2SrKK1XDiNAQ644GbWRIRRMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvaW0wbERaS3NvclZjT0kwQkRyamdadFpFaEZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAAjA+AwUAKgx4hAMF
ACoOGoQDBwAqD30AAAEDBQAqD30BAwcAKg99BAABAwUDKg/qAAMHACoSrEQAAQMF
AyoTK0AwDQYJKoZIhvcNAQELBQADggEBADp0AuCBTPiDP7K1Xu4A6/rOzLOOnpiq
lRtBdpSt+J5F674Mt5aPkJgBIThIUi7ww6xuB2dSJ+A2V3r4yC+SRXSFzFNs5LPk
ne/X4ezy141j1oXoxT1NUGCQks/zDttww1SQKhm3i93Ci3NSIuJNbNulnSrRl1Y/
FrQCcWxf1ax+RzUml6PjHesqqmDCI/3JAz5tGUEwJU0NGebaxBQEaXyGQwToW5xj
fZVAazJs6KhwEFZIVd5aj1ozUEuCIFeD6ecNcJx8pIac+HPih9DpmDsAul+8Z47B
O6k8duflD6KpBxBRQbih4yQvqECWdoEUNSnSRYx9G3lEBE92V1YeIfg=
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:07:11 2025 by rpki-client