Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/jzOXa0qekRGhhcOQivmdNOD0B_k.roa
File: jzOXa0qekRGhhcOQivmdNOD0B_k.roa (raw, json)
Hash identifier: fkbLzWY/tA3P6znwK5AKKPG1c4J4aMvmhQ5LLLpuT6A=
Subject key identifier: 8F:33:97:6B:4A:9E:91:11:A1:85:C3:90:8A:F9:9D:34:E0:F4:07:F9
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018DA6C19943D6E349313732B0E5C9343FC9
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/jzOXa0qekRGhhcOQivmdNOD0B_k.roa
Signing time: Wed 14 Feb 2024 08:35:21 +0000
ROA not before: Wed 14 Feb 2024 08:35:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 2a0c:7884::/32 maxlen: 32
2a0f:7d00:1::/48 maxlen: 48
2a0f:ea00::/29 maxlen: 29
2a12:ac44:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 02 Mar 2024 11:18:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a6:c1:99:43:d6:e3:49:31:37:32:b0:e5:c9:34:3f:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 14 08:35:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f33976b4a9e9111a185c3908af99d34e0f407f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:7d:24:b6:59:41:4b:24:a0:0d:87:30:e1:8d:
23:9b:68:01:92:33:76:a6:92:bf:f3:07:2e:f4:2f:
4e:ae:d2:53:1f:2e:e1:ba:03:75:5f:02:4d:c1:ff:
ac:e1:24:82:a0:e8:ab:af:1a:83:48:df:3e:46:8d:
9d:a6:7d:ad:70:ef:d9:db:21:b5:17:73:47:4f:be:
0f:03:fc:88:af:60:33:ff:b5:94:d3:0b:17:53:c9:
57:45:12:9e:1b:52:e1:e6:e5:fa:ed:84:dc:b0:fb:
b0:5f:52:4f:1d:b7:2b:22:22:bc:07:65:f7:26:1f:
f9:4a:30:f9:e4:05:cd:73:d5:83:12:82:ff:9f:37:
87:1e:a9:9a:9f:2f:6f:8d:36:51:a1:99:e1:30:3e:
8d:b3:89:ef:aa:ab:75:00:d4:eb:c7:f6:9d:8e:b8:
9b:b1:fa:27:10:fd:d7:e4:f3:4f:d4:7f:01:3c:fa:
cc:4a:fb:47:0a:b2:60:a7:20:0c:4b:d6:fb:f8:a7:
1d:bf:4e:67:d7:63:3a:6d:ef:bd:a8:36:fd:7c:08:
68:26:1f:0e:fb:4b:3a:6c:7d:f4:fb:bd:c8:20:6d:
24:57:87:a0:8b:3b:e6:a6:50:94:f3:1e:e9:f5:dd:
42:04:49:c7:d1:68:39:0d:0c:65:8f:2d:8f:19:ea:
9d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:33:97:6B:4A:9E:91:11:A1:85:C3:90:8A:F9:9D:34:E0:F4:07:F9
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/jzOXa0qekRGhhcOQivmdNOD0B_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:7884::/32
2a0f:7d00:1::/48
2a0f:ea00::/29
2a12:ac44:1::/48
Signature Algorithm: sha256WithRSAEncryption
05:32:4c:5a:ff:06:c8:f7:e5:d6:84:61:b8:41:a9:0d:20:b3:
a8:61:61:29:37:11:a9:c7:db:f6:c1:d6:37:05:63:c2:76:50:
7e:2e:cb:e3:e7:e3:7e:bb:aa:45:55:36:bd:a5:10:a8:ed:6a:
8a:63:c4:2e:68:eb:28:8f:ff:ab:45:b8:e3:81:4a:54:c3:7b:
79:ce:b6:b4:df:28:ed:7e:48:46:7e:ca:18:75:e2:ec:e9:f4:
50:03:80:2a:c9:d3:9b:a5:e0:e5:fe:39:46:59:45:2a:43:60:
eb:eb:73:7e:38:0f:07:da:68:92:4b:ab:e7:96:3b:ff:5c:a2:
7e:e6:40:44:a3:02:1c:0d:38:d0:62:45:e6:a3:cc:ad:36:ed:
f0:3f:f8:e8:76:8d:23:9e:59:fe:e1:23:5d:a0:59:3c:48:28:
68:2d:0b:cd:5a:9c:ea:cb:f1:11:69:e5:c4:75:ed:b2:a0:3c:
3a:53:bb:91:6a:e5:0d:5f:df:f6:f5:74:f6:a1:aa:49:25:1d:
12:35:27:e3:1d:d8:6a:3d:0d:2f:e0:fd:5b:0f:e9:ca:29:28:
17:8f:0b:c7:c0:d4:66:83:58:91:e6:a1:f5:0c:d6:5d:02:0a:
ad:e9:f9:70:3d:e5:ce:0b:f2:eb:54:69:a4:ee:5e:4f:b5:47:
39:e7:8a:36
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY2mwZlD1uNJMTcysOXJND/JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMjE0MDgzNTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjMzOTc2YjRhOWU5MTExYTE4NWMzOTA4YWY5OWQzNGUwZjQwN2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiX0ktllBSySgDYcw4Y0jm2gBkjN2
ppK/8wcu9C9OrtJTHy7hugN1XwJNwf+s4SSCoOirrxqDSN8+Ro2dpn2tcO/Z2yG1
F3NHT74PA/yIr2Az/7WU0wsXU8lXRRKeG1Lh5uX67YTcsPuwX1JPHbcrIiK8B2X3
Jh/5SjD55AXNc9WDEoL/nzeHHqmany9vjTZRoZnhMD6Ns4nvqqt1ANTrx/adjrib
sfonEP3X5PNP1H8BPPrMSvtHCrJgpyAMS9b7+Kcdv05n12M6be+9qDb9fAhoJh8O
+0s6bH30+73IIG0kV4egizvmplCU8x7p9d1CBEnH0Wg5DQxljy2PGeqd7wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFI8zl2tKnpERoYXDkIr5nTTg9Af5MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvanpPWGEwcWVrUkdoaGNPUWl2bWROT0QwQl9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAAjAgAwUAKgx4hAMH
ACoPfQAAAQMFAyoP6gADBwAqEqxEAAEwDQYJKoZIhvcNAQELBQADggEBAAUyTFr/
Bsj35daEYbhBqQ0gs6hhYSk3EanH2/bB1jcFY8J2UH4uy+Pn4367qkVVNr2lEKjt
aopjxC5o6yiP/6tFuOOBSlTDe3nOtrTfKO1+SEZ+yhh14uzp9FADgCrJ05ul4OX+
OUZZRSpDYOvrc344DwfaaJJLq+eWO/9con7mQESjAhwNONBiReajzK027fA/+Oh2
jSOeWf7hI12gWTxIKGgtC81anOrL8RFp5cR17bKgPDpTu5Fq5Q1f3/b1dPahqkkl
HRI1J+Md2Go9DS/g/VsP6copKBePC8fA1GaDWJHmofUM1l0CCq3p+XA95c4L8utU
aaTuXk+1RznnijY=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:00:49 2025 by rpki-client