Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/kfXvnqnJUturqsuET6DG3jc14DU.roa
File: kfXvnqnJUturqsuET6DG3jc14DU.roa (raw, json)
Hash identifier: yPy5Rc+zXEbdIitC49Ih6AmXlM1MwWfGCBh+0kflriU=
Subject key identifier: 91:F5:EF:9E:A9:C9:52:DB:AB:AA:CB:84:4F:A0:C6:DE:37:35:E0:35
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0191A257B63D9E0FD145C992F519A864197B
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/kfXvnqnJUturqsuET6DG3jc14DU.roa
Signing time: Fri 30 Aug 2024 08:12:22 +0000
ROA not before: Fri 30 Aug 2024 08:12:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 2a0f:e6c5::/32 maxlen: 32
2a13:7d80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 02 Sep 2024 17:15:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a2:57:b6:3d:9e:0f:d1:45:c9:92:f5:19:a8:64:19:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 30 08:12:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91f5ef9ea9c952dbabaacb844fa0c6de3735e035
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f2:03:e0:7c:a8:f7:66:1e:23:6f:09:75:2b:
28:d7:a9:be:47:bb:12:10:b7:6a:bf:c7:f7:8d:d8:
93:1c:47:f4:27:2a:22:a6:b6:6f:99:55:70:85:ab:
76:82:31:70:46:bf:27:e8:80:93:b8:73:e7:17:dd:
86:f1:90:0c:80:38:38:0a:ce:b9:1e:9e:fd:dd:ad:
d0:07:82:44:b8:30:bc:f9:8f:77:44:ca:bf:fa:65:
84:29:46:21:17:6c:c3:1f:ac:61:ae:13:52:ad:b7:
0f:fa:ff:ec:e6:c2:e2:dc:20:23:63:c5:f0:9f:1d:
c0:6d:31:0a:f6:a6:da:4c:f8:ca:98:cd:74:4a:14:
fa:69:cc:cc:45:fc:68:b7:61:71:05:9f:46:5c:72:
ab:f0:19:cb:6c:fe:09:d8:23:d1:af:95:fd:d9:be:
bb:7c:72:d4:1f:36:83:5b:41:e6:bf:49:55:cc:fc:
73:ab:37:ba:40:79:c5:19:8a:b3:2d:51:18:9f:59:
9f:68:39:74:5a:13:f5:44:a1:e2:c5:0d:8f:0f:56:
c8:22:f0:3a:22:aa:20:d2:85:53:50:04:15:cb:a1:
bf:ec:74:df:80:c1:bf:f3:3a:a0:2e:ba:a8:37:d0:
c8:14:6f:ee:7a:0f:99:15:35:6a:22:de:94:9c:2b:
2b:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:F5:EF:9E:A9:C9:52:DB:AB:AA:CB:84:4F:A0:C6:DE:37:35:E0:35
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/kfXvnqnJUturqsuET6DG3jc14DU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e6c5::/32
2a13:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
6f:64:d4:58:ff:7e:e4:e2:d3:6e:5c:b4:02:fa:9c:08:07:81:
93:5c:22:b9:d1:90:fb:7c:f3:a4:1f:7a:14:a6:b5:af:6c:8b:
95:0b:9a:e1:43:30:d4:d9:51:fa:59:d6:36:a0:e7:5d:a1:42:
a6:89:be:4a:c5:a8:07:bb:27:36:3b:d0:0e:e3:75:02:8f:24:
83:13:fd:8c:d8:4a:2f:ad:7c:c7:15:ce:7a:4a:73:7b:46:a0:
ac:31:2c:ec:92:92:13:b6:9a:08:55:7d:55:1d:df:38:bf:9c:
0b:b5:e2:58:63:98:86:94:6f:b9:74:c6:db:c0:53:85:cb:ac:
22:e7:4c:74:35:8a:b0:50:63:2e:c5:fb:35:1c:38:00:38:c2:
dc:db:49:4d:75:39:f4:ff:a7:53:12:b2:4d:bd:05:9c:ec:ef:
b3:bb:6d:c1:72:29:16:e8:22:8c:64:ed:fe:ac:12:c6:68:fd:
b3:b6:f8:c8:a2:ce:ab:ad:cf:ec:74:8d:8a:11:e9:cd:70:29:
b8:15:08:57:8f:ba:77:68:60:ca:42:6e:c9:7d:4b:50:0b:7a:
55:80:51:4e:ba:8e:bd:e1:1a:9b:ee:9c:73:be:9a:7e:a9:b7:
f3:e0:19:a6:c5:f3:ed:3b:05:f7:52:ce:4d:f4:f3:78:28:b8:
39:30:b4:65
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZGiV7Y9ng/RRcmS9RmoZBl7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwODMwMDgxMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWY1ZWY5ZWE5Yzk1MmRiYWJhYWNiODQ0ZmEwYzZkZTM3MzVlMDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvID4Hyo92YeI28JdSso16m+R7sS
ELdqv8f3jdiTHEf0JyoiprZvmVVwhat2gjFwRr8n6ICTuHPnF92G8ZAMgDg4Cs65
Hp793a3QB4JEuDC8+Y93RMq/+mWEKUYhF2zDH6xhrhNSrbcP+v/s5sLi3CAjY8Xw
nx3AbTEK9qbaTPjKmM10ShT6aczMRfxot2FxBZ9GXHKr8BnLbP4J2CPRr5X92b67
fHLUHzaDW0Hmv0lVzPxzqze6QHnFGYqzLVEYn1mfaDl0WhP1RKHixQ2PD1bIIvA6
Iqog0oVTUAQVy6G/7HTfgMG/8zqgLrqoN9DIFG/ueg+ZFTVqIt6UnCsrPwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJH1756pyVLbq6rLhE+gxt43NeA1MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEva2ZYdm5xbkpVdHVycXN1RVQ2REczamMxNERVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg/mxQMF
AyoTfYAwDQYJKoZIhvcNAQELBQADggEBAG9k1Fj/fuTi025ctAL6nAgHgZNcIrnR
kPt886QfehSmta9si5ULmuFDMNTZUfpZ1jag512hQqaJvkrFqAe7JzY70A7jdQKP
JIMT/YzYSi+tfMcVznpKc3tGoKwxLOySkhO2mghVfVUd3zi/nAu14lhjmIaUb7l0
xtvAU4XLrCLnTHQ1irBQYy7F+zUcOAA4wtzbSU11OfT/p1MSsk29BZzs77O7bcFy
KRboIoxk7f6sEsZo/bO2+Miizqutz+x0jYoR6c1wKbgVCFePundoYMpCbsl9S1AL
elWAUU66jr3hGpvunHO+mn6pt/PgGabF8+07BfdSzk3083gouDkwtGU=
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:01:25 2025 by rpki-client