Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/kkaL6JDAsj7alv-n-AxorhlMNus.roa
File: kkaL6JDAsj7alv-n-AxorhlMNus.roa (raw, json)
Hash identifier: thEqx4tWmZUmpT5IvS3EjnUWVa+bL4sjW9f4CBDI2ZI=
Subject key identifier: 92:46:8B:E8:90:C0:B2:3E:DA:96:FF:A7:F8:0C:68:AE:19:4C:36:EB
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018F779BBC655EAC7F677470BF71C6EB4BD9
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/kkaL6JDAsj7alv-n-AxorhlMNus.roa
Signing time: Tue 14 May 2024 14:57:26 +0000
ROA not before: Tue 14 May 2024 14:57:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212027
IP address blocks: 2a09:17c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 11 Jun 2024 12:36:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:77:9b:bc:65:5e:ac:7f:67:74:70:bf:71:c6:eb:4b:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 14 14:57:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92468be890c0b23eda96ffa7f80c68ae194c36eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:45:dd:b2:04:39:68:49:1c:d4:37:7d:10:f5:
f1:cf:82:32:9e:50:9b:c8:6f:e7:5f:a2:c3:2c:3a:
94:7e:85:f5:0a:50:d1:17:db:1e:74:9a:5b:72:5b:
c2:2e:a2:55:12:c6:aa:05:09:7a:9f:ee:0a:7d:4b:
14:b5:70:4d:8c:39:40:bf:62:78:a0:c8:37:da:a5:
52:88:00:54:c2:f8:e0:4e:0a:57:15:5e:2b:09:47:
eb:77:a8:17:17:26:fa:8b:45:f2:97:cc:67:83:f1:
86:97:d6:db:48:56:b0:01:fa:66:b3:e9:95:e0:4c:
3a:d5:18:4c:17:d7:d0:1b:ad:af:76:f0:ae:7d:a4:
fe:e1:2e:e8:34:fe:df:cf:19:9c:c2:90:b5:fa:f2:
67:5c:48:76:5b:32:1d:a8:76:1e:53:61:b5:2e:59:
5b:fd:29:0a:3e:67:78:5f:fb:29:e3:d7:14:4d:b0:
b7:de:46:a5:dd:66:de:f6:09:53:81:0d:c7:76:49:
bc:9d:88:31:9d:6e:49:a8:de:8f:4e:57:e9:84:6e:
9f:d7:1e:aa:42:c5:78:e1:ef:9d:c2:df:ce:60:3b:
c1:c0:f9:93:c8:3d:d9:90:bc:b7:16:eb:2d:56:ed:
50:77:ab:d3:f0:5c:ab:2d:cb:3f:9e:c2:f5:bb:70:
99:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:46:8B:E8:90:C0:B2:3E:DA:96:FF:A7:F8:0C:68:AE:19:4C:36:EB
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/kkaL6JDAsj7alv-n-AxorhlMNus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:17c0::/48
Signature Algorithm: sha256WithRSAEncryption
a8:e1:7e:63:92:b7:31:f4:e7:94:d3:fb:84:a4:71:d8:c2:b9:
58:93:8e:50:15:51:bb:e9:cf:72:77:30:c9:ee:98:43:95:2d:
c9:f8:a0:bc:91:0e:0d:95:29:16:ec:f1:c0:78:87:09:e9:33:
7b:dd:45:6d:10:ed:cb:b2:9a:27:4e:4f:62:00:5a:f6:5f:cb:
e6:a0:b0:1c:c4:7c:94:60:2c:1a:7f:b5:7f:da:d7:8d:ed:26:
a3:57:35:bb:7e:9a:56:09:25:9a:32:42:bf:c8:9e:ba:d2:27:
b5:c6:09:b0:38:6f:3e:0d:35:8f:8c:75:10:ed:3c:51:84:4e:
5e:4b:64:1d:6c:50:b5:e6:8e:19:8a:ee:37:5d:da:10:49:7a:
c6:b6:01:da:99:e2:d4:a6:6e:c8:ca:ec:ef:35:30:a8:ef:6b:
51:07:70:bd:9b:a5:3c:d2:eb:52:87:cd:5a:63:c4:be:d8:79:
69:21:e4:6f:73:55:8b:11:90:de:7b:bb:bc:f3:69:a4:f3:60:
44:67:46:df:84:df:2b:dd:a1:60:d5:d0:96:f9:82:b9:d5:8f:
cb:f0:db:6a:30:4f:72:2d:c2:46:40:29:46:48:52:67:b7:6f:
f1:69:da:7c:93:1c:36:10:bf:86:3d:93:09:55:ae:72:2e:32:
91:07:92:37
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY93m7xlXqx/Z3Rwv3HG60vZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNTE0MTQ1NzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjQ2OGJlODkwYzBiMjNlZGE5NmZmYTdmODBjNjhhZTE5NGMzNmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0XdsgQ5aEkc1Dd9EPXxz4IynlCb
yG/nX6LDLDqUfoX1ClDRF9sedJpbclvCLqJVEsaqBQl6n+4KfUsUtXBNjDlAv2J4
oMg32qVSiABUwvjgTgpXFV4rCUfrd6gXFyb6i0Xyl8xng/GGl9bbSFawAfpms+mV
4Ew61RhMF9fQG62vdvCufaT+4S7oNP7fzxmcwpC1+vJnXEh2WzIdqHYeU2G1Lllb
/SkKPmd4X/sp49cUTbC33kal3Wbe9glTgQ3Hdkm8nYgxnW5JqN6PTlfphG6f1x6q
QsV44e+dwt/OYDvBwPmTyD3ZkLy3FustVu1Qd6vT8FyrLcs/nsL1u3CZXQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJJGi+iQwLI+2pb/p/gMaK4ZTDbrMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEva2thTDZKREFzajdhbHYtbi1BeG9yaGxNTnVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgkXwAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCo4X5jkrcx9OeU0/uEpHHYwrlYk45QFVG76c9y
dzDJ7phDlS3J+KC8kQ4NlSkW7PHAeIcJ6TN73UVtEO3LsponTk9iAFr2X8vmoLAc
xHyUYCwaf7V/2teN7SajVzW7fppWCSWaMkK/yJ660ie1xgmwOG8+DTWPjHUQ7TxR
hE5eS2QdbFC15o4Ziu43XdoQSXrGtgHameLUpm7IyuzvNTCo72tRB3C9m6U80utS
h81aY8S+2HlpIeRvc1WLEZDee7u882mk82BEZ0bfhN8r3aFg1dCW+YK51Y/L8Ntq
ME9yLcJGQClGSFJnt2/xadp8kxw2EL+GPZMJVa5yLjKRB5I3
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:13:27 2025 by rpki-client